last executing test programs:

5m16.021832537s ago: executing program 2 (id=482):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a2c000000180a05000000000000000000020001000c00054000000000068d00020900010073797a30"], 0x54}, 0x1, 0x0, 0x0, 0x4048000}, 0x880)

5m15.707403621s ago: executing program 2 (id=485):
r0 = socket(0x18, 0x3, 0x3a)
fchown(r0, 0x0, 0x0)

5m15.442269975s ago: executing program 2 (id=489):
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
accept4(r3, 0x0, 0x0, 0x0)
r4 = fanotify_init(0x8, 0x40000)
fanotify_mark(r4, 0x1, 0x8100011, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8000}}, './file0\x00'})
sendmmsg(0xffffffffffffffff, &(0x7f00000092c0), 0x4ff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r5 = openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$FUSE_INIT(r5, &(0x7f0000002340)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x29, 0xfffffff9, 0x8010000, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x91, 0xfffffffe}}, 0x50)

5m13.931742157s ago: executing program 2 (id=493):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xc002)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
sendfile(r0, r0, 0x0, 0x24002deb)
ioctl$LOOP_CLR_FD(r0, 0x4c01)

5m11.901667126s ago: executing program 2 (id=496):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f0000000080), 0xff, 0x52f, &(0x7f0000001e00)="$eJzs3d9rZFcdAPDvnWSyyW62SdUHLbRWW8kW3ZmksW3woVYQfSqI9X2NySSETDIhM2k3oWj2LxBEVPBJX3wR/AMEWfDFRxEK+qxQUUS3CvqgvTIzd5I4uZPM1tnMZvL5wN17zrk/vufM5ty5Pw53Ariyno2I1yLi/TRNX4iImay8kE1x2J6a67334O2V5pREmr7x1ySSrKyzrySb38g2m4yIr3454hvJ6bj1/YPN5Wq1spvly42tnXJ9/+D2xtbyemW9sr24uPDy0itLLy3ND6SdNyPi1S/+8Xvf/smXXv3FZ976w50/3/pms1rT2fKT7XhI42ctbDe9eG2ya4PdDxjscdRsT7GTmepvm3uPsD4AAPTWPMf/UER8MiJeiJkYO/t0FgAAALiE0s9Px7+TiDTfRI9yAAAA4BIptMbAJoVSNhZgOgqFUqk9hvcjcb1QrdUbn16r7W2vtsfKzkaxsLZRrcxnY4Vno5g08wut9HH+xa78YkQ8GRHfnZlq5UsrterqsG9+AAAAwBVxo+v6/x8z7et/AAAAYMTMDrsCAAAAwCPn+h8AAABGn+t/AAAAGGlfef315pR2fv969c39vc3am7dXK/XN0tbeSmmltrtTWq/V1lvv7Ns6b3/VWm3ns7G9d7fcqNQb5fr+wZ2t2t52485GTF5IgwAAAIBTnvz4/d8lEXH4uanW1DQx7EoBF2L8KJVk85ze//sn2vN3L6hSwIUY62Odd6/llztPgMttvLugR18HRk9x2BUAhi45Z3nPwTu/zuafGGx9AACAwZv7WP7z/0KvDY4WHPZcBbgcdGK4urqe/6czw6oIcOFaz//7HcjjZAFGSrGvEYDAKPu/n/+fK00fqkIAAMDATbempFDKbu9NR6FQKkXcbP0sQDFZ26hW5iPiiYj47UzxWjO/0NoyOfeaAQAAAAAAAAAAAAAAAAAAAAAAAABoS9MkUgAAAGCkRRT+lPyy/S7/uZnnp7vvD0wk/2r9JPBERLz1wze+f3e50dhdaJb/7ai88YOs/MVh3MEAAAAAunWu01vzfw67NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMmvcevL3SmfpYfWpQcf/yhYiYzYs/HpOt+WQUI+L635MYP7FdEhFjA4h/eC8iPpoXP2lW6yhkXvxBfAjnxI/Z7FPIi39jAPHhKrvfPP68ltf/CvFsa57f/8Yj/if/QfU+/sXR8W+sR/+/2WeMp975Wbln/HsRT43nH3868ZMe8Z/rM/7Xv3Zw0GtZ+qOIuc73T+uIdzLCcarc2Nop1/cPbm9sLa9X1ivbi4sLLy+9svTS0nx5baNayf7NjfGdp3/+/lntv577/Zdktend/udz9pf3nfSfd+4++HAnc3g6/q3ncuL/6sfZGqfjF7I4n8rSzeVznfRhO33SMz/9zTNntX/1uP3Fh/n/v9Vrp91OdZSn+/3TAQAegfr+weZytVrZHdlE8yr9MaiGxGOY+NZAd5imadrsUzmL7kdEP/tJYsAtLeTX5zjR8wgw7CMTAAAwaMcn/cOuCQAAAAAAAAAAAAAAAAAAAFxdF/GWte6Yx69ATgbxCm0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIH4bwAAAP//LZfT/A==")
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{}, 0x0, &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f00000001c0)={0x800, 0xffffffffffffffff, 0x4, 0x2, 0x1, 0x0, [{0x3, 0x81, 0x69e, '\x00', 0x1}]})

5m10.778435382s ago: executing program 2 (id=499):
syz_mount_image$ext4(&(0x7f0000000400)='ext2\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000007c0)={[{@oldalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x338525ae7a53062c}}], [{@appraise_type}]}, 0xf7, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCDELRT(r1, 0x891b, &(0x7f0000000c00)={0x0, {0x2, 0x4ea4, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x22}}, 0x20, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x6, 0x8})
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000480)='./bus\x00', 0x2210486, &(0x7f0000000900)=ANY=[], 0x80, 0x356, &(0x7f0000001000)="$eJzs3U9om/UbAPAne9OkG+zXHn4wFIRXb4KWteJBTy2jAzEXleCfgxhcp9LUQYPB7tCsXsSj4En05M2DHjzsLIIi3jx4dYJMxYPuNnD4SpI36Zs/7TohzuLnAwvPnu/z5Pt9m5fmbdJ8+9JqbF6Yi4s3blyP+flSlFfPrcbNUixGEgNXYlJlSg4AOB5uZln8nvUdsaU04yUBADPWe/5/5XQh89aXh9Vnnv0B4NjLf/4/eVjN/EEDl2ayJABgxiZe/39gZLgy+lZ/ufBbAQDAcfXM8y88uVaLeDpN5yO23m7X2/V4fH987WK8Fs3YiLOxELci+hcK3ZtS7/b8E7X1s2maduKnxah3O9r1iK1Ou96/UlhLev3VWI6FWMz786uNLMuS85/V1pfTnoi40unNH1uldn0uTuXzf38qNmIl0vj/eH9EKWrrK2l+B/WtQX8nYi/mY/i+xkYsxUJ8+3JcimZciG7v4LKmtr67nKbnstpIf7te7dX1HfgKCAAAAAAAAAAAAAAAAAAAAAAA/C1L6dDicP+bbH//nqWlKeO9/XH6/fn+QHv9/YGyavZ+lv325sP1d5IY2R9ofH+edr0cJ+7uoQMAAAAAAAAAAAAAAAAAAMC/RmunEo1mc2O7tXN5sxh0tls7JyKim3n960++OBmTNbcJyvkchaE0T13ebGTJoDhLRmryIOlOPsh8fHW44mJNdXgUU5dRPXio2Tx9/48f7GfuSwb3/Od+TRLTDzAZW0Yx2Ppff0l38oUaBiu3qbmWZdlB7bsvTnZFKaJ85w/c4UHWDb66/uo9j7TOPNrLfJ71PfjQwrPX3vvol81Gsztz9B7BynbrVrbZyP8//WQ7OEgK508p+kGpeCaUD2vfG800ku9+fe7ed7852uxZMfPGeM1cDA7w0/GhSj/oLnNs6OS0ueamnPwzCM58uNq4uvvDz0ftKnyTOJH/AwAAAAAAAAAAAAAAAAAAZqrwWfFc/kHfucO6Hntq9isDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH/O/t//LwR7E5mjBH90YnKourHdiqjc7cMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA/7q8AAAD//3mVa80=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x6b1c2, 0x80)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
sendto$inet6(r4, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0xc, &(0x7f0000000080)=0x1edb, 0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000", @ANYRES32=0x0], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
ioctl$BTRFS_IOC_START_SYNC(r6, 0x80089418, &(0x7f0000000300)=<r8=>0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x12, &(0x7f00000003c0)=0x10000, 0x4)
write$cgroup_int(r5, &(0x7f0000000380)=0x5, 0x12)
ioctl$BTRFS_IOC_WAIT_SYNC(r7, 0x40089416, &(0x7f0000000340)=r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
ioctl$PTP_EXTTS_REQUEST(r5, 0x40103d02, &(0x7f0000000440)={0x1ff, 0x5})

4m55.05975758s ago: executing program 32 (id=499):
syz_mount_image$ext4(&(0x7f0000000400)='ext2\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000007c0)={[{@oldalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x338525ae7a53062c}}], [{@appraise_type}]}, 0xf7, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCDELRT(r1, 0x891b, &(0x7f0000000c00)={0x0, {0x2, 0x4ea4, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x22}}, 0x20, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x6, 0x8})
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000480)='./bus\x00', 0x2210486, &(0x7f0000000900)=ANY=[], 0x80, 0x356, &(0x7f0000001000)="$eJzs3U9om/UbAPAne9OkG+zXHn4wFIRXb4KWteJBTy2jAzEXleCfgxhcp9LUQYPB7tCsXsSj4En05M2DHjzsLIIi3jx4dYJMxYPuNnD4SpI36Zs/7TohzuLnAwvPnu/z5Pt9m5fmbdJ8+9JqbF6Yi4s3blyP+flSlFfPrcbNUixGEgNXYlJlSg4AOB5uZln8nvUdsaU04yUBADPWe/5/5XQh89aXh9Vnnv0B4NjLf/4/eVjN/EEDl2ayJABgxiZe/39gZLgy+lZ/ufBbAQDAcfXM8y88uVaLeDpN5yO23m7X2/V4fH987WK8Fs3YiLOxELci+hcK3ZtS7/b8E7X1s2maduKnxah3O9r1iK1Ou96/UlhLev3VWI6FWMz786uNLMuS85/V1pfTnoi40unNH1uldn0uTuXzf38qNmIl0vj/eH9EKWrrK2l+B/WtQX8nYi/mY/i+xkYsxUJ8+3JcimZciG7v4LKmtr67nKbnstpIf7te7dX1HfgKCAAAAAAAAAAAAAAAAAAAAAAA/C1L6dDicP+bbH//nqWlKeO9/XH6/fn+QHv9/YGyavZ+lv325sP1d5IY2R9ofH+edr0cJ+7uoQMAAAAAAAAAAAAAAAAAAMC/RmunEo1mc2O7tXN5sxh0tls7JyKim3n960++OBmTNbcJyvkchaE0T13ebGTJoDhLRmryIOlOPsh8fHW44mJNdXgUU5dRPXio2Tx9/48f7GfuSwb3/Od+TRLTDzAZW0Yx2Ppff0l38oUaBiu3qbmWZdlB7bsvTnZFKaJ85w/c4UHWDb66/uo9j7TOPNrLfJ71PfjQwrPX3vvol81Gsztz9B7BynbrVrbZyP8//WQ7OEgK508p+kGpeCaUD2vfG800ku9+fe7ed7852uxZMfPGeM1cDA7w0/GhSj/oLnNs6OS0ueamnPwzCM58uNq4uvvDz0ftKnyTOJH/AwAAAAAAAAAAAAAAAAAAZqrwWfFc/kHfucO6Hntq9isDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH/O/t//LwR7E5mjBH90YnKourHdiqjc7cMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA/7q8AAAD//3mVa80=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x6b1c2, 0x80)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
sendto$inet6(r4, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0xc, &(0x7f0000000080)=0x1edb, 0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000", @ANYRES32=0x0], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
ioctl$BTRFS_IOC_START_SYNC(r6, 0x80089418, &(0x7f0000000300)=<r8=>0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x12, &(0x7f00000003c0)=0x10000, 0x4)
write$cgroup_int(r5, &(0x7f0000000380)=0x5, 0x12)
ioctl$BTRFS_IOC_WAIT_SYNC(r7, 0x40089416, &(0x7f0000000340)=r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
ioctl$PTP_EXTTS_REQUEST(r5, 0x40103d02, &(0x7f0000000440)={0x1ff, 0x5})

23.650404526s ago: executing program 1 (id=1201):
syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000080)='./file0\x00', 0x1000000, &(0x7f0000000880)=ANY=[@ANYBLOB="636f6465706167653d3835302c6e66732c747a3d55544300006f6465706167653d38362d303030303030303030303030303030303030303030362c646f74732c6e6f646f74732c646f74732c6e6f646f7473266e665708f074ca01b875ea732c7379735f696d6d757461626c652c6e6f636173652c6e6f646f74732c646973636172642c6e07006f74737daf000000000000646f74732c63686563843d72656c617865642c6e6f646f74732c6e6f646f74732c646f7494e9f0f365ee"], 0x0, 0x1f4, &(0x7f0000000b00)="$eJzs3T1rU1EYB/Dn3rbJjYvZBFE44OIgRV1dKlJBDAhKB50Uqksrgl2iS/sx/IB+AOkUBLnS3qS3jUbTNMn15febnnv+PW/lkGTJyctrb3e23+29+XzlUxRFFvlGbMQgi27kMXIQE+WTIwDgTzUoy/hSVppeCwCwHFO8/3/7RfcssgUtDABYmGfPXzy+3+ttPk2piDgsL1fNB/2tqnj4qLd5Ox3r1r0O+/2tlZP8Thr/7HCUr8WlYX636p/O5q24eSNirRURKaUHT3pjeTu2F7hvAAAAAAAAAAAAAAAAAAAAAABo0vVII92IW/eq1vp+n/X10/mRzjCvnk7dDzR2f89qXF0dPtbXA5X7y9oYAAAAAAAAAAAAAAAAAAAA/EX2PnzcebW7+/p9XbQj4mzLeYpsOPBxy8qoOP84SyrymPvIc9tye/H/hOJnB6AuWvOZq/ObE5XN+5Ckmbt/vdDhHy9m3FcrIi40ez45GpRlOeUxHmk39eIEAAAAAAAAAAAAAAAAAAD/mfpLvz9mRRMLAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAG1L//P0OxHxFT/PHJZJ1GtwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7HsAAAD//x9CK0M=")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = syz_usb_connect(0x3, 0x64, &(0x7f0000000b40)=ANY=[@ANYBLOB="12010000cb8be7406d04230848390102030109025200010000000009044000000e0100000a240608000b020102000600040007000300390c2402050302"], 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000980)={0x24, 0x0, &(0x7f0000000440)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2001}}, 0x0, 0x0}, 0x0)

20.318325425s ago: executing program 1 (id=1211):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000780)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1bc400000000000000000f0000000800", @ANYRES32=r6, @ANYBLOB='\b\x002'], 0x2c}}, 0x0)

20.317793625s ago: executing program 3 (id=1212):
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x400, 0x4, 0x8}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
timer_create(0xfffffffc, 0x0, &(0x7f0000000040))
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$igmp6(0xa, 0x3, 0x2)
mount_setattr(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x1000, &(0x7f0000000240)={0x20006b, 0x0, 0x120000}, 0x20)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x308, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x100, 0x148, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x368)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000001300)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
sendto$inet(r3, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66", 0x4c, 0x11, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)

18.173598736s ago: executing program 3 (id=1215):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r4, 0x5452, &(0x7f0000b28000)=0x3)
dup2(r4, r5)
fcntl$setown(r4, 0x8, 0x0)
tkill(0x0, 0x13)

16.570425399s ago: executing program 1 (id=1218):
timer_create(0x3, 0x0, &(0x7f0000000100))
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xd, &(0x7f00000008c0)=';', 0x1)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000200)=0x632a, 0x4)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x12141, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r4}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

16.385845832s ago: executing program 4 (id=1219):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:De', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000440)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_procfs(r3, &(0x7f0000000380)='net/vlan/vlan1\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240)={[{@bsdgroups}, {@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@noauto_da_alloc}, {@nolazytime}, {@discard}, {@grpjquota}, {@errors_remount}, {@nobarrier}]}, 0x1, 0x46a, &(0x7f0000000980)="$eJzs289vFFUcAPDvzLZFQWhFFEFUFI2NP1paUDl40WjiQRMTPeCxtoUACzW0JkKIVmPwaEi8G48m/gWe9GLUk4lXvBsSolxAT2tmd6Zsl93tLpRd6H4+yTbv7bzpe9+deTNv5s0EMLD2Zn+SiPsi4mJEjNayKyp5oazctSvnZv+9cm42iUrl3b+TarmrV87NFmWL9bbkmfE0Iv0iyStZbfHM2RMz5fL86Tw/uXTyw8nFM2dfOHZy5uj80flT04cOHTww9fJL0y+uS5xZfFd3f7KwZ9eb7194e/bwhQ9+/T7Jv4+GODox3EGZvVng/1SqGpc93U1ld4GtdelkqI8NoSuliBjK9+eLMRqluL7xRuONz/vaOOC2ys5Nm1ovXq4AG1gS/W4B0B/FiT67/i0+PRp63BEuv1q7AMrivpZ/akuGIs3LDDdc366nvRFxePm/b7JP3MR9CACAbv2YjX+ebzb+S6N+jLgtnxsai4j7I2J7RDwQETsi4sGIeCgidkbEw51Ve7xINE4N3Tj+SS/daoztZOO/V/K5rdXjv2L0F2OlPLe1Gv9wcuRYeX5//puMx/CmLD/Vpo6fXv/jq1bL6sd/2Ser//CqyaX00lDDDbq5maWZjiagOnD5s4jdQ83iT1ZmApKI2BURu7v719uKxLFnv9vTqlDT+POx8JrWYZ6p8m3EM7XtvxwN8ReS9vOTk/dEeX7/ZLFX3Oi338+/06r+W4p/HWTbf/Pq/b+xyFhSP1+72H0d5//8suU1zdrxN9//R5L3qsejkfy7j2eWlk5PRYwkb9XWqv9++vq6Rb4on8U/vq95/9+er5PF/0hEZDvxoxHxWEQ8nrf9iYh4MiL2tYn/l9eeOt5l/Embf7eusvjnmh7/VprQsP27T5RO/PxDq/o72/4Hq6nx/Jvq8W8NnTbwVn47AAAAuFuk1Wfgk3RiJZ2mExO1Z/h3xOa0vLC49NyRhY9OzdWelR+L4bS40zVadz90KlnOnyaO6tX3dH6vuFh+IL9v/HXp3mp+YnahPNfn2GHQbanr/9t3Xu//mb9Kq8uuzIh4vwM2Dv0ZBldj/0/71A6g95z/YXDp/zC49H8YXM36/6cN+VKP2gL0lvM/DK61+n/P3kYCes75HwaX/g8Dqd278cnNv/Iv0d9ELN/+KtI7ItLblRjpoINs6MSNx4oh4wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAu9H8AAAD//xjg70M=")
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x0, {{@in=@private, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3c, 0x0, 0xffffffffffffffff}, {0x0, 0x3, 0x0, 0x100000000, 0xca8}, {0x3, 0x1}, 0x0, 0x0, 0x1, 0x0, 0x1}, [@tmpl={0x84, 0x5, [{{@in=@local, 0x4d5, 0x3c}, 0x0, @in6=@mcast2}, {{@in6=@local, 0x0, 0x33}, 0x0, @in=@empty=0x7000000, 0x3, 0x2, 0x0, 0x81}]}]}, 0x13c}}, 0x0)
socket(0x2, 0x4, 0xea)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f0000000380)=<r6=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',privport,access=', @ANYRESDEC=r6])

15.288610358s ago: executing program 5 (id=1220):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="dfdc25adbc95a320b3b01bf6c71e49a4fb8d1d669ca7cf89a93730647c8292eb9730e2ff702c9f213f1fdd700e100ca2f024f2ee356d140e9b", @ANYRES32=r1, @ANYRESDEC=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='objagg_obj_root_destroy\x00', r3}, 0x18)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x23, &(0x7f0000000000), 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x0, 0x0}, 0x10)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x10)
r4 = fsopen(&(0x7f0000000180)='befs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x121500)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
recvmsg$unix(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000009c0)=""/181, 0xb5}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)
shutdown(r0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

15.253467128s ago: executing program 1 (id=1221):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
prlimit64(0x0, 0x7, &(0x7f0000000180)={0x2, 0x3}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

14.714440667s ago: executing program 5 (id=1222):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x408, 0x0, 0x2b8, 0xb0000010, 0x0, 0x5c8f0200, 0x338, 0x3a8, 0x3a8, 0x338, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [0xffffff00], [0xffffff00, 0xffffff00, 0xff000000], 'vlan1\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0xfd, 0x0, 0x19}, 0x0, 0x228, 0x248, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0x8, 0x103, 0x33, 0x871004, 0xfcc, 0x80001, 0x7fffffff, 0x0, 0x0, 0xe0}}}, @inet=@rpfilter={{0x28}, {0x2}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@private1, @mcast2, [0x0, 0xffff00, 0x0, 0xffffff00], [0x0, 0xffffffff, 0x0, 0xff], 'dvmrp0\x00', 'sit0\x00', {}, {0xff}, 0x67, 0xb7, 0x1}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'rose0\x00', {0xb}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x468)
prlimit64(0x0, 0xe, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
sched_setaffinity(0x0, 0x0, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
unshare(0x20000400)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2000000, @void, @value}, 0x94)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, r3, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x6}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x400}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x8}]}, 0x38}}, 0x4008004)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xa, 0x2, 0xe, '\x00', 0x80})
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x59a35420, 0xffff15a7, 0xfffffff9, 0x0, [{}, {}, {0x0, 0x0, 0x0, '\x00', 0x80}, {0x0, 0x35, 0x1}, {0x34, 0x6}, {0x0, 0x0, 0x6, '\x00', 0xfc}, {0x0, 0xfe}, {0x2, 0x6}, {}, {0x73, 0x1, 0x2}, {0x1, 0x0, 0xfe, '\x00', 0x3}, {0x0, 0x0, 0x80}, {}, {}, {0x7, 0x0, 0x0, '\x00', 0x39}, {0x0, 0x0, 0x0, '\x00', 0x8}, {0x0, 0x1, 0x0, '\x00', 0xff}, {0xfc, 0x0, 0xfa}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x1}, {0x0, 0x1}, {0x3, 0x5}, {0x0, 0x0, 0x0, '\x00', 0x9}]}})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='thermal_power_cpu_limit\x00', r6}, 0x18)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x2, 0x5, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r9, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000002c0)=""/100, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))

12.563722078s ago: executing program 5 (id=1226):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f00000000c0)=0x1, 0x4)
syz_mount_image$erofs(&(0x7f0000000300), &(0x7f0000000100)='./file1\x00', 0x810801, &(0x7f0000000140)=ANY=[], 0x4, 0x211, &(0x7f0000000880)="$eJzslbFvEzEUxj/7Lte0QhUMMLCEoRJFope7C6AuDGVHQmoRMEbUVAW3qdIMTSWkViwszIh/hKETAxtMzAyAhMRARyYkjOzzJb40l3A6EEPfT4rz2b73/Ox79wyCIE4tXz7/+PTi1vLaVQBnsIAZO/7NGz7Dnec/vvJqVr7dnn96NOqPAVBq2PenrB8AeLPiAQepW6Vca2ABwFkAa+BGa+6C44rV98AQZrGqobUAwwM7/HhHDXbTmbVCCvawI9cfbUoR6SbWTaKbFqBy8R8fMqwDqNslmBPfbn//SVsC3VRIkYmaytY5MVVWTDo/E98Kx03nCPT7uv/82aHuh3Y8cs4vBkdsdQsMq1YvYwZhGDZsV8TO/i/6Q/9e+tpSDsrspF7pIGplrc4tjZnSGT7ZfFYKvdtK78wVv9Tf8TMiglwK/pMl/ljoOMpb8QbQ9/IfSTDFj6geMxsdYW5KXDg+enfS6ut/Pd5qwhQuAO7US502H+akvD3W6nxu5FLBJ5NlYGFKpPWD+cBlpz75zq3Q7G3tNHf7+0ubW+0NsSG2k6R1I7oWRdeTpqnNaTuh/tVNfZpz/NcKng1YgL12r9eN94BeNx70k7R1Ku7q6853Y8NN/eNY/KlUdr2YbWcXJcuvweyPm3+tFr3C4AmCIAiCIAiCIAiCIAiCIErRAMP7+UFXjcdP7pjp3wEAAP//xbtYgA==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fadvise64(r2, 0x0, 0x0, 0x3)
sendto$inet6(r1, &(0x7f00000002c0)="03", 0x1, 0x24008844, &(0x7f0000000040)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bic\x00', 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000018c0)={'team0\x00'})
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="636865636b706f696e743d64697361626c652c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6e6f666c7573685f6d657267652c6d6f64653d6c66732c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6167655f657874656e745f63616368652c646973636172642c6e6f696e6c696e655f64656e7472792c008bfb3c1e4b1b12ae77c937da8858"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r6, &(0x7f0000002140)={0x2020}, 0x2020)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8004}, 0x4800)

12.563024538s ago: executing program 4 (id=1227):
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
pipe2$watch_queue(0x0, 0x80)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94)
unshare(0x64000600)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000100))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

12.561592138s ago: executing program 1 (id=1228):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000780)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1bc400000000000000000f0000000800", @ANYRES32=r6, @ANYBLOB='\b\x002'], 0x2c}}, 0x0)

12.560827938s ago: executing program 3 (id=1229):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000880)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x0, 0x0)
r6 = request_key(0x0, &(0x7f0000000bc0)={'syz', 0x2}, 0x0, 0x0)
r7 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r7, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000140)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`P3%\xfa\xbf\xef\xeb\x8e1w\xfd')
keyctl$get_security(0x11, r7, &(0x7f0000000080)=""/40, 0x28)
keyctl$invalidate(0x15, r6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sysinfo(&(0x7f0000000180)=""/90)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="940000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000640012800b0001006970366772650000540002800800150061db0a0008000100", @ANYRES32, @ANYBLOB="14000700fe8000000000000000000000000000aa08000d005fe1ffff060010004e22000008000500200c000014000600fc"], 0x94}}, 0x0)

12.559559677s ago: executing program 0 (id=1230):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'erspan0\x00'})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)

9.014065079s ago: executing program 3 (id=1231):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000040)="290000002000190f00003fffffffda060a00008bfee80001dd0048040d000600fe7f00000005000500", 0x29}], 0x1)

9.012678929s ago: executing program 5 (id=1232):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZrk6Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtK03U227TabZn8/OJlzzszs/5wNMztnZpgJYGC9FxHXIuJxmqbnI2Isq89lKbZbqbHco4d35xopiTS98c8kkqxu57OSbHoqW+1kRHztyxHfTJ6PW9vcWp6tVMrrWblUX1kr1Ta3LiytzC6WF8ur09NTl2euzFyamexJP09HxNUv/vUH3/3Zl67+6jO3/3Tz7+e+1ejfaDZ/bz9eUH6/ma2uF5rfxd4V1l8y2FGUb/YwM9xuiaHnau695jYBANBe4xj4gxHxyYg4H2MxtP/hLAAAAPAGSj8/Gv9LItL2TnSoBwAAAN4grXtgk1wxIkaa+VyuWGzdw/vhGMlVqrX6pxeqG6vzrXtlx6OQW1iqlCeze4XHo5A0ylPN/JPyxWfK0xHxdkR8f2y4WS7OVSvz/T75AQAAAAPi1J7xfy4i/jPWGv8DAAAAx8x4vxsAAAAAvHbG/wAAAHD8Gf8DAADAsfaV69cbKd15//X8rc2N5eqtC/Pl2nJxZWOuOFddXysuVquLzWf2rRz0eZVqde2zsbpxp1Qv1+ql2ubWzZXqxmr95tJTr8AGAAAADtHbH7//hyQitj833EwNJ7pbtcvFgKMqv5tLsmmbzfqPb7WmfzmkRgGHYqjfDQD6Jt/vBgB9U+h3A4C+Sw6Y3/Hmnd9m00/0tj0AAEDvTXy08/X/3L5rbu8/GzjybMQwuFz/h8HVvP7f7Z28DhbgWCk4AoCB98rX/w+Upi/UIAAAoOdGmynJFbPTe6ORyxWLEaebrwUoJAtLlfJkRLwVEb8fK3ygUZ5qrpkcOGYAAAAAAAAAAAAAAAAAAAAAAAAAAFrSNIkUAAAAONYicn9Lft16lv/E2NnRZ88PnEj+OxbZK0Jv//jGD+/M1uvrU436f+3W13+U1V/sxxkMAAAAGAgv9AL/nXH6zjgeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHrp0cO7czvpMOP+4wsRMd4ufj5ONqcnoxARI/9OIr9nvSQihnoQf7jx5yPt4ieNZu2GbBd/uAfxt+/tGz/Gs2+hXfxTPYgPg+x+Y/9zrd32l4v3mtP2218+4qnyy+q8/4vd/d9Qh+3/dJcx3nnwi1LH+Pci3sm33//sxE86xD/TZfxvfH1rq9O89CcRE21/f5KnYpXqK2ul2ubWhaWV2cXyYnl1enrq8syVmUszk6WFpUo5+9s2xvc+9svH+/V/pEP88QP6f7bL/v//wZ2HH2plC+3inzvTJv5vfpot8Xz8XPbb96ks35g/sZPfbuX3evfnv3t3v/7Pd+j/Qf//c132//xXv/PnLhcFAA5BbXNrebZSKa8f20xjlH4EmiFzBDPf7ukHpmmaNrapV/icJI7C19LM9HvPBAAA9NqTg/5+twQAAAAAAAAAAAAAAAAAAAAG12E8TuzZmNu7uaQXj9AGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiJ9wMAAP//ArLZXg==")

8.987940399s ago: executing program 1 (id=1233):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000880)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140))
sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, 0x0, 0x2000c0c0)
semget$private(0x0, 0x5, 0x0)
semop(0x0, 0x0, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000a00)={'syz1\x00', {0x6ec9, 0x7, 0x5, 0x5}, 0x3e, [0x9, 0x2, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf5, 0x9, 0x39, 0x747d5a13, 0x8, 0xfffffb9a, 0xfffffffc, 0x4, 0xfffffffb, 0x4, 0x3, 0x4, 0xf252, 0x4, 0x800, 0x300000, 0x7, 0xe, 0x4623b, 0x0, 0x0, 0x1ff, 0x8000, 0x3ff, 0x3, 0xd, 0x3, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x400008, 0xe, 0x4, 0x2, 0xde, 0x8, 0x9, 0x1, 0x199f, 0x8, 0x2, 0x9, 0x1, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0x7, 0x5], [0x6, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x5, 0x7, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0x1c32, 0x3, 0x9, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x297, 0x5, 0x0, 0x981, 0x4, 0x100, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x10, 0xfffffff9, 0x0, 0x5, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0xffff, 0x6, 0x96, 0xfffffff9, 0x101, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x6, 0x200, 0x3], [0x401, 0xc584, 0xffff, 0xcd4, 0x7, 0x20, 0x7, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x5, 0x80000001, 0x8, 0xffffffff, 0x1000, 0x2, 0x6, 0x1, 0xfffffff9, 0xe55, 0x10, 0x80000001, 0x4, 0x4, 0x5, 0x9, 0x2, 0x5, 0x80, 0x9, 0x9, 0x47, 0x2, 0x3, 0x4, 0x7, 0x6d7e, 0x3, 0x8, 0x8001, 0xbf23, 0x6, 0x8, 0x95a, 0x0, 0x3ff, 0x3, 0x6, 0x100fffd, 0x2005, 0x7, 0x4, 0xea, 0x9, 0x5, 0xa, 0xd9, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0x7fff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x4, 0x50, 0x2, 0x75f, 0xb, 0x402, 0x800, 0x4, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x1e0, 0x4, 0xe47, 0x3, 0x3, 0x4, 0x200, 0x1000, 0x3b, 0x2, 0x5, 0x800, 0xa80a, 0x65f413f9, 0x4, 0x8, 0x8a8, 0x2, 0x40, 0x7, 0x2, 0x4, 0x4, 0x10, 0x0, 0x0, 0x7fff, 0x2, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0x7, 0xe, 0x2, 0xe, 0xf, 0x133, 0x6]}, 0x45c)
ioctl$UI_DEV_CREATE(r2, 0x5501)

8.642377964s ago: executing program 0 (id=1234):
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000003480)={0x17, 0x10, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}, {}, {}, [@jmp={0x5, 0x1, 0x5, 0x0, 0x9, 0x20, 0x1}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x9, 0xd7, &(0x7f0000000840)=""/215, 0x41000, 0x2, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001dc0)={0x5, 0x4, 0x853, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x1, &(0x7f0000003400)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1], &(0x7f0000003440)=[{0x1, 0x5, 0x8, 0x1}], 0x10, 0x7fff, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000003c0)=@filter={'filter\x00', 0x42, 0x4, 0x350, 0xffffffff, 0x118, 0x118, 0x208, 0xffffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x84, 0x2, 0x2}, 0x0, 0xf0, 0x118, 0x0, {0x100000000000000}, [@common=@inet=@multiport={{0x50}, {0x1, 0x0, [0x4e20, 0x4e21, 0x4e20, 0x4e23, 0x4e21, 0x4e23, 0x4e24, 0x4e22, 0x4e22, 0x4e20, 0x4e21, 0x4e23, 0x4e23, 0x4e22, 0x4e21], [0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x81, 0x1, 0x0, 0x1, 0x0, 0x1], 0x1}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@ip={@loopback, @rand_addr=0x64010101, 0xffffff00, 0xff000000, 'geneve0\x00', 'macvlan0\x00', {0xff}, {}, 0x2e, 0x0, 0x4}, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[0x4e23, 0x4e20], [0x4e23, 0x4e21], 0x5, 0x10, 0x1a7, 0x1}}, @common=@icmp={{0x28}, {0x0, "54e9", 0x1}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x10, 0x9, 0x2}}}, {{@ip={@private=0xa010101, @loopback, 0x0, 0xff000000, 'batadv_slave_0\x00', 'dvmrp0\x00', {}, {}, 0x2f, 0x0, 0x21}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3b0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
recvmsg$unix(r3, &(0x7f0000000240)={&(0x7f0000000180), 0x6e, &(0x7f0000000000)=[{&(0x7f0000003540)=""/4094, 0xffe}], 0x1}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
setresgid(0x0, 0x0, 0x0)

7.627738919s ago: executing program 3 (id=1235):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18010000010008000000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r1 = syz_pidfd_open(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
pidfd_send_signal(r1, 0x2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r2, 0xc0096616, &(0x7f0000000280)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000480)='rxrpc_client\x00', r2, 0x0, 0x3}, 0x24706f9204967548)
openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000025c0)=[{&(0x7f0000002500)=""/79, 0x4f}], 0x1, 0x10006c, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)

6.87259619s ago: executing program 4 (id=1236):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
utimensat(0xffffffffffffffff, 0x0, 0x0, 0x100)
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$chown(0x4, r3, 0xee01, 0xee00)
keyctl$setperm(0x5, r3, 0x604310a)
keyctl$read(0xb, r3, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000380)={[{@jqfmt_vfsold}, {@nouser_xattr}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
setns(r7, 0x24020000)
umount2(&(0x7f0000000000)='.\x00', 0x2)

4.503533875s ago: executing program 0 (id=1237):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./mnt\x00', 0x2000c16, &(0x7f0000000100)={[{@noinit_itable}, {@nodelalloc}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x11044}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x2ed3d}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8084}, 0x0)

3.946379823s ago: executing program 5 (id=1238):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:De', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000440)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_procfs(r3, &(0x7f0000000380)='net/vlan/vlan1\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240)={[{@bsdgroups}, {@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@noauto_da_alloc}, {@nolazytime}, {@discard}, {@grpjquota}, {@errors_remount}, {@nobarrier}]}, 0x1, 0x46a, &(0x7f0000000980)="$eJzs289vFFUcAPDvzLZFQWhFFEFUFI2NP1paUDl40WjiQRMTPeCxtoUACzW0JkKIVmPwaEi8G48m/gWe9GLUk4lXvBsSolxAT2tmd6Zsl93tLpRd6H4+yTbv7bzpe9+deTNv5s0EMLD2Zn+SiPsi4mJEjNayKyp5oazctSvnZv+9cm42iUrl3b+TarmrV87NFmWL9bbkmfE0Iv0iyStZbfHM2RMz5fL86Tw/uXTyw8nFM2dfOHZy5uj80flT04cOHTww9fJL0y+uS5xZfFd3f7KwZ9eb7194e/bwhQ9+/T7Jv4+GODox3EGZvVng/1SqGpc93U1ld4GtdelkqI8NoSuliBjK9+eLMRqluL7xRuONz/vaOOC2ys5Nm1ovXq4AG1gS/W4B0B/FiT67/i0+PRp63BEuv1q7AMrivpZ/akuGIs3LDDdc366nvRFxePm/b7JP3MR9CACAbv2YjX+ebzb+S6N+jLgtnxsai4j7I2J7RDwQETsi4sGIeCgidkbEw51Ve7xINE4N3Tj+SS/daoztZOO/V/K5rdXjv2L0F2OlPLe1Gv9wcuRYeX5//puMx/CmLD/Vpo6fXv/jq1bL6sd/2Ser//CqyaX00lDDDbq5maWZjiagOnD5s4jdQ83iT1ZmApKI2BURu7v719uKxLFnv9vTqlDT+POx8JrWYZ6p8m3EM7XtvxwN8ReS9vOTk/dEeX7/ZLFX3Oi338+/06r+W4p/HWTbf/Pq/b+xyFhSP1+72H0d5//8suU1zdrxN9//R5L3qsejkfy7j2eWlk5PRYwkb9XWqv9++vq6Rb4on8U/vq95/9+er5PF/0hEZDvxoxHxWEQ8nrf9iYh4MiL2tYn/l9eeOt5l/Embf7eusvjnmh7/VprQsP27T5RO/PxDq/o72/4Hq6nx/Jvq8W8NnTbwVn47AAAAuFuk1Wfgk3RiJZ2mExO1Z/h3xOa0vLC49NyRhY9OzdWelR+L4bS40zVadz90KlnOnyaO6tX3dH6vuFh+IL9v/HXp3mp+YnahPNfn2GHQbanr/9t3Xu//mb9Kq8uuzIh4vwM2Dv0ZBldj/0/71A6g95z/YXDp/zC49H8YXM36/6cN+VKP2gL0lvM/DK61+n/P3kYCes75HwaX/g8Dqd278cnNv/Iv0d9ELN/+KtI7ItLblRjpoINs6MSNx4oh4wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAu9H8AAAD//xjg70M=")
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x0, {{@in=@private, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3c, 0x0, 0xffffffffffffffff}, {0x0, 0x3, 0x0, 0x100000000, 0xca8}, {0x3, 0x1}, 0x0, 0x0, 0x1, 0x0, 0x1}, [@tmpl={0x84, 0x5, [{{@in=@local, 0x4d5, 0x3c}, 0x0, @in6=@mcast2}, {{@in6=@local, 0x0, 0x33}, 0x0, @in=@empty=0x7000000, 0x3, 0x2, 0x0, 0x81}]}]}, 0x13c}}, 0x0)
socket(0x2, 0x4, 0xea)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f0000000380)=<r6=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',privport,access=', @ANYRESDEC=r6])

3.599098188s ago: executing program 4 (id=1239):
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x38be40c, 0x0, 0x1, 0x0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80800)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000000400000003"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xd, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYRES16=r1], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000640)='spi_setup\x00', r3, 0x0, 0x1ff}, 0xfffffffffffffe26)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x10, 0x1fffffffffffff89, &(0x7f0000000500)=ANY=[], &(0x7f0000000480)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = dup(r1)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000680)={0xffffffffffffffff, &(0x7f0000000780)="000000000700000e90a517a6a364a4f787a01c47689217c712d7149ef3243bd2a538b2e63a2ed000001758cef4f822fdafe2ff7ae90500884a8bce8dda6753d09961227b83ef9748f962c6ff2e74ba753df15388b101", &(0x7f0000000500)=@tcp6=r4, 0x2}, 0x20)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000400), &(0x7f00000003c0))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = dup(r9)
r11 = open(&(0x7f0000000140)='./file1\x00', 0x109cc2, 0x40)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r12=>0x0})
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000200000000000000000000000850000004100000095000000000000004be98911ed5a3cf4451d51e400827eef4df9eb3fd52b8f0a456c3a6cfd127868ad3fe3f9a9b946c97f9fc091e4c3f4b0a0d7ed298717a480c48868562f04005972b6a5265519fee4cb1b8b93f0b164770fd40c7a8060ce72beff7cda177e28a1a97b2c8c56a3f15b2f7a9b7ae2cf52d08555d3c3315e95095217bff8c9441a45fd00000000000000979ed4e35d21d13d428af521c553b9420385390207dc1634aee0244045e5c380e6090329d37b29a56c16d5c7bee160b91246bd2c205047bd92581165c774b1fd46072c161f1d33e6d5c1a5db7a714e3ed5468408f279bd9f98ec3c5ffd79cd37810f03000000b65d147fa05253a600adfb03775847b220369339529d434f3190c81c3dd501a780cfaaaa916c8a33ee4b52d18e160428893f33d206d3a7195e7f69c831099bdc940000aa2c2e61509bf6c58b100000000000000000000000005e3210346531c1eb14fbec6eb35d6f3e3853512c6bf186bd8b75d17aeeaa07"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000003940)={r13, r12, 0x25, 0x2, @val=@netfilter={0x0, 0x0, 0x100}}, 0x20)
r14 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYRES32=r7], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r12, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r14, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.653896911s ago: executing program 0 (id=1240):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)

1.510209507s ago: executing program 4 (id=1241):
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x400, 0x4, 0x8}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
timer_create(0xfffffffc, 0x0, &(0x7f0000000040))
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$igmp6(0xa, 0x3, 0x2)
mount_setattr(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x1000, &(0x7f0000000240)={0x20006b, 0x0, 0x120000}, 0x20)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x308, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x100, 0x148, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x368)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000001300)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x12, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r3, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66", 0x4c, 0x11, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)

1.439412189s ago: executing program 0 (id=1242):
r0 = io_uring_setup(0x743b, &(0x7f0000000e80)={0x0, 0x7ffffffd, 0x1046, 0x0, 0x3a9})
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0)

478.970323ms ago: executing program 0 (id=1243):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f00000000c0)=0x1, 0x4)
syz_mount_image$erofs(&(0x7f0000000300), &(0x7f0000000100)='./file1\x00', 0x810801, &(0x7f0000000140)=ANY=[], 0x4, 0x211, &(0x7f0000000880)="$eJzslbFvEzEUxj/7Lte0QhUMMLCEoRJFope7C6AuDGVHQmoRMEbUVAW3qdIMTSWkViwszIh/hKETAxtMzAyAhMRARyYkjOzzJb40l3A6EEPfT4rz2b73/Ox79wyCIE4tXz7/+PTi1vLaVQBnsIAZO/7NGz7Dnec/vvJqVr7dnn96NOqPAVBq2PenrB8AeLPiAQepW6Vca2ABwFkAa+BGa+6C44rV98AQZrGqobUAwwM7/HhHDXbTmbVCCvawI9cfbUoR6SbWTaKbFqBy8R8fMqwDqNslmBPfbn//SVsC3VRIkYmaytY5MVVWTDo/E98Kx03nCPT7uv/82aHuh3Y8cs4vBkdsdQsMq1YvYwZhGDZsV8TO/i/6Q/9e+tpSDsrspF7pIGplrc4tjZnSGT7ZfFYKvdtK78wVv9Tf8TMiglwK/pMl/ljoOMpb8QbQ9/IfSTDFj6geMxsdYW5KXDg+enfS6ut/Pd5qwhQuAO7US502H+akvD3W6nxu5FLBJ5NlYGFKpPWD+cBlpz75zq3Q7G3tNHf7+0ubW+0NsSG2k6R1I7oWRdeTpqnNaTuh/tVNfZpz/NcKng1YgL12r9eN94BeNx70k7R1Ku7q6853Y8NN/eNY/KlUdr2YbWcXJcuvweyPm3+tFr3C4AmCIAiCIAiCIAiCIAiCIErRAMP7+UFXjcdP7pjp3wEAAP//xbtYgA==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fadvise64(r2, 0x0, 0x0, 0x3)
sendto$inet6(r1, &(0x7f00000002c0)="03", 0x1, 0x24008844, &(0x7f0000000040)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bic\x00', 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000018c0)={'team0\x00'})
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="636865636b706f696e743d64697361626c652c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6e6f666c7573685f6d657267652c6d6f64653d6c66732c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6167655f657874656e745f63616368652c646973636172642c6e6f696e6c696e655f64656e7472792c008bfb3c1e4b1b12ae77c937da8858"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r6, &(0x7f0000002140)={0x2020}, 0x2020)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8004}, 0x4800)

141.202928ms ago: executing program 4 (id=1244):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000780)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1bc400000000000000000f0000000800", @ANYRES32=r6, @ANYBLOB='\b\x002'], 0x2c}}, 0x0)

68.144639ms ago: executing program 5 (id=1245):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0300000004000000040000000a00020000000000", @ANYRESOCT, @ANYBLOB='\x00'/17, @ANYRES32=0x0, @ANYRES32], 0x50)

0s ago: executing program 3 (id=1246):
listen(0xffffffffffffffff, 0x6)
io_uring_enter(0xffffffffffffffff, 0x46f6, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0xc0386105)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f00000005c0)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}})
socket$inet6_sctp(0xa, 0x1, 0x84)
write$P9_RSTATu(r3, &(0x7f0000000080)={0x50e, 0x7d, 0x0, {{0x500, 0x1f8, 0x0, 0x40, {0x0, 0x0, 0x2}, 0x0, 0x0, 0xc, 0x0, 0x10f, '\x04nodZ=\xbfd`\xd2\xc2\x97D,\x027\xfcb%\xff\xff\xff\x80\x05\x00\x00\x00\x00\x00\x00\xff\x03\xff\x92\xe9\x16\x00\x05\x00\x00\x00,\x93\xcb=\xb6\xc21\xd1\x19\xaa\xa1ou\xc5\x8f\xa6\x88\x9f\xf3\xc8\xf7\xab\xc6\x1bY\xa1\xd2o\fJ\xf8\xe2\x93\xd3\xf8l\xcd\xc6o\xf5{\xe9\x00\x00\x00\x00\x00\x00\x00\x03\xd5\x89-\x8e\xfe\xbb\x9e\x05\xac\nk\xc5)`z\xc6\x8a8\x13\xaf\xe7\x9e\x85cj\xfdl]\x15\xb2\xae\xbb\xb7\xee;\x1e\xae\x8a\x7f\xbe.\x85\x88s\x14\xcb\xec\xf0\xa1\xa5\x124z\x8c\x15\xb3 \xd1\xe1\xc0\x10Uz\xaaw\x16^Q`208^|\'\x01\x00\xacB3\x00D\xa9\b=\xe5\xbe\xd8\xe0\xbd(h\"\x94\xf68\xc3\x8e%uj\xb0\xb0\x7fe\xdb\xd6$\xee\x95_}\xa7\x8e\xe1\x96I7?0\xe3\xf7\xb9d\xf0\xa2f\xc3\xac\x9ePwS\xa3\xc4\x03\xc8{\xf1Jv\x87%\x91h\xb4[\xbdz\x1f\xd8`\x0e\xa1.\x00\xdb\xfeL\x1a\xfe\xea\xaf\x9d{\xb4\xa7Z\x1c\x82\x18\x93\xf7\xf4|<Pq\x8c\xc3', 0x2b, 'p\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x35, '\xcf`7-a\xcc\xea\xb8\xc8\x86A\xeb\x93\xb4\xcc\xf6\x00*\xb8{\xfc\x01\'\x96\t?h0\\M\" \x83~\x01\b\xe2\xe7HP\x1cQHK\xa0/\x10\x9c\xaa\xf9\x15\t\xa2', 0x56, '\xf8\xf6i\xfbqk\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x15\xbe6\xf4\xfd\x1aL\xdb\x80\xe8\xd4\a\x00\x00\x007\x00C'}, 0x301, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\fA\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaau\xf8$k\xccB\xea\xa8\xc61\xc0\xc5\x00\x95\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xc0\xfbNL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12.a\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xc2\x00\x00\x000\xe4\xee+\xfc\x7f\x80P\x85\x11C\xe5\x16\x1a\xcdG\x15\n\xcb\xaft8\"\xdf\xe2\x03\xb1\b\xd3~\x91M\xc1\xe5>#LP\x9e\xcaA\a\xa1q,\xaa\x9d\xa5=\x05\x1c6\x88Ly\x18&a\xf3\xca6\xbc\xdb\xfb\xbd&q\t\xf81\x9d\x8d\xd5\xc0p\x99\xeb\x1b\x11\x03\x06U\xf5biOat=\x19B\x1bJ\x19\xef\x8b\x8bL\xe9\xc9\x93\xc7\xd6\xcb0\fNezNP\xa3[\\\xc1k\x8c\x16\x1a\x8e=\xf9\x03k\xbc\xf2\x8a\xdc\xd1\x9alL)\x17\t\xae\xe5\xab>[\xc5\xae)\xf4u\xe4\xd2D\b\xb5\x16}\x0f\xaf_\xc1Vkp\\\x8b`\xaf\xa8\xac\xa4/~\x04i\x18\x8a\x0e\xf0b\xca\x18\xe3\x8f\x9e\xe1\n\xc7}+~\xb9\xd6\x0e\xa7\x9f\xdbUd\x11H[\x1b\x13\xdb\xb8\xa2\xa6b.\xbc\xf8Lio\xa4\xda!\xba\xd22\r\rh\xe9\xbfCF\xf0ha\x19\xa3\x9e@\x03\x95\xc8\xf2\x82^\xa0i\xae\x0e\x14;\xd1\xa4Ay\xedlTp,^\x9a\x19\xcc\x7f\xfaP\x0f\xa4\x1bl\x80I\xbd\xe4X\'\xd5N\xc9\x01\xd2z\xd1%\x05h\x89\xb33k?\x06\x83\x8c[fz\xe2.\xfe;\xc1[\x82_\x7f\xbc\xe4\x80\'(\x1c\xf9\xfe\x8f\xc2\x1f\xc7|$=\xe2g\x051\x0e\xb8\x1c\xf7M\xe0)1\x92\xa1?j\xd0W\xdea\xfd\x8a\xba\x8e\xf4C\x9b\xc0jE\xb2\xb01bQZ#C:\xfe\xb5*\xed\xb5\xabo3FS8\x05\x15\xf7y\xf3]\xc8\xa7\x8c7w$\x92\xa2(L!\xd2\x13V\xd4s\xf0\x0f\x85\x13|{\xf0cou}5(\x86\x9b?\x00w5\xcf\xf8\\\x9d\x97\x8b\xf5]\xcc&\xd6-%\xe3\b\xf0\x88\'\xa9\x1f\xf4{\xec\x92\xf8\xe9\x1ey\bfT\x00\xaaN9\xb3Y\x86#\x9d\\{\x94\x92\xc5\xbb&\xbcU\xb5[I\xedpHnn}\xa3\x8c \x84P\xf9\xf7\x9e\x1bA\x00'/769, 0xffffffffffffffff, 0xee01}}, 0x50e)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
ptrace$peek(0x7, r0, 0x0)
get_robust_list(r0, &(0x7f0000000340)=0x0, 0x0)
memfd_secret(0x80000)
close_range(r4, 0xffffffffffffffff, 0x0)
dup(0xffffffffffffffff)

kernel console output (not intermixed with test programs):

= 8 limit=16
[  166.714618][ T5204] syz.2.267: attempt to access beyond end of device
[  166.714618][ T5204] loop2: rw=524288, sector=790384, nr_sectors = 16 limit=16
[  166.848156][ T5204] syz.2.267: attempt to access beyond end of device
[  166.848156][ T5204] loop2: rw=524288, sector=72, nr_sectors = 16 limit=16
[  168.283102][ T5246] loop1: detected capacity change from 0 to 64
[  170.140660][ T5269] netlink: 40 bytes leftover after parsing attributes in process `syz.3.289'.
[  170.186242][ T5267] netlink: 8 bytes leftover after parsing attributes in process `syz.1.288'.
[  171.508278][ T5297] loop3: detected capacity change from 0 to 64
[  171.714468][ T5302] loop4: detected capacity change from 0 to 64
[  171.725396][ T5302] MINIX-fs: bad superblock
[  172.162751][ T5305] netlink: 8 bytes leftover after parsing attributes in process `syz.1.302'.
[  172.845322][ T4253] hid-generic 0000:0204:0000.0001: unknown main item tag 0x0
[  172.859984][ T4253] hid-generic 0000:0204:0000.0001: unknown main item tag 0x0
[  172.867839][ T4253] hid-generic 0000:0204:0000.0001: unknown main item tag 0x0
[  172.926225][ T4365] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  173.095137][ T4253] hid-generic 0000:0204:0000.0001: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz1
[  174.795366][ T5344] netlink: 8 bytes leftover after parsing attributes in process `syz.0.314'.
[  175.084582][ T5346] fido_id[5346]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  175.186883][ T5364] loop2: detected capacity change from 0 to 64
[  175.221361][ T5364] MINIX-fs: bad superblock
[  177.454466][ T5406] loop1: detected capacity change from 0 to 64
[  177.546069][ T5406] MINIX-fs: bad superblock
[  177.966925][ T5418] loop4: detected capacity change from 0 to 512
[  177.978596][ T5418] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  178.029162][ T5418] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  178.049480][ T5418] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.340: corrupted in-inode xattr
[  178.075803][ T5418] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.340: couldn't read orphan inode 15 (err -117)
[  178.119500][ T5420] netlink: 8 bytes leftover after parsing attributes in process `syz.2.331'.
[  178.138844][ T5418] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  180.477997][ T5453] loop0: detected capacity change from 0 to 256
[  180.536109][ T5453] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  181.039660][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  181.849114][ T5488] loop4: detected capacity change from 0 to 256
[  181.933673][ T5488] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  182.283121][ T5494] loop4: detected capacity change from 0 to 512
[  182.307227][ T5494] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  182.375023][ T5494] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  182.443769][ T5494] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.368: corrupted in-inode xattr
[  182.715263][ T5494] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.368: couldn't read orphan inode 15 (err -117)
[  182.766262][ T5503] netlink: 8 bytes leftover after parsing attributes in process `syz.3.372'.
[  182.934203][ T5494] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  184.682348][ T5521] loop0: detected capacity change from 0 to 256
[  184.703327][ T5521] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  185.123997][ T5516] loop1: detected capacity change from 0 to 32768
[  185.161572][ T5516] 
[  185.161572][ T5516]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.161572][ T5516] 
[  185.190058][ T5516] 
[  185.190058][ T5516]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.190058][ T5516] 
[  185.282441][ T5516] 
[  185.282441][ T5516]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.282441][ T5516] 
[  185.330952][ T5516] 
[  185.330952][ T5516]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.330952][ T5516] 
[  185.341834][ T5516] 
[  185.341834][ T5516]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.341834][ T5516] 
[  185.382276][  T106] 
[  185.382276][  T106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.382276][  T106] 
[  185.400695][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  185.851302][ T4251] 
[  185.851302][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.851302][ T4251] 
[  185.876014][ T4251] 
[  185.876014][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.876014][ T4251] 
[  186.607682][ T5548] netlink: 8 bytes leftover after parsing attributes in process `syz.0.386'.
[  187.397398][ T5560] loop0: detected capacity change from 0 to 256
[  188.372489][ T5560] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  189.696991][ T5595] netlink: 8 bytes leftover after parsing attributes in process `syz.4.400'.
[  190.645047][ T5605] loop0: detected capacity change from 0 to 256
[  190.811838][ T5605] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  193.159610][ T5631] netlink: 8 bytes leftover after parsing attributes in process `syz.4.413'.
[  193.601425][ T5642] loop0: detected capacity change from 0 to 256
[  194.710066][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  194.716463][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  195.791612][ T5642] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  196.169685][ T5660] device syzkaller0 entered promiscuous mode
[  197.246658][ T5668] netlink: 8 bytes leftover after parsing attributes in process `syz.2.427'.
[  200.730755][ T5694] loop2: detected capacity change from 0 to 256
[  200.775610][ T5694] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  200.992170][ T5700] loop4: detected capacity change from 0 to 64
[  202.353878][ T5715] netlink: 8 bytes leftover after parsing attributes in process `syz.4.443'.
[  204.570354][ T5742] loop4: detected capacity change from 0 to 256
[  204.640426][ T5742] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  204.944377][ T5750] loop3: detected capacity change from 0 to 64
[  205.843276][ T5763] netlink: 8 bytes leftover after parsing attributes in process `syz.1.458'.
[  205.890606][ T5764] netlink: 16 bytes leftover after parsing attributes in process `syz.4.459'.
[  207.011616][ T4257] Bluetooth: hci2: command 0x0406 tx timeout
[  207.017750][ T4257] Bluetooth: hci3: command 0x0406 tx timeout
[  207.024038][ T4265] Bluetooth: hci4: command 0x0406 tx timeout
[  207.030751][ T4261] Bluetooth: hci0: command 0x0406 tx timeout
[  207.036947][ T4263] Bluetooth: hci1: command 0x0406 tx timeout
[  207.233985][ T5776] loop0: detected capacity change from 0 to 24
[  207.241606][ T5776] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  207.270896][ T5776] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  207.788957][ T5792] loop1: detected capacity change from 0 to 64
[  208.260684][ T5803] netlink: 16 bytes leftover after parsing attributes in process `syz.2.472'.
[  209.998271][ T5826] netlink: 12 bytes leftover after parsing attributes in process `syz.2.482'.
[  210.437837][ T5836] loop0: detected capacity change from 0 to 64
[  210.947521][ T5840] netlink: 16 bytes leftover after parsing attributes in process `syz.1.487'.
[  212.060393][ T5853] loop1: detected capacity change from 0 to 128
[  212.198404][ T5853] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  212.273385][ T5853] ext4 filesystem being mounted at /112/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  214.105620][ T5875] netlink: 12 bytes leftover after parsing attributes in process `syz.0.495'.
[  214.274503][ T5878] loop2: detected capacity change from 0 to 512
[  214.408809][ T5878] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.496: bg 0: block 248: padding at end of block bitmap is not set
[  214.485832][ T5878] Quota error (device loop2): write_blk: dquota write failed
[  214.509926][ T5878] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  214.542844][ T5878] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.496: Failed to acquire dquot type 1
[  214.578079][ T5878] EXT4-fs (loop2): 1 truncate cleaned up
[  214.597570][ T5878] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  214.627399][ T5878] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.084373][ T4259] EXT4-fs (loop2): unmounting filesystem.
[  215.095812][ T4304] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5
[  215.141040][ T4304] EXT4-fs error (device loop2): ext4_release_dquot:6838: comm kworker/u4:5: Failed to release dquot type 1
[  215.277131][ T5883] loop4: detected capacity change from 0 to 8192
[  215.372319][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  215.494161][ T5883]  loop4: p4 < >
[  215.678552][ T5890] netlink: 16 bytes leftover after parsing attributes in process `syz.3.500'.
[  215.748106][ T5893] loop2: detected capacity change from 0 to 128
[  215.761632][ T4415] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  215.764011][ T5893] EXT4-fs: Ignoring removed oldalloc option
[  215.819934][ T5893] ext2: Bad value for 'inode_readahead_blks'
[  215.975931][ T4415] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  216.013995][ T4415] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  216.076182][ T4415] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  216.118453][ T4415] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.155864][ T4415] usb 5-1: Product: syz
[  216.176109][ T4415] usb 5-1: Manufacturer: syz
[  216.197242][ T4415] usb 5-1: SerialNumber: syz
[  216.474888][ T4415] usb 5-1: 0:2 : does not exist
[  216.564585][ T5902] loop3: detected capacity change from 0 to 64
[  216.596196][ T4415] usb 5-1: USB disconnect, device number 2
[  216.933304][ T5903] loop2: detected capacity change from 0 to 256
[  216.995907][ T5903] FAT-fs (loop2): Directory bread(block 64) failed
[  217.002957][ T5903] FAT-fs (loop2): Directory bread(block 65) failed
[  217.009617][ T5903] FAT-fs (loop2): Directory bread(block 66) failed
[  217.016363][ T5903] FAT-fs (loop2): Directory bread(block 67) failed
[  217.023089][ T5903] FAT-fs (loop2): Directory bread(block 68) failed
[  217.029660][ T5903] FAT-fs (loop2): Directory bread(block 69) failed
[  217.036348][ T5903] FAT-fs (loop2): Directory bread(block 70) failed
[  217.043229][ T5903] FAT-fs (loop2): Directory bread(block 71) failed
[  217.049885][ T5903] FAT-fs (loop2): Directory bread(block 72) failed
[  217.056521][ T5903] FAT-fs (loop2): Directory bread(block 73) failed
[  217.079636][ T5347] udevd[5347]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  217.121763][ T5903] bio_check_eod: 12 callbacks suppressed
[  217.121782][ T5903] syz.2.499: attempt to access beyond end of device
[  217.121782][ T5903] loop2: rw=2049, sector=1224, nr_sectors = 4 limit=256
[  217.569531][ T4245] udevd[4245]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  219.279981][ T5921] syz.4.507[5921] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  219.280529][ T5921] syz.4.507[5921] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  219.344504][ T5921] loop4: detected capacity change from 0 to 128
[  219.450538][ T5921] EXT4-fs (loop4): Test dummy encryption mode enabled
[  219.531368][ T5921] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  219.545479][ T5921] ext4 filesystem being mounted at /90/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  221.413965][ T5916] loop0: detected capacity change from 0 to 512
[  221.557918][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  221.644189][ T5916] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.506: bg 0: block 288: padding at end of block bitmap is not set
[  221.736836][ T5936] netlink: 12 bytes leftover after parsing attributes in process `syz.3.508'.
[  221.777962][ T5916] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  221.808241][ T5916] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.506: attempt to clear invalid blocks 1024 len 1
[  221.841420][ T5916] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.506: invalid indirect mapped block 1819239214 (level 0)
[  221.856958][ T5940] loop4: detected capacity change from 0 to 24
[  221.876740][ T5940] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  221.898260][ T5916] EXT4-fs (loop0): 1 truncate cleaned up
[  221.914292][ T5940] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  221.931440][ T5916] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  222.077028][ T5937] loop1: detected capacity change from 0 to 8192
[  222.320602][ T5945] netlink: 16 bytes leftover after parsing attributes in process `syz.3.512'.
[  222.345940][ T4252] EXT4-fs (loop0): unmounting filesystem.
[  223.042967][ T5954] netlink: 12 bytes leftover after parsing attributes in process `syz.1.515'.
[  223.677993][ T5955] 9pnet_fd: Insufficient options for proto=fd
[  223.989923][ T5957] loop0: detected capacity change from 0 to 256
[  224.069857][ T5957] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  224.984948][ T5957] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008)
[  228.050970][ T5972] device syzkaller0 entered promiscuous mode
[  228.968443][ T5982] loop0: detected capacity change from 0 to 24
[  228.983261][ T5982] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  228.998173][ T5982] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  229.040463][ T5986] input: syz1 as /devices/virtual/input/input6
[  229.871295][ T5993] loop0: detected capacity change from 0 to 2048
[  230.011669][ T5993]  loop0: p1 < > p3
[  230.018883][ T5993] loop0: p3 size 134217728 extends beyond EOD, truncated
[  230.178201][ T5993] kvm: emulating exchange as write
[  230.360795][ T5347] udevd[5347]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  230.368299][ T4245] udevd[4245]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  230.420199][ T5347] udevd[5347]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  230.436559][ T4245] udevd[4245]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  230.644581][ T5996] loop3: detected capacity change from 0 to 40427
[  230.694581][ T5996] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  230.711462][ T5996] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  230.784386][ T5996] F2FS-fs (loop3): invalid crc value
[  230.877545][ T5996] F2FS-fs (loop3): Found nat_bits in checkpoint
[  231.281543][ T5996] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  231.358567][ T6015] netlink: 12 bytes leftover after parsing attributes in process `syz.1.531'.
[  231.669412][ T5996] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  232.533707][ T6032] loop4: detected capacity change from 0 to 24
[  232.540880][ T6032] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  232.631866][   T26] audit: type=1804 audit(1747195654.031:2): pid=6033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.527" name="/newroot/108/bus/bus" dev="loop3" ino=455 res=1 errno=0
[  232.741469][ T6032] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  233.260457][ T6032] overlayfs: missing 'lowerdir'
[  233.662072][ T4263] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  233.673964][ T4263] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  233.694325][ T4263] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  233.703347][ T4263] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  233.717401][ T4263] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  233.729457][ T4263] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  233.783688][ T6047] loop4: detected capacity change from 0 to 512
[  233.926321][ T6047] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  233.959571][ T6047] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.299871][ T4259] syz-executor (4259) used greatest stack depth: 20776 bytes left
[  234.355884][ T6027] loop1: detected capacity change from 0 to 32768
[  234.708398][ T6027] 
[  234.708398][ T6027]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  234.708398][ T6027] 
[  234.773892][ T4377] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  234.836347][ T4377] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  234.846841][ T6027] 
[  234.846841][ T6027]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  234.846841][ T6027] 
[  234.939221][ T6027] 
[  234.939221][ T6027]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  234.939221][ T6027] 
[  234.962762][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  235.019220][ T6027] 
[  235.019220][ T6027]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.019220][ T6027] 
[  235.030216][ T6027] 
[  235.030216][ T6027]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.030216][ T6027] 
[  235.041813][  T107] 
[  235.041813][  T107]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.041813][  T107] 
[  235.193117][ T4251] 
[  235.193117][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.193117][ T4251] 
[  235.216953][ T6060] netlink: 24 bytes leftover after parsing attributes in process `syz.4.542'.
[  235.235126][ T4251] 
[  235.235126][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.235126][ T4251] 
[  235.440024][ T6041] chnl_net:caif_netlink_parms(): no params data found
[  235.753853][ T6068] netlink: 12 bytes leftover after parsing attributes in process `syz.1.543'.
[  235.823906][ T4257] Bluetooth: hci5: command 0x0409 tx timeout
[  236.752360][ T6041] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.759701][ T6041] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.785063][ T6041] device bridge_slave_0 entered promiscuous mode
[  236.818247][ T6076] device syzkaller0 entered promiscuous mode
[  236.836492][ T6041] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.861378][ T6041] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.884397][ T6041] device bridge_slave_1 entered promiscuous mode
[  236.905814][ T6078] loop3: detected capacity change from 0 to 256
[  236.977501][ T6041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.044738][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.133141][ T6041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.166734][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.212786][ T6041] team0: Port device team_slave_0 added
[  237.221432][ T5235] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  237.248826][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.289712][ T6041] team0: Port device team_slave_1 added
[  237.326709][ T6081] loop4: detected capacity change from 0 to 24
[  237.339455][ T6081] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  237.358856][ T6081] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  237.359925][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.406287][ T6081] overlayfs: missing 'lowerdir'
[  237.420857][ T6041] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.436581][ T5235] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[  237.455195][ T5235] usb 4-1: config 0 has an invalid descriptor of length 45, skipping remainder of the config
[  237.476425][ T6041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.516795][ T5235] usb 4-1: config 0 has no interface number 0
[  237.525304][ T6041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.539120][ T5235] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  237.556317][ T6041] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.564450][ T5235] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.584862][ T6041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.611401][ T5235] usb 4-1: Product: syz
[  237.615601][ T5235] usb 4-1: Manufacturer: syz
[  237.620459][ T5235] usb 4-1: SerialNumber: syz
[  237.627718][ T5235] usb 4-1: config 0 descriptor??
[  237.633633][ T6041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  237.901374][ T4263] Bluetooth: hci5: command 0x041b tx timeout
[  237.908716][ T6089] loop4: detected capacity change from 0 to 512
[  237.934481][ T6041] device hsr_slave_0 entered promiscuous mode
[  237.952449][ T6089] EXT4-fs: Ignoring removed mblk_io_submit option
[  237.959210][ T6089] EXT4-fs: Ignoring removed mblk_io_submit option
[  237.966368][ T6041] device hsr_slave_1 entered promiscuous mode
[  237.978437][ T6089] EXT4-fs: Mount option(s) incompatible with ext2
[  238.002352][ T6041] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.021713][ T6041] Cannot create hsr debugfs directory
[  238.073169][ T6093] netlink: 24 bytes leftover after parsing attributes in process `syz.0.553'.
[  238.212125][ T5235] usb 4-1: Found UVC 0.00 device syz (046d:0823)
[  238.219049][ T5235] usb 4-1: No valid video chain found.
[  238.809300][   T26] audit: type=1326 audit(1747195660.211:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6077 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b1a78e969 code=0x7ffc0000
[  238.894080][   T26] audit: type=1326 audit(1747195660.211:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6077 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b1a78e969 code=0x7ffc0000
[  238.916579][   T26] audit: type=1326 audit(1747195660.241:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6077 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1b1a78e969 code=0x7ffc0000
[  239.053961][   T26] audit: type=1326 audit(1747195660.241:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6077 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b1a78e969 code=0x7ffc0000
[  239.106334][ T6100] netlink: 12 bytes leftover after parsing attributes in process `syz.4.555'.
[  239.176898][   T26] audit: type=1326 audit(1747195660.241:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6077 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b1a78e969 code=0x7ffc0000
[  239.311074][   T26] audit: type=1326 audit(1747195660.241:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6077 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f1b1a78e969 code=0x7ffc0000
[  239.529537][ T6107] device syzkaller0 entered promiscuous mode
[  239.783096][   T26] audit: type=1326 audit(1747195661.191:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6077 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b1a78e969 code=0x7ffc0000
[  239.891372][   T26] audit: type=1326 audit(1747195661.191:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6077 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b1a78e969 code=0x7ffc0000
[  239.929029][ T6091] loop1: detected capacity change from 0 to 32768
[  239.976824][ T6091] 
[  239.976824][ T6091]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  239.976824][ T6091] 
[  239.987981][ T4263] Bluetooth: hci5: command 0x040f tx timeout
[  240.051270][ T6091] 
[  240.051270][ T6091]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  240.051270][ T6091] 
[  240.102808][ T6091] 
[  240.102808][ T6091]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  240.102808][ T6091] 
[  240.120559][ T6121] netlink: 32 bytes leftover after parsing attributes in process `syz.1.552'.
[  240.163006][ T6091] 
[  240.163006][ T6091]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  240.163006][ T6091] 
[  240.238279][ T6041] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  240.264278][ T6091] 
[  240.264278][ T6091]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  240.264278][ T6091] 
[  240.277804][  T106] 
[  240.277804][  T106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  240.277804][  T106] 
[  240.430381][ T6124] loop4: detected capacity change from 0 to 256
[  240.443638][ T6124] exfat: Unknown parameter 'iochar'
[  242.065663][ T4245] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  242.075465][ T4263] Bluetooth: hci5: command 0x0419 tx timeout
[  242.093360][ T4251] 
[  242.093360][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  242.093360][ T4251] 
[  242.358797][ T4251] 
[  242.358797][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  242.358797][ T4251] 
[  242.768840][ T4253] usb 4-1: USB disconnect, device number 3
[  242.895887][ T6041] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  242.914169][ T6127] netlink: 9 bytes leftover after parsing attributes in process `syz.4.558'.
[  242.925251][ T6127] device gretap0 entered promiscuous mode
[  242.934209][ T6128] netlink: 5 bytes leftover after parsing attributes in process `syz.4.558'.
[  242.943293][ T6128] 0ªX¹¦D: renamed from gretap0
[  242.949990][ T6128] device 
30ªX¹¦D left promiscuous mode
[  242.957519][ T6128] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  243.056437][ T6132] overlayfs: missing 'lowerdir'
[  243.439157][ T6041] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  243.469532][ T6041] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  244.508409][ T6156] netlink: 12 bytes leftover after parsing attributes in process `syz.4.565'.
[  244.705314][ T6161] netlink: 24 bytes leftover after parsing attributes in process `syz.3.564'.
[  245.467493][ T6176] loop4: detected capacity change from 0 to 512
[  245.700374][ T6041] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.043259][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  246.092460][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  246.229679][ T6041] 8021q: adding VLAN 0 to HW filter on device team0
[  246.429519][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  246.490637][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  246.608771][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.616016][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.830382][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  246.945041][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  247.115759][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  247.154130][ T6176] EXT4-fs (loop4): 1 truncate cleaned up
[  247.159911][ T6176] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  247.928234][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.936751][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.095748][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  248.109522][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  248.472943][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  248.521455][   T11] device hsr_slave_0 left promiscuous mode
[  248.558473][   T11] device hsr_slave_1 left promiscuous mode
[  248.614664][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  248.693100][ T6193] loop4: detected capacity change from 0 to 24
[  248.717201][ T6193] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  248.761283][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  248.796159][ T6193] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  248.836541][ T6193] overlayfs: missing 'lowerdir'
[  248.853766][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  249.383457][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  249.591716][   T11] device bridge_slave_1 left promiscuous mode
[  249.639020][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.733552][   T11] device bridge_slave_0 left promiscuous mode
[  249.739830][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.060947][   T11] device veth1_macvtap left promiscuous mode
[  250.326526][   T11] device veth0_macvtap left promiscuous mode
[  250.448113][   T11] device veth1_vlan left promiscuous mode
[  250.566894][   T11] device veth0_vlan left promiscuous mode
[  251.561417][ T6226] input: syz1 as /devices/virtual/input/input7
[  251.667322][ T6227] loop4: detected capacity change from 0 to 512
[  251.750314][ T6227] EXT4-fs: Ignoring removed bh option
[  251.799576][ T6227] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  251.831999][ T6227] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.581: invalid indirect mapped block 2683928664 (level 1)
[  251.899028][ T6217] loop1: detected capacity change from 0 to 32768
[  251.915712][ T6227] EXT4-fs (loop4): Remounting filesystem read-only
[  251.926231][ T6217] 
[  251.926231][ T6217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.926231][ T6217] 
[  251.964425][ T6227] EXT4-fs (loop4): 1 truncate cleaned up
[  251.972870][ T6217] 
[  251.972870][ T6217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.972870][ T6217] 
[  251.986570][ T6227] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  251.994724][ T6217] 
[  251.994724][ T6217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.994724][ T6217] 
[  252.044741][   T26] audit: type=1800 audit(1747195673.451:11): pid=6227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.581" name="file0" dev="loop4" ino=13 res=0 errno=0
[  252.062748][ T6227] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.581: invalid indirect mapped block 480848489 (level 1)
[  252.093219][ T6217] 
[  252.093219][ T6217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  252.093219][ T6217] 
[  252.105694][ T6227] EXT4-fs (loop4): Remounting filesystem read-only
[  252.141547][ T6227] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.581: invalid indirect mapped block 512 (level 0)
[  252.278014][ T6217] 
[  252.278014][ T6217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  252.278014][ T6217] 
[  252.448216][ T6227] EXT4-fs (loop4): Remounting filesystem read-only
[  252.602181][  T107] 
[  252.602181][  T107]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  252.602181][  T107] 
[  253.295563][ T4251] 
[  253.295563][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  253.295563][ T4251] 
[  253.331337][ T4251] 
[  253.331337][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  253.331337][ T4251] 
[  253.357444][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  253.619602][ T6236] loop1: detected capacity change from 0 to 24
[  253.692985][ T6236] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  253.747697][ T6236] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  253.816614][ T6236] overlayfs: missing 'lowerdir'
[  255.584453][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  255.590808][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  255.718190][   T11] team0 (unregistering): Port device team_slave_1 removed
[  255.748292][ T6260] loop4: detected capacity change from 0 to 512
[  255.776980][ T6260] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  255.839402][ T6260] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.591: corrupted inode contents
[  255.868206][ T6260] EXT4-fs error (device loop4): ext4_dirty_inode:6118: inode #16: comm syz.4.591: mark_inode_dirty error
[  255.891796][ T6260] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.591: corrupted inode contents
[  255.905336][   T11] team0 (unregistering): Port device team_slave_0 removed
[  255.938951][ T6260] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.591: mark_inode_dirty error
[  255.977455][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  255.986425][ T6260] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.591: corrupted inode contents
[  256.023839][ T6260] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  256.047069][ T6260] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.591: corrupted inode contents
[  256.060288][ T6260] EXT4-fs error (device loop4): ext4_truncate:4312: inode #16: comm syz.4.591: mark_inode_dirty error
[  256.079213][ T6260] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  256.104129][ T6260] EXT4-fs (loop4): 1 truncate cleaned up
[  256.109856][ T6260] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  256.121777][ T6260] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.134197][   T32] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  256.164810][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  256.181665][   T32] EXT4-fs error (device loop4): ext4_release_dquot:6838: comm kworker/u4:2: Failed to release dquot type 1
[  256.304593][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  256.824455][ T6266] loop1: detected capacity change from 0 to 32768
[  256.914608][ T6266] 
[  256.914608][ T6266]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  256.914608][ T6266] 
[  257.458325][ T6266] 
[  257.458325][ T6266]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  257.458325][ T6266] 
[  258.072806][ T6266] 
[  258.072806][ T6266]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  258.072806][ T6266] 
[  258.094393][ T6266] 
[  258.094393][ T6266]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  258.094393][ T6266] 
[  258.117383][ T6266] 
[  258.117383][ T6266]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  258.117383][ T6266] 
[  258.236555][ T4251] 
[  258.236555][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  258.236555][ T4251] 
[  258.272243][  T106] 
[  258.272243][  T106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  258.272243][  T106] 
[  258.312342][ T4251] 
[  258.312342][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  258.312342][ T4251] 
[  258.956519][ T6279] loop1: detected capacity change from 0 to 24
[  259.022865][ T6279] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  259.060968][ T6279] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  259.140730][ T6279] overlayfs: missing 'lowerdir'
[  259.474712][   T11] bond0 (unregistering): Released all slaves
[  260.435198][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  260.468211][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  260.477443][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  260.486690][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  260.495846][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  260.512062][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  260.613736][ T6299] loop1: detected capacity change from 0 to 512
[  260.815767][ T6299] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  260.825350][ T6299] ext4 filesystem being mounted at /139/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  261.505622][ T6041] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  261.617359][ T6041] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  262.055801][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  262.107780][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  262.185560][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  262.733855][ T6315] netlink: 68 bytes leftover after parsing attributes in process `syz.4.607'.
[  263.163434][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  263.530126][ T6326] loop4: detected capacity change from 0 to 24
[  263.565822][ T6326] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  263.639901][ T6326] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  263.689401][ T6326] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  263.746145][ T6326] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  263.802433][ T6333] netlink: 608 bytes leftover after parsing attributes in process `syz.1.611'.
[  263.854436][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  263.880679][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  263.902473][ T6041] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.845584][ T6351] loop1: detected capacity change from 0 to 256
[  265.852805][ T6351] exfat: Unknown parameter 'iochar'
[  268.280315][ T6351] netlink: 9 bytes leftover after parsing attributes in process `syz.1.613'.
[  268.318856][ T4245] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  269.125172][ T6351] device gretap0 entered promiscuous mode
[  269.141605][ T6354] netlink: 5 bytes leftover after parsing attributes in process `syz.1.613'.
[  269.150547][ T6354] 0ªX¹¦D: renamed from gretap0
[  269.236754][ T6354] device 
30ªX¹¦D left promiscuous mode
[  269.244220][ T6354] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  269.720461][ T6366] loop3: detected capacity change from 0 to 512
[  269.759824][ T6366] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  269.928678][ T6366] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  269.928798][ T6366] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.085081][ T6366] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  270.188917][ T6366] Quota error (device loop3): write_blk: dquota write failed
[  270.237842][ T6366] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  270.260034][ T6366] EXT4-fs error (device loop3): ext4_acquire_dquot:6802: comm syz.3.616: Failed to acquire dquot type 0
[  270.754631][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  271.315914][ T6387] loop3: detected capacity change from 0 to 24
[  271.360958][ T6387] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  271.404951][ T6387] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  271.473240][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  271.474523][ T6387] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  271.510878][ T6387] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  271.520803][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  271.619840][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  271.673435][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  271.723222][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  271.786868][ T6391] netlink: 608 bytes leftover after parsing attributes in process `syz.0.622'.
[  271.789014][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  271.873692][ T6041] device veth0_vlan entered promiscuous mode
[  271.933635][ T6041] device veth1_vlan entered promiscuous mode
[  272.195853][ T6041] device veth0_macvtap entered promiscuous mode
[  273.085432][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  273.113350][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  273.132152][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  273.173437][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  273.207872][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  273.235301][ T6041] device veth1_macvtap entered promiscuous mode
[  273.269822][ T6406] netlink: 12 bytes leftover after parsing attributes in process `syz.0.626'.
[  273.319644][ T6041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.383968][ T6041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.415127][ T6041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.459603][ T6041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.505274][ T6041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.545405][ T6041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.567050][ T6041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.614533][ T6041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.653181][ T6041] batman_adv: batadv0: Interface activated: batadv_slave_0
[  273.701488][ T6041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.875833][ T6041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.915400][ T6041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.981399][ T6041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.992450][ T6041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  274.003283][ T6041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.024121][ T6041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  274.045234][ T6041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.087605][ T6041] batman_adv: batadv0: Interface activated: batadv_slave_1
[  274.187761][ T6041] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.271342][ T6041] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.310037][ T6426] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  274.328158][ T6041] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.404487][ T6041] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.518632][ T6431] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  274.603207][ T6431] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  274.636721][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  274.645801][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  274.654871][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  274.671019][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  274.922716][ T6439] netlink: 608 bytes leftover after parsing attributes in process `syz.0.634'.
[  274.956859][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.986793][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.038585][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  275.055409][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.074631][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.120302][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  276.941383][ T6453] netlink: 24 bytes leftover after parsing attributes in process `syz.1.637'.
[  277.203825][ T6453] loop1: detected capacity change from 0 to 16
[  277.933236][ T6453] erofs: (device loop1): mounted with root inode @ nid 36.
[  280.699940][ T6472] loop4: detected capacity change from 0 to 24
[  280.756163][ T6472] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  280.794826][ T6472] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  282.095331][ T6472] overlayfs: missing 'lowerdir'
[  283.697256][ T6492] netlink: 12 bytes leftover after parsing attributes in process `syz.4.646'.
[  285.011348][ T6507] netlink: 16 bytes leftover after parsing attributes in process `syz.3.649'.
[  285.020389][ T6507] netlink: 72 bytes leftover after parsing attributes in process `syz.3.649'.
[  285.927612][ T6511] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  285.945329][ T6511] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.955071][ T6511] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.241361][ T4413] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  290.486763][ T6533] overlayfs: missing 'lowerdir'
[  291.540470][ T6546] netlink: 12 bytes leftover after parsing attributes in process `syz.4.658'.
[  293.048031][ T4413] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  295.259663][ T4413] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.279379][ T6571] loop5: detected capacity change from 0 to 512
[  295.296012][ T4413] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.331183][ T4413] usb 1-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  295.350555][ T6571] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  295.377931][ T4413] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.421015][ T4413] usb 1-1: config 0 descriptor??
[  295.463979][ T6571] EXT4-fs (loop5): 1 truncate cleaned up
[  295.470015][ T6571] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  295.555423][ T6581] syz.4.669 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  295.564924][   T26] audit: type=1800 audit(1747195716.931:12): pid=6571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.665" name="file1" dev="loop5" ino=15 res=0 errno=0
[  295.593156][   T26] audit: type=1800 audit(1747195716.931:13): pid=6571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.665" name="file1" dev="loop5" ino=15 res=0 errno=0
[  295.602554][ T6571] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.665: corrupted in-inode xattr
[  295.756928][ T6591] netlink: 'syz.3.668': attribute type 6 has an invalid length.
[  296.335870][ T6571] EXT4-fs (loop5): Remounting filesystem read-only
[  296.376313][ T6571] EXT4-fs warning (device loop5): ext4_xattr_set_entry:1732: inode #15: comm syz.5.665: unable to update i_inline_off
[  296.440428][ T6571] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  296.499129][ T4413] uclogic 0003:5543:0522.0002: No inputs registered, leaving
[  296.579035][ T4413] uclogic 0003:5543:0522.0002: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.0-1/input0
[  296.582066][ T6593] loop4: detected capacity change from 0 to 256
[  296.705942][ T6041] EXT4-fs (loop5): unmounting filesystem.
[  296.714780][ T6599] loop3: detected capacity change from 0 to 24
[  296.729521][   T14] usb 1-1: USB disconnect, device number 3
[  296.782156][ T6599] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  296.829955][ T6599] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  296.915211][ T6599] overlayfs: missing 'lowerdir'
[  297.443567][ T6600] fido_id[6600]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  297.885297][ T6607] loop5: detected capacity change from 0 to 512
[  297.967353][ T6618] netlink: 608 bytes leftover after parsing attributes in process `syz.4.675'.
[  298.552658][ T6628] loop4: detected capacity change from 0 to 256
[  300.663663][ T6607] fscrypt: Error allocating hmac(sha512): -2
[  303.181539][   T14] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  303.309629][ T6669] netlink: 556 bytes leftover after parsing attributes in process `syz.0.688'.
[  303.390356][   T26] audit: type=1326 audit(1747195724.791:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6665 comm="syz.5.684" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f52ced8e969 code=0x0
[  304.701180][   T14] usb 4-1: Using ep0 maxpacket: 16
[  304.708163][   T14] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  304.726240][ T6682] netlink: 32 bytes leftover after parsing attributes in process `syz.0.691'.
[  304.752534][   T14] usb 4-1: config 0 has no interface number 0
[  304.774019][   T14] usb 4-1: config 0 interface 8 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  304.806571][   T14] usb 4-1: config 0 interface 8 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  304.856725][   T14] usb 4-1: config 0 interface 8 has no altsetting 0
[  304.889800][   T14] usb 4-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  304.949660][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.015721][   T14] usb 4-1: config 0 descriptor??
[  306.198868][   T14] uclogic 0003:5543:0522.0003: unknown main item tag 0x0
[  306.218412][   T14] uclogic 0003:5543:0522.0003: unknown main item tag 0x0
[  306.227452][   T14] uclogic 0003:5543:0522.0003: unknown main item tag 0x0
[  306.234963][   T14] uclogic 0003:5543:0522.0003: unknown main item tag 0x0
[  306.242776][   T14] uclogic 0003:5543:0522.0003: unknown main item tag 0x0
[  306.250583][   T14] uclogic 0003:5543:0522.0003: No inputs registered, leaving
[  306.260341][   T14] uclogic 0003:5543:0522.0003: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.3-1/input8
[  306.362495][ T4413] usb 4-1: USB disconnect, device number 4
[  307.291062][ T6699] fido_id[6699]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  308.724214][ T6723] loop4: detected capacity change from 0 to 24
[  308.775699][ T6723] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  308.807430][ T6723] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  308.924221][ T6723] overlayfs: missing 'workdir'
[  309.231671][ T6730] netlink: 16 bytes leftover after parsing attributes in process `syz.1.704'.
[  309.559440][ T6718] loop5: detected capacity change from 0 to 32768
[  309.625223][ T6718] 
[  309.625223][ T6718]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  309.625223][ T6718] 
[  309.679311][ T6718] 
[  309.679311][ T6718]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  309.679311][ T6718] 
[  309.712396][ T6718] 
[  309.712396][ T6718]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  309.712396][ T6718] 
[  309.732845][ T6718] 
[  309.732845][ T6718]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  309.732845][ T6718] 
[  309.934970][ T6718] 
[  309.934970][ T6718]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  309.934970][ T6718] 
[  309.980243][ T6746] loop3: detected capacity change from 0 to 4096
[  309.988552][  T106] 
[  309.988552][  T106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  309.988552][  T106] 
[  310.087805][ T6041] 
[  310.087805][ T6041]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  310.087805][ T6041] 
[  310.134324][ T6746] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  310.134429][ T6041] 
[  310.134429][ T6041]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  310.134429][ T6041] 
[  310.181377][  T126] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  310.284898][ T6761] netlink: 556 bytes leftover after parsing attributes in process `syz.4.713'.
[  310.345564][ T6746] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #15: comm syz.3.710: corrupted inode contents
[  310.371166][  T126] usb 1-1: Using ep0 maxpacket: 8
[  310.385366][  T126] usb 1-1: config 0 has an invalid interface number: 151 but max is 1
[  310.441525][  T126] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  310.480809][ T6746] EXT4-fs error (device loop3): ext4_dirty_inode:6118: inode #15: comm syz.3.710: mark_inode_dirty error
[  310.510255][  T126] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  310.567375][ T6746] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #15: comm syz.3.710: corrupted inode contents
[  310.589807][  T126] usb 1-1: config 0 has no interface number 0
[  310.699653][ T6746] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.710: mark_inode_dirty error
[  310.787313][ T6746] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #15: comm syz.3.710: corrupted inode contents
[  310.800964][ T6746] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.710: mark_inode_dirty error
[  310.801336][  T126] usb 1-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7
[  310.822181][ T6746] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #15: comm syz.3.710: corrupted inode contents
[  310.828580][ T6767] device syzkaller0 entered promiscuous mode
[  310.859886][ T6746] EXT4-fs error (device loop3): ext4_truncate:4312: inode #15: comm syz.3.710: mark_inode_dirty error
[  310.875732][  T126] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.026056][  T126] usb 1-1: Product: syz
[  311.098209][ T6746] EXT4-fs error (device loop3) in ext4_setattr:5657: Corrupt filesystem
[  311.145349][  T126] usb 1-1: Manufacturer: syz
[  311.257820][  T126] usb 1-1: SerialNumber: syz
[  311.412595][ T6759] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #15: comm syz.3.710: corrupted inode contents
[  311.535572][  T126] usb 1-1: config 0 descriptor??
[  311.760990][  T126] snd-usb-audio: probe of 1-1:0.151 failed with error -2
[  311.891045][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  311.958593][ T4365] udevd[4365]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.151/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  312.401022][ T6783] overlayfs: missing 'workdir'
[  312.731976][   T14] usb 1-1: USB disconnect, device number 4
[  312.977000][ T6794] netlink: 'syz.5.718': attribute type 6 has an invalid length.
[  314.012558][ T6801] netlink: 16 bytes leftover after parsing attributes in process `syz.3.721'.
[  315.290909][ T6816] device syzkaller0 entered promiscuous mode
[  315.488996][ T6803] loop5: detected capacity change from 0 to 32768
[  315.702198][ T6803] 
[  315.702198][ T6803]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  315.702198][ T6803] 
[  316.048357][ T6823] 
[  316.048357][ T6823]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.048357][ T6823] 
[  316.265957][ T6823] 
[  316.265957][ T6823]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.265957][ T6823] 
[  316.309699][ T4413] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  316.327817][ T6823] 
[  316.327817][ T6823]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.327817][ T6823] 
[  316.338503][ T6823] 
[  316.338503][ T6823]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.338503][ T6823] 
[  316.349685][  T106] 
[  316.349685][  T106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.349685][  T106] 
[  316.462190][ T6041] 
[  316.462190][ T6041]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.462190][ T6041] 
[  316.545102][ T6041] 
[  316.545102][ T6041]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.545102][ T6041] 
[  316.632312][ T6834] loop3: detected capacity change from 0 to 24
[  316.704793][ T6834] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  316.764387][ T6834] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  316.861977][ T6834] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  316.906019][ T4413] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  317.012978][ T4413] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  317.025831][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  317.032208][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  317.041819][ T4413] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  317.052280][ T4413] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.072166][ T4413] usb 1-1: config 0 descriptor??
[  317.869321][ T6851] netlink: 'syz.1.734': attribute type 6 has an invalid length.
[  317.923592][ T6852] netlink: 16 bytes leftover after parsing attributes in process `syz.3.735'.
[  318.703635][   T14] usb 1-1: USB disconnect, device number 5
[  319.866920][ T6875] input: syz1 as /devices/virtual/input/input9
[  321.498519][ T6887] loop5: detected capacity change from 0 to 24
[  321.540183][ T6887] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  321.561646][ T6887] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  321.633802][ T6887] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  322.042468][ T6869] netlink: 40 bytes leftover after parsing attributes in process `syz.0.740'.
[  322.422739][ T6908] netlink: 'syz.4.747': attribute type 6 has an invalid length.
[  322.496614][ T6904] netlink: 16 bytes leftover after parsing attributes in process `syz.3.748'.
[  324.665314][ T6923] input: syz1 as /devices/virtual/input/input10
[  324.901601][ T6916] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  324.911227][ T6916] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  324.918733][ T6916] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  325.391344][ T4413] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  326.807384][ T6935] loop3: detected capacity change from 0 to 512
[  327.793917][ T4245] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  327.844962][ T4413] usb 6-1: device descriptor read/all, error -71
[  327.935073][ T6942] loop4: detected capacity change from 0 to 24
[  328.025735][ T6942] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  328.116516][ T6942] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  328.183785][ T6942] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  328.279219][ T6953] netlink: 'syz.0.761': attribute type 6 has an invalid length.
[  328.526563][ T6956] netlink: 16 bytes leftover after parsing attributes in process `syz.3.760'.
[  328.922826][ T6978] loop4: detected capacity change from 0 to 512
[  328.944205][ T6978] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  329.010553][ T6978] EXT4-fs (loop4): 1 truncate cleaned up
[  329.042336][ T6978] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  329.220800][   T26] audit: type=1800 audit(1747195750.621:15): pid=6978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.766" name="file1" dev="loop4" ino=15 res=0 errno=0
[  329.277670][ T6959] loop5: detected capacity change from 0 to 32768
[  329.395887][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  329.402777][ T6959] 
[  329.402777][ T6959]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  329.402777][ T6959] 
[  329.493622][ T6959] 
[  329.493622][ T6959]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  329.493622][ T6959] 
[  329.939629][ T6988] netlink: 40 bytes leftover after parsing attributes in process `syz.5.762'.
[  329.948633][ T6959] 
[  329.948633][ T6959]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  329.948633][ T6959] 
[  330.005732][ T6959] 
[  330.005732][ T6959]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  330.005732][ T6959] 
[  330.017288][ T6959] 
[  330.017288][ T6959]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  330.017288][ T6959] 
[  330.028784][  T106] 
[  330.028784][  T106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  330.028784][  T106] 
[  330.439365][ T6041] 
[  330.439365][ T6041]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  330.439365][ T6041] 
[  330.497027][ T6041] 
[  330.497027][ T6041]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  330.497027][ T6041] 
[  331.446311][ T4305] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  331.695650][ T4305] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  331.740252][ T7017] loop5: detected capacity change from 0 to 24
[  331.777849][ T4305] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  331.799117][ T7017] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  331.811727][ T7017] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  331.838347][ T4305] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  331.845381][ T7017] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  331.870510][ T4305] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.888794][ T7021] netlink: 'syz.1.776': attribute type 6 has an invalid length.
[  331.952442][ T4305] usb 5-1: config 0 descriptor??
[  332.401263][ T4410] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  332.471672][ T7041] netlink: 16 bytes leftover after parsing attributes in process `syz.5.778'.
[  332.611247][ T4410] usb 4-1: Using ep0 maxpacket: 8
[  332.622078][ T4410] usb 4-1: config 0 has an invalid interface number: 151 but max is 1
[  332.657817][ T4410] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  332.695657][ T4410] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  332.723757][ T4410] usb 4-1: config 0 has no interface number 0
[  332.747154][ T4410] usb 4-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7
[  332.777970][ T4410] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.810343][ T4410] usb 4-1: Product: syz
[  332.827337][ T4410] usb 4-1: Manufacturer: syz
[  332.849007][ T4410] usb 4-1: SerialNumber: syz
[  332.883123][ T4410] usb 4-1: config 0 descriptor??
[  332.976169][ T4410] snd-usb-audio: probe of 4-1:0.151 failed with error -2
[  333.009350][ T4245] udevd[4245]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.151/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  333.290935][ T4305] usb 4-1: USB disconnect, device number 5
[  333.480016][  T126] usb 5-1: USB disconnect, device number 3
[  334.464433][ T7071] netlink: 'syz.1.789': attribute type 6 has an invalid length.
[  334.586407][ T7074] loop5: detected capacity change from 0 to 24
[  334.650251][ T7075] loop3: detected capacity change from 0 to 1024
[  334.662003][ T7074] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  334.685980][ T5235] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  334.694910][ T5235] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  334.736390][ T7074] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  334.812525][ T7074] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  334.880224][ T7075] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  334.972618][ T7084] netlink: 16 bytes leftover after parsing attributes in process `syz.1.790'.
[  335.083637][ T7056] loop4: detected capacity change from 0 to 32768
[  335.102332][ T7056] 
[  335.102332][ T7056]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  335.102332][ T7056] 
[  335.148720][ T7079] fido_id[7079]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  335.167698][ T7056] 
[  335.167698][ T7056]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  335.167698][ T7056] 
[  335.174780][ T7086] loop5: detected capacity change from 0 to 512
[  335.198070][ T7056] 
[  335.198070][ T7056]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  335.198070][ T7056] 
[  335.210358][ T7056] 
[  335.210358][ T7056]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  335.210358][ T7056] 
[  335.242056][ T7086] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  335.256602][ T7087] netlink: 32 bytes leftover after parsing attributes in process `syz.4.782'.
[  335.273821][ T7056] 
[  335.273821][ T7056]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  335.273821][ T7056] 
[  335.287403][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  335.299045][ T7086] EXT4-fs (loop5): 1 truncate cleaned up
[  335.343957][  T107] 
[  335.343957][  T107]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  335.343957][  T107] 
[  335.374228][ T7086] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  335.591632][ T4266] 
[  335.591632][ T4266]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  335.591632][ T4266] 
[  335.616949][ T4266] 
[  335.616949][ T4266]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  335.616949][ T4266] 
[  335.682893][ T6041] EXT4-fs (loop5): unmounting filesystem.
[  335.961489][ T5235] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  336.096421][ T7107] loop1: detected capacity change from 0 to 1024
[  336.188057][ T5235] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  336.226595][ T5235] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  336.271319][ T5235] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  336.471147][ T5235] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.483224][ T5235] usb 1-1: config 0 descriptor??
[  337.844580][ T7132] loop3: detected capacity change from 0 to 24
[  337.873382][ T7132] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  337.893739][ T7132] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  337.952681][ T7132] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  338.590142][ T4253] usb 1-1: USB disconnect, device number 6
[  338.897122][ T7139] loop1: detected capacity change from 0 to 32768
[  338.932605][ T7139] 
[  338.932605][ T7139]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  338.932605][ T7139] 
[  338.964687][ T7143] netlink: 16 bytes leftover after parsing attributes in process `syz.0.805'.
[  338.974770][ T7139] 
[  338.974770][ T7139]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  338.974770][ T7139] 
[  338.985553][ T7139] 
[  338.985553][ T7139]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  338.985553][ T7139] 
[  338.997509][ T7139] 
[  338.997509][ T7139]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  338.997509][ T7139] 
[  339.009372][ T7139] 
[  339.009372][ T7139]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  339.009372][ T7139] 
[  339.037143][ T7144] netlink: 32 bytes leftover after parsing attributes in process `syz.1.804'.
[  339.046982][  T107] 
[  339.046982][  T107]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  339.046982][  T107] 
[  339.101030][ T7146] loop5: detected capacity change from 0 to 256
[  339.332016][ T4251] 
[  339.332016][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  339.332016][ T4251] 
[  339.348895][ T4251] 
[  339.348895][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  339.348895][ T4251] 
[  339.794978][ T7159] loop5: detected capacity change from 0 to 24
[  339.862465][ T7159] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  339.918977][ T7159] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  340.002261][ T7159] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  340.545440][ T7180] netlink: 'syz.3.817': attribute type 72 has an invalid length.
[  340.741240][    T7] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  340.781884][ T7182] loop5: detected capacity change from 0 to 256
[  340.933462][    T7] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  340.971205][    T7] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  341.031667][    T7] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  341.040797][    T7] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.086726][    T7] usb 5-1: config 0 descriptor??
[  341.655222][ T7188] loop3: detected capacity change from 0 to 32768
[  341.694091][ T7188] 
[  341.694091][ T7188]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.694091][ T7188] 
[  341.733562][ T7188] 
[  341.733562][ T7188]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.733562][ T7188] 
[  341.781866][ T7188] 
[  341.781866][ T7188]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.781866][ T7188] 
[  341.809942][ T7199] netlink: 32 bytes leftover after parsing attributes in process `syz.3.820'.
[  341.815752][ T7188] 
[  341.815752][ T7188]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.815752][ T7188] 
[  341.862031][ T7188] 
[  341.862031][ T7188]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.862031][ T7188] 
[  341.902383][  T106] 
[  341.902383][  T106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.902383][  T106] 
[  341.999908][ T4260] 
[  341.999908][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.999908][ T4260] 
[  342.026415][ T4260] 
[  342.026415][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  342.026415][ T4260] 
[  342.620569][ T7212] netlink: 16 bytes leftover after parsing attributes in process `syz.1.823'.
[  343.039608][ T7224] loop3: detected capacity change from 0 to 24
[  343.311931][ T7224] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  343.319198][ T7224] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  343.803414][ T4410] usb 5-1: USB disconnect, device number 4
[  343.805702][ T7224] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  344.043691][ T7234] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.829'.
[  344.639682][ T7246] loop4: detected capacity change from 0 to 256
[  346.813621][ T7272] netlink: 'syz.1.837': attribute type 3 has an invalid length.
[  346.821463][ T7272] netlink: 12 bytes leftover after parsing attributes in process `syz.1.837'.
[  346.936068][ T7275] netlink: 12 bytes leftover after parsing attributes in process `syz.5.836'.
[  346.957504][ T7279] overlayfs: failed to resolve './file0': -2
[  347.087770][ T7282] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.840'.
[  347.191957][ T4413] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  347.553514][ T4413] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  347.650230][ T7293] loop1: detected capacity change from 0 to 256
[  347.893432][ T4413] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  347.902685][ T4413] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  347.911834][ T4413] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.924579][ T4413] usb 5-1: config 0 descriptor??
[  349.539979][ T7316] overlayfs: failed to resolve './file0': -2
[  349.977846][ T4253] usb 5-1: USB disconnect, device number 5
[  350.188411][ T7323] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.851'.
[  350.370706][ T7330] netlink: 28 bytes leftover after parsing attributes in process `syz.5.853'.
[  350.732620][ T7336] netlink: 'syz.0.854': attribute type 3 has an invalid length.
[  350.740341][ T7336] netlink: 12 bytes leftover after parsing attributes in process `syz.0.854'.
[  352.259946][ T7367] loop4: detected capacity change from 0 to 24
[  352.267070][ T7367] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  352.281207][ T7367] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  352.305384][ T7367] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  352.704854][ T7384] netlink: 40 bytes leftover after parsing attributes in process `syz.1.865'.
[  352.745270][ T7376] netlink: 12 bytes leftover after parsing attributes in process `syz.0.863'.
[  352.786940][ T7376] kvm: pic: single mode not supported
[  352.787082][ T7376] kvm: pic: level sensitive irq not supported
[  352.863980][ T5235] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  352.983578][ T7387] netlink: 'syz.3.866': attribute type 3 has an invalid length.
[  352.991352][ T7387] netlink: 12 bytes leftover after parsing attributes in process `syz.3.866'.
[  353.133846][ T5235] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  353.166277][ T5235] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  353.206774][ T5235] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  353.249922][ T5235] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.336187][ T5235] usb 6-1: config 0 descriptor??
[  354.107731][ T7411] loop1: detected capacity change from 0 to 24
[  354.119330][ T7411] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  354.133262][ T7411] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  354.148492][ T7411] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  354.172617][ T7413] loop4: detected capacity change from 0 to 512
[  354.665426][ T7413] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  354.684769][ T7413] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.588516][   T26] audit: type=1800 audit(1747195776.971:16): pid=7423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.875" name="file2" dev="loop4" ino=16 res=0 errno=0
[  355.630786][ T4413] usb 6-1: USB disconnect, device number 4
[  356.769927][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  359.631828][ T5022] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  360.043899][ T5022] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  360.069274][ T5022] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  360.095410][ T5022] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  360.299601][ T5022] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.323426][ T5022] usb 6-1: config 0 descriptor??
[  360.407252][ T7501] netlink: 'syz.3.900': attribute type 6 has an invalid length.
[  360.461195][ T4257] Bluetooth: hci5: command 0x0406 tx timeout
[  362.357395][    T7] usb 6-1: USB disconnect, device number 5
[  364.777510][ T7548] netlink: 'syz.4.912': attribute type 6 has an invalid length.
[  366.425204][ T7561] netlink: 40 bytes leftover after parsing attributes in process `syz.1.917'.
[  370.331524][ T7597] 9pnet_fd: Insufficient options for proto=fd
[  371.045528][ T7599] loop5: detected capacity change from 0 to 256
[  371.194082][ T7599] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  372.189650][ T7615] netlink: 40 bytes leftover after parsing attributes in process `syz.4.932'.
[  372.514070][ T7626] netlink: 620 bytes leftover after parsing attributes in process `syz.5.937'.
[  374.578730][   T26] audit: type=1326 audit(1747195795.091:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.939" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f52ced8e969 code=0x0
[  375.951461][ T7660] netlink: 'syz.0.942': attribute type 6 has an invalid length.
[  376.482657][ T7665] 9pnet_fd: Insufficient options for proto=fd
[  376.495480][ T7665] loop3: detected capacity change from 0 to 256
[  376.583213][ T7665] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  376.674062][ T7665] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008)
[  377.356884][ T7670] loop5: detected capacity change from 0 to 16
[  377.503353][ T7670] erofs: (device loop5): mounted with root inode @ nid 36.
[  377.747573][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 86 @ nid 36
[  377.757475][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 84 @ nid 36
[  377.766711][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 80 @ nid 36
[  377.775978][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 74 @ nid 36
[  377.785126][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 72 @ nid 36
[  377.794326][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 70 @ nid 36
[  377.803696][ T7681] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  377.813432][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 63 @ nid 36
[  377.822716][ T7681] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  377.832166][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 62 @ nid 36
[  377.841770][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 58 @ nid 36
[  377.850825][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 57 @ nid 36
[  377.860012][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 54 @ nid 36
[  377.869109][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 53 @ nid 36
[  377.878198][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 52 @ nid 36
[  377.887293][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 51 @ nid 36
[  377.896458][ T7681] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  377.905825][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 50 @ nid 36
[  377.915009][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 47 @ nid 36
[  377.924123][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 46 @ nid 36
[  377.933322][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 40 @ nid 36
[  377.942617][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 39 @ nid 36
[  377.951749][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 38 @ nid 36
[  377.960814][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 34 @ nid 36
[  377.969939][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 32 @ nid 36
[  377.979086][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 30 @ nid 36
[  377.988245][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 27 @ nid 36
[  377.997369][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 26 @ nid 36
[  378.006489][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 25 @ nid 36
[  378.015675][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 24 @ nid 36
[  378.024781][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 23 @ nid 36
[  378.033853][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 22 @ nid 36
[  378.043230][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 21 @ nid 36
[  378.052319][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 20 @ nid 36
[  378.061488][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 18 @ nid 36
[  378.070813][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 12 @ nid 36
[  378.079930][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 10 @ nid 36
[  378.089173][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 6 @ nid 36
[  378.098222][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 4 @ nid 36
[  378.107356][ T7681] erofs: (device loop5): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  378.116875][ T7681] erofs: (device loop5): z_erofs_readahead: readahead error at page 0 @ nid 36
[  378.125964][ T7681] syz.5.945: attempt to access beyond end of device
[  378.125964][ T7681] loop5: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  378.140137][ T7681] syz.5.945: attempt to access beyond end of device
[  378.140137][ T7681] loop5: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  378.153816][ T7681] syz.5.945: attempt to access beyond end of device
[  378.153816][ T7681] loop5: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  378.168173][ T7681] syz.5.945: attempt to access beyond end of device
[  378.168173][ T7681] loop5: rw=524288, sector=720, nr_sectors = 16 limit=16
[  378.181824][ T7681] syz.5.945: attempt to access beyond end of device
[  378.181824][ T7681] loop5: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  378.196257][ T7681] syz.5.945: attempt to access beyond end of device
[  378.196257][ T7681] loop5: rw=524288, sector=13478624032, nr_sectors = 8 limit=16
[  378.210467][ T7681] syz.5.945: attempt to access beyond end of device
[  378.210467][ T7681] loop5: rw=524288, sector=13716630376, nr_sectors = 8 limit=16
[  378.224660][ T7681] syz.5.945: attempt to access beyond end of device
[  378.224660][ T7681] loop5: rw=524288, sector=133693448, nr_sectors = 8 limit=16
[  378.238675][ T7681] syz.5.945: attempt to access beyond end of device
[  378.238675][ T7681] loop5: rw=524288, sector=790384, nr_sectors = 16 limit=16
[  378.252752][ T7681] syz.5.945: attempt to access beyond end of device
[  378.252752][ T7681] loop5: rw=524288, sector=72, nr_sectors = 16 limit=16
[  378.466224][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  378.472602][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  381.428666][ T7706] netlink: 16 bytes leftover after parsing attributes in process `syz.5.956'.
[  385.607919][   T26] audit: type=1326 audit(1747195807.012:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.1.959" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88fbf8e969 code=0x0
[  386.970072][    T7] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  389.357296][ T7754] loop4: detected capacity change from 0 to 32768
[  389.491591][ T7754] read_mapping_page failed!
[  389.496791][ T7754] jfs_mount: Failed to read AGGREGATE_I
[  389.538003][ T7754] Mount JFS Failure: -5
[  389.567200][ T7754] jfs_mount failed w/return code = -5
[  391.314369][ T7790] loop5: detected capacity change from 0 to 256
[  391.321547][ T7790] exfat: Unknown parameter 'iochar'
[  392.674445][ T7803] syz.4.977[7803] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  392.674961][ T7803] syz.4.977[7803] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  393.824864][ T7426] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  397.319136][ T4242] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  397.513837][ T4242] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  397.531102][ T4242] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  397.540118][ T4242] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  397.681277][ T4242] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  397.696865][ T4242] usb 4-1: config 0 descriptor??
[  399.519286][   T22] usb 4-1: USB disconnect, device number 6
[  401.150774][ T7867] tty tty31: ldisc open failed (-12), clearing slot 30
[  401.190620][ T7870] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  401.252857][ T7882] tty tty1: ldisc open failed (-12), clearing slot 0
[  402.947380][ T7900] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1004'.
[  405.366933][   T22] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  406.159271][   T22] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.354036][   T22] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  406.363640][   T22] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  406.377605][   T22] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  406.495628][   T22] usb 5-1: config 0 descriptor??
[  407.812854][   T22] usb 5-1: USB disconnect, device number 6
[  408.198086][ T7955] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1019'.
[  409.379536][ T7962] loop5: detected capacity change from 0 to 128
[  409.534925][ T7962] EXT4-fs (loop5): Test dummy encryption mode enabled
[  409.626658][ T7957] syz.5.1018[7957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  409.631631][ T7957] syz.5.1018[7957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  409.723536][ T7962] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  409.745968][ T7962] ext4 filesystem being mounted at /73/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  410.617899][ T7975] netlink: 'syz.4.1023': attribute type 6 has an invalid length.
[  411.263485][ T6041] EXT4-fs (loop5): unmounting filesystem.
[  412.602122][ T7994] input: syz1 as /devices/virtual/input/input11
[  414.185402][ T8014] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1032'.
[  414.832689][ T8024] syz.1.1036[8024] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  414.833201][ T8024] syz.1.1036[8024] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  416.228428][ T8030] loop4: detected capacity change from 0 to 512
[  416.528552][ T8030] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  416.648669][ T8030] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  416.689867][ T8030] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  416.764566][ T8030] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  416.789095][ T8030] Quota error (device loop4): write_blk: dquota write failed
[  416.807264][ T8030] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  416.876564][ T8030] EXT4-fs error (device loop4): ext4_acquire_dquot:6802: comm syz.4.1037: Failed to acquire dquot type 0
[  418.401346][ T8043] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1040'.
[  418.743774][ T8043] loop5: detected capacity change from 0 to 16
[  419.806530][ T8043] erofs: (device loop5): mounted with root inode @ nid 36.
[  421.289733][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  422.102116][ T8056] input: syz1 as /devices/virtual/input/input12
[  428.102432][ T8095] netlink: 'syz.5.1054': attribute type 6 has an invalid length.
[  429.054020][ T8102] loop4: detected capacity change from 0 to 512
[  429.298366][ T8102] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  429.329037][ T8102] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  429.451716][   T26] audit: type=1800 audit(1747195850.851:19): pid=8102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1059" name="file2" dev="loop4" ino=16 res=0 errno=0
[  430.026904][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  430.325606][ T8088] loop3: detected capacity change from 0 to 32768
[  430.631559][ T8088] read_mapping_page failed!
[  430.636244][ T8088] jfs_mount: Failed to read AGGREGATE_I
[  430.678296][ T8088] Mount JFS Failure: -5
[  430.718257][ T8088] jfs_mount failed w/return code = -5
[  432.412493][ T8138] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1064'.
[  432.428499][ T8137] loop5: detected capacity change from 0 to 16
[  432.469876][ T8137] erofs: (device loop5): mounted with root inode @ nid 36.
[  432.750585][ T8125] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  432.769827][ T8125] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.777395][ T8125] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.816725][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 86 @ nid 36
[  432.826324][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 84 @ nid 36
[  432.835605][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 80 @ nid 36
[  432.844842][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 74 @ nid 36
[  432.853968][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 72 @ nid 36
[  432.863182][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 70 @ nid 36
[  432.872315][ T8144] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  432.881688][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 63 @ nid 36
[  432.890756][ T8144] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  432.900134][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 62 @ nid 36
[  432.909422][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 58 @ nid 36
[  432.918598][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 57 @ nid 36
[  432.928312][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 54 @ nid 36
[  432.937470][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 53 @ nid 36
[  432.946591][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 52 @ nid 36
[  432.955697][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 51 @ nid 36
[  432.964799][ T8144] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  432.974164][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 50 @ nid 36
[  432.983339][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 47 @ nid 36
[  432.992438][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 46 @ nid 36
[  433.001649][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 40 @ nid 36
[  433.010693][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 39 @ nid 36
[  433.019871][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 38 @ nid 36
[  433.029211][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 34 @ nid 36
[  433.038388][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 32 @ nid 36
[  433.047550][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 30 @ nid 36
[  433.056738][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 27 @ nid 36
[  433.065837][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 26 @ nid 36
[  433.074947][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 25 @ nid 36
[  433.084086][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 24 @ nid 36
[  433.093211][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 23 @ nid 36
[  433.102303][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 22 @ nid 36
[  433.111448][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 21 @ nid 36
[  433.120494][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 20 @ nid 36
[  433.129796][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 18 @ nid 36
[  433.139116][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 12 @ nid 36
[  433.148229][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 10 @ nid 36
[  433.157516][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 6 @ nid 36
[  433.166659][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 4 @ nid 36
[  433.175770][ T8144] erofs: (device loop5): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  433.185484][ T8144] erofs: (device loop5): z_erofs_readahead: readahead error at page 0 @ nid 36
[  433.194537][ T8144] bio_check_eod: 12 callbacks suppressed
[  433.194549][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.194549][ T8144] loop5: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  433.214255][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.214255][ T8144] loop5: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  433.228009][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.228009][ T8144] loop5: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  433.242732][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.242732][ T8144] loop5: rw=524288, sector=720, nr_sectors = 16 limit=16
[  433.256746][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.256746][ T8144] loop5: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  433.270992][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.270992][ T8144] loop5: rw=524288, sector=13478624032, nr_sectors = 8 limit=16
[  433.285360][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.285360][ T8144] loop5: rw=524288, sector=13716630376, nr_sectors = 8 limit=16
[  433.299613][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.299613][ T8144] loop5: rw=524288, sector=133693448, nr_sectors = 8 limit=16
[  433.313790][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.313790][ T8144] loop5: rw=524288, sector=790384, nr_sectors = 16 limit=16
[  433.327712][ T8144] syz.5.1066: attempt to access beyond end of device
[  433.327712][ T8144] loop5: rw=524288, sector=72, nr_sectors = 16 limit=16
[  437.852333][ T8176] syz.5.1072[8176] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  437.852427][ T8176] syz.5.1072[8176] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  437.868148][ T8176] loop5: detected capacity change from 0 to 128
[  438.032550][ T8176] EXT4-fs (loop5): Test dummy encryption mode enabled
[  438.234199][ T8176] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  438.250046][ T8176] ext4 filesystem being mounted at /81/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  439.845935][ T6041] EXT4-fs (loop5): unmounting filesystem.
[  439.905468][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  439.912253][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  442.289548][ T8211] loop5: detected capacity change from 0 to 1024
[  442.296835][ T8211] ext4: Unknown parameter 'uid<00000000000000060929'
[  445.145069][ T8217] loop5: detected capacity change from 0 to 512
[  446.389626][ T8217] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  446.399906][ T8217] EXT4-fs (loop5): invalid journal inode
[  446.405713][ T8217] EXT4-fs (loop5): can't get journal size
[  446.412808][ T8217] EXT4-fs: failed to create workqueue
[  446.418223][ T8217] EXT4-fs (loop5): mount failed
[  449.023835][ T8242] syz.4.1089[8242] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  449.023939][ T8242] syz.4.1089[8242] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  449.039441][ T8242] loop4: detected capacity change from 0 to 128
[  449.072909][ T8242] EXT4-fs (loop4): Test dummy encryption mode enabled
[  450.372066][ T8242] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  450.384194][ T8242] ext4 filesystem being mounted at /226/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  451.576373][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  452.410556][ T8269] loop5: detected capacity change from 0 to 16
[  452.481152][ T8269] erofs: (device loop5): mounted with root inode @ nid 36.
[  453.025248][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 86 @ nid 36
[  453.034457][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 84 @ nid 36
[  453.043797][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 80 @ nid 36
[  453.053036][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 74 @ nid 36
[  453.062129][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 72 @ nid 36
[  453.071288][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 70 @ nid 36
[  453.080380][ T8273] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  453.089744][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 63 @ nid 36
[  453.099187][ T8273] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  453.108544][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 62 @ nid 36
[  453.119917][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 58 @ nid 36
[  453.391064][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 57 @ nid 36
[  453.401316][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 54 @ nid 36
[  453.410621][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 53 @ nid 36
[  453.419816][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 52 @ nid 36
[  453.429029][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 51 @ nid 36
[  453.438247][ T8273] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  453.447679][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 50 @ nid 36
[  453.459139][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 47 @ nid 36
[  453.468502][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 46 @ nid 36
[  453.481156][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 40 @ nid 36
[  453.490339][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 39 @ nid 36
[  453.500368][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 38 @ nid 36
[  453.601835][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 34 @ nid 36
[  453.612255][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 32 @ nid 36
[  453.622504][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 30 @ nid 36
[  453.632854][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 27 @ nid 36
[  453.642049][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 26 @ nid 36
[  453.651248][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 25 @ nid 36
[  453.661235][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 24 @ nid 36
[  453.670525][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 23 @ nid 36
[  453.679754][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 22 @ nid 36
[  453.689628][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 21 @ nid 36
[  453.698840][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 20 @ nid 36
[  453.708674][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 18 @ nid 36
[  453.720338][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 12 @ nid 36
[  453.841081][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 10 @ nid 36
[  453.852639][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 6 @ nid 36
[  453.862374][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 4 @ nid 36
[  453.873822][ T8273] erofs: (device loop5): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  453.883309][ T8273] erofs: (device loop5): z_erofs_readahead: readahead error at page 0 @ nid 36
[  453.893709][ T8273] bio_check_eod: 12 callbacks suppressed
[  453.893827][ T8273] syz.5.1095: attempt to access beyond end of device
[  453.893827][ T8273] loop5: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  453.915167][ T8273] syz.5.1095: attempt to access beyond end of device
[  453.915167][ T8273] loop5: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  453.929065][ T8273] syz.5.1095: attempt to access beyond end of device
[  453.929065][ T8273] loop5: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  453.943476][ T8273] syz.5.1095: attempt to access beyond end of device
[  453.943476][ T8273] loop5: rw=524288, sector=720, nr_sectors = 16 limit=16
[  453.957180][ T8273] syz.5.1095: attempt to access beyond end of device
[  453.957180][ T8273] loop5: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  453.972862][ T8273] syz.5.1095: attempt to access beyond end of device
[  453.972862][ T8273] loop5: rw=524288, sector=13478624032, nr_sectors = 8 limit=16
[  453.987187][ T8273] syz.5.1095: attempt to access beyond end of device
[  453.987187][ T8273] loop5: rw=524288, sector=13716630376, nr_sectors = 8 limit=16
[  454.001469][ T8273] syz.5.1095: attempt to access beyond end of device
[  454.001469][ T8273] loop5: rw=524288, sector=133693448, nr_sectors = 8 limit=16
[  454.015574][ T8273] syz.5.1095: attempt to access beyond end of device
[  454.015574][ T8273] loop5: rw=524288, sector=790384, nr_sectors = 16 limit=16
[  454.029490][ T8273] syz.5.1095: attempt to access beyond end of device
[  454.029490][ T8273] loop5: rw=524288, sector=72, nr_sectors = 16 limit=16
[  456.808256][ T8296] netlink: 'syz.3.1101': attribute type 6 has an invalid length.
[  457.615188][ T8311] syz.3.1104[8311] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  457.615668][ T8311] syz.3.1104[8311] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  457.661823][ T8311] loop3: detected capacity change from 0 to 128
[  457.830414][ T8311] EXT4-fs (loop3): Test dummy encryption mode enabled
[  458.091348][ T8311] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  458.105383][ T8311] ext4 filesystem being mounted at /217/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  459.662588][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  459.704739][ T8326] loop5: detected capacity change from 0 to 256
[  459.747014][ T8326] exfat: Deprecated parameter 'namecase'
[  459.856092][ T8326] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  461.416780][ T8340] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1106'.
[  461.947450][ T8350] loop5: detected capacity change from 0 to 16
[  462.336843][ T8350] erofs: (device loop5): mounted with root inode @ nid 36.
[  462.823226][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 86 @ nid 36
[  462.832883][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 84 @ nid 36
[  462.842831][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 80 @ nid 36
[  462.852512][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 74 @ nid 36
[  462.861738][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 72 @ nid 36
[  462.871099][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 70 @ nid 36
[  462.880558][ T8357] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  462.889936][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 63 @ nid 36
[  462.899056][ T8357] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  462.908446][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 62 @ nid 36
[  462.951054][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 58 @ nid 36
[  462.960172][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 57 @ nid 36
[  462.969651][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 54 @ nid 36
[  462.978768][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 53 @ nid 36
[  462.987870][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 52 @ nid 36
[  462.997058][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 51 @ nid 36
[  463.006220][ T8357] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  463.015575][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 50 @ nid 36
[  463.025072][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 47 @ nid 36
[  463.034187][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 46 @ nid 36
[  463.046661][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 40 @ nid 36
[  463.055800][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 39 @ nid 36
[  463.065110][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 38 @ nid 36
[  463.074452][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 34 @ nid 36
[  463.083847][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 32 @ nid 36
[  463.093227][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 30 @ nid 36
[  463.102622][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 27 @ nid 36
[  463.111741][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 26 @ nid 36
[  463.120837][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 25 @ nid 36
[  463.130201][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 24 @ nid 36
[  463.139338][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 23 @ nid 36
[  463.149044][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 22 @ nid 36
[  463.158448][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 21 @ nid 36
[  463.167582][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 20 @ nid 36
[  463.176822][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 18 @ nid 36
[  463.186337][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 12 @ nid 36
[  463.195483][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 10 @ nid 36
[  463.205534][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 6 @ nid 36
[  463.214559][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 4 @ nid 36
[  463.223647][ T8357] erofs: (device loop5): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  463.233076][ T8357] erofs: (device loop5): z_erofs_readahead: readahead error at page 0 @ nid 36
[  463.242114][ T8357] bio_check_eod: 12 callbacks suppressed
[  463.242126][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.242126][ T8357] loop5: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  463.261823][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.261823][ T8357] loop5: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  463.275554][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.275554][ T8357] loop5: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  463.289926][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.289926][ T8357] loop5: rw=524288, sector=720, nr_sectors = 16 limit=16
[  463.303595][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.303595][ T8357] loop5: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  463.317761][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.317761][ T8357] loop5: rw=524288, sector=13478624032, nr_sectors = 8 limit=16
[  463.332009][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.332009][ T8357] loop5: rw=524288, sector=13716630376, nr_sectors = 8 limit=16
[  463.346335][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.346335][ T8357] loop5: rw=524288, sector=133693448, nr_sectors = 8 limit=16
[  463.360513][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.360513][ T8357] loop5: rw=524288, sector=790384, nr_sectors = 16 limit=16
[  463.374435][ T8357] syz.5.1111: attempt to access beyond end of device
[  463.374435][ T8357] loop5: rw=524288, sector=72, nr_sectors = 16 limit=16
[  463.661205][ T8361] netlink: 'syz.1.1114': attribute type 6 has an invalid length.
[  465.255898][ T8369] loop3: detected capacity change from 0 to 32768
[  465.275213][ T8369] 
[  465.275213][ T8369]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  465.275213][ T8369] 
[  465.306313][ T8369] 
[  465.306313][ T8369]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  465.306313][ T8369] 
[  465.326346][ T8369] 
[  465.326346][ T8369]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  465.326346][ T8369] 
[  465.364983][ T8369] 
[  465.364983][ T8369]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  465.364983][ T8369] 
[  465.410298][ T8369] 
[  465.410298][ T8369]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  465.410298][ T8369] 
[  465.458378][  T106] 
[  465.458378][  T106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  465.458378][  T106] 
[  465.587508][ T4260] 
[  465.587508][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  465.587508][ T4260] 
[  465.615176][ T4260] 
[  465.615176][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  465.615176][ T4260] 
[  466.144342][ T8401] netlink: 'syz.0.1125': attribute type 6 has an invalid length.
[  466.794076][ T8413] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1129'.
[  467.128028][ T8414] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1123'.
[  467.475901][ T8415] loop3: detected capacity change from 0 to 128
[  467.530702][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  467.571463][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  467.592768][ T8415] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  467.626471][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  467.636716][ T8415] ext4 filesystem being mounted at /223/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  467.691237][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  467.771376][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  468.053061][   T22] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  468.314493][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  468.811354][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  469.077437][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  469.486330][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  471.660592][ T8442] netlink: 'syz.5.1137': attribute type 6 has an invalid length.
[  476.577467][ T8473] syz.3.1145[8473] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  476.577572][ T8473] syz.3.1145[8473] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  476.596064][ T8473] loop3: detected capacity change from 0 to 128
[  476.615256][ T8473] EXT4-fs (loop3): Test dummy encryption mode enabled
[  476.656597][ T8473] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  476.665459][ T8473] ext4 filesystem being mounted at /227/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  480.715757][ T8517] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1150'.
[  484.081597][ T8546] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1162'.
[  485.041194][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  487.299226][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1173'.
[  487.797927][ T8577] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1171'.
[  488.799070][ T8578] tty tty20: ldisc open failed (-12), clearing slot 19
[  491.515027][ T8607] syz.0.1178[8607] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  491.515547][ T8607] syz.0.1178[8607] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  494.401140][ T4410] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  494.736013][ T8617] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1185'.
[  495.677923][ T8623] loop5: detected capacity change from 0 to 512
[  495.744377][ T8623] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  495.888706][ T8623] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  495.918173][ T8623] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  496.146507][ T6041] EXT4-fs (loop5): unmounting filesystem.
[  496.658518][ T8629] sch_fq: defrate 4294967295 ignored.
[  496.749280][ T8633] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1186'.
[  498.969886][ T8646] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1191'.
[  499.198177][ T8646] device gretap0 entered promiscuous mode
[  499.229149][ T8649] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1191'.
[  499.239452][ T8649] 0ªX¹¦D: renamed from gretap0
[  499.415615][ T8649] device 
30ªX¹¦D left promiscuous mode
[  499.422943][ T8649] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  501.344984][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  501.351437][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  501.504574][ T8666] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1197'.
[  501.764127][ T8672] loop7: detected capacity change from 0 to 16384
[  502.280757][ T8680] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1200'.
[  502.671140][ T4301] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  502.702119][ T4410] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  502.857392][ T8689] loop5: detected capacity change from 0 to 512
[  503.092749][ T8689] EXT4-fs (loop5): 1 truncate cleaned up
[  503.098516][ T8689] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  504.428297][ T8702] kvm [8700]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0x520f
[  505.248170][ T6041] EXT4-fs (loop5): unmounting filesystem.
[  505.261188][ T4410] usb 4-1: Using ep0 maxpacket: 8
[  505.269124][ T4301] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[  505.278864][ T4410] usb 4-1: config 0 has an invalid interface number: 31 but max is 0
[  505.301068][ T4301] usb 2-1: config 0 has an invalid descriptor of length 45, skipping remainder of the config
[  505.311410][ T4410] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  505.321814][ T4301] usb 2-1: config 0 has no interface number 0
[  505.332531][ T4410] usb 4-1: config 0 has no interface number 0
[  505.364871][ T4410] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  505.381863][ T4410] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.389942][ T4410] usb 4-1: Product: syz
[  505.417510][ T4301] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  505.438498][ T4410] usb 4-1: Manufacturer: syz
[  505.447232][ T4301] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.461134][ T4410] usb 4-1: SerialNumber: syz
[  505.490997][ T4410] usb 4-1: config 0 descriptor??
[  505.505503][ T4301] usb 2-1: config 0 descriptor??
[  505.559782][ T4410] usb 4-1: can't set config #0, error -71
[  505.572157][ T4301] usb 2-1: can't set config #0, error -71
[  505.602912][ T4410] usb 4-1: USB disconnect, device number 7
[  505.611372][ T4301] usb 2-1: USB disconnect, device number 3
[  508.123981][ T8727] netlink: 'syz.1.1211': attribute type 20 has an invalid length.
[  508.132058][ T8727] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1211'.
[  508.381875][ T8739] input: syz1 as /devices/virtual/input/input13
[  508.562611][ T8742] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1216'.
[  508.754854][ T5235] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  509.128334][ T5235] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  509.291228][ T5235] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  509.381449][ T5235] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  509.950320][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  510.387361][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  510.718402][ T4305] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  510.866303][ T8765] 9pnet_fd: Insufficient options for proto=fd
[  511.036790][ T8759] kvm [8758]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0x520f
[  511.373178][ T8768] xt_hashlimit: size too large, truncated to 1048576
[  511.481418][ T8768] kvm: apic: phys broadcast and lowest prio
[  513.322309][ T8783] loop5: detected capacity change from 0 to 16
[  513.349896][ T8783] erofs: (device loop5): mounted with root inode @ nid 36.
[  513.551241][ T8790] netlink: 'syz.1.1228': attribute type 20 has an invalid length.
[  513.559181][ T8790] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1228'.
[  513.749794][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 86 @ nid 36
[  513.759139][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 84 @ nid 36
[  513.768460][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 80 @ nid 36
[  513.777724][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 74 @ nid 36
[  513.786932][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 72 @ nid 36
[  513.796177][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 70 @ nid 36
[  513.805493][ T8796] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  513.814900][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 63 @ nid 36
[  513.824506][ T8796] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  513.833932][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 62 @ nid 36
[  513.855004][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 58 @ nid 36
[  513.864236][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 57 @ nid 36
[  513.873561][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 54 @ nid 36
[  513.882705][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 53 @ nid 36
[  513.891975][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 52 @ nid 36
[  513.901130][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 51 @ nid 36
[  513.910252][ T8796] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  513.919673][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 50 @ nid 36
[  513.929438][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 47 @ nid 36
[  513.938573][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 46 @ nid 36
[  513.947918][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 40 @ nid 36
[  513.958167][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 39 @ nid 36
[  513.967450][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 38 @ nid 36
[  513.976660][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 34 @ nid 36
[  513.985843][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 32 @ nid 36
[  513.995124][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 30 @ nid 36
[  514.004353][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 27 @ nid 36
[  514.013521][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 26 @ nid 36
[  514.022683][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 25 @ nid 36
[  514.033490][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 24 @ nid 36
[  514.042669][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 23 @ nid 36
[  514.052080][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 22 @ nid 36
[  514.061335][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 21 @ nid 36
[  514.070476][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 20 @ nid 36
[  514.079701][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 18 @ nid 36
[  514.089042][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 12 @ nid 36
[  514.098181][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 10 @ nid 36
[  514.107514][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 6 @ nid 36
[  514.116592][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 4 @ nid 36
[  514.125769][ T8796] erofs: (device loop5): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  514.135262][ T8796] erofs: (device loop5): z_erofs_readahead: readahead error at page 0 @ nid 36
[  514.144402][ T8796] bio_check_eod: 12 callbacks suppressed
[  514.144433][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.144433][ T8796] loop5: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  514.177158][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.177158][ T8796] loop5: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  514.191057][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.191057][ T8796] loop5: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  514.205523][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.205523][ T8796] loop5: rw=524288, sector=720, nr_sectors = 16 limit=16
[  514.219262][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.219262][ T8796] loop5: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  514.233559][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.233559][ T8796] loop5: rw=524288, sector=13478624032, nr_sectors = 8 limit=16
[  514.247904][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.247904][ T8796] loop5: rw=524288, sector=13716630376, nr_sectors = 8 limit=16
[  514.262229][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.262229][ T8796] loop5: rw=524288, sector=133693448, nr_sectors = 8 limit=16
[  514.276383][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.276383][ T8796] loop5: rw=524288, sector=790384, nr_sectors = 16 limit=16
[  514.290371][ T8796] syz.5.1226: attempt to access beyond end of device
[  514.290371][ T8796] loop5: rw=524288, sector=72, nr_sectors = 16 limit=16
[  516.291330][ T8801] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1229'.
[  516.921321][ T4410] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  517.134264][ T4410] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  517.172005][ T4410] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  517.231270][ T4410] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  517.327420][ T8811] netlink: 'syz.3.1231': attribute type 6 has an invalid length.
[  517.549953][ T8812] loop5: detected capacity change from 0 to 512
[  517.661122][ T8812] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  518.179423][ T4410] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  518.287807][ T8812] EXT4-fs (loop5): orphan cleanup on readonly fs
[  518.319737][ T8812] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1232: bg 0: block 248: padding at end of block bitmap is not set
[  518.339245][ T8812] Quota error (device loop5): write_blk: dquota write failed
[  518.347269][ T8812] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  518.357426][ T8812] EXT4-fs error (device loop5): ext4_acquire_dquot:6802: comm syz.5.1232: Failed to acquire dquot type 1
[  518.385967][ T8812] EXT4-fs (loop5): 1 truncate cleaned up
[  518.745443][ T8812] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  518.854981][ T4415] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  519.032654][ T8814] input: syz1 as /devices/virtual/input/input14
[  519.342797][ T8819] x_tables: ip_tables: tcp match: only valid for protocol 6
[  519.608861][ T8825] syz.4.1236[8825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  519.609418][ T8825] syz.4.1236[8825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  519.659751][ T8825] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1236'.
[  521.371554][ T4412] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  521.941108][ T6041] EXT4-fs (loop5): unmounting filesystem.
[  523.358938][ T8840] loop5: detected capacity change from 0 to 512
[  523.742994][ T8840] EXT4-fs (loop5): 1 truncate cleaned up
[  523.748830][ T8840] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  523.874196][ T8845] 9pnet_fd: Insufficient options for proto=fd
[  525.803565][ T6041] EXT4-fs (loop5): unmounting filesystem.
[  526.133143][ T8861] netlink: 'syz.4.1244': attribute type 20 has an invalid length.
[  526.141132][ T8861] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1244'.
[  631.170989][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  631.178013][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P4349/1:b..l
[  631.186513][    C0] 	(detected by 0, t=10502 jiffies, g=37477, q=31 ncpus=2)
[  631.193725][    C0] task:kworker/u4:9    state:R  running task     stack:23168 pid:4349  ppid:2      flags:0x00004000
[  631.205609][    C0] Workqueue: bat_events batadv_nc_worker
[  631.211294][    C0] Call Trace:
[  631.214591][    C0]  <TASK>
[  631.217544][    C0]  __schedule+0x10e9/0x40d0
[  631.222083][    C0]  ? lock_chain_count+0x20/0x20
[  631.227013][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  631.232245][    C0]  ? release_firmware_map_entry+0x18a/0x18a
[  631.238180][    C0]  preempt_schedule_irq+0xb1/0x150
[  631.243317][    C0]  ? preempt_schedule_notrace+0x110/0x110
[  631.249068][    C0]  ? rcu_is_watching+0x11/0xa0
[  631.253861][    C0]  ? rcu_irq_exit_check_preempt+0xdb/0x210
[  631.259691][    C0]  irqentry_exit+0x63/0x70
[  631.264117][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  631.270108][    C0] RIP: 0010:batadv_nc_process_nc_paths+0xf5/0x390
[  631.276543][    C0] Code: 31 c0 45 31 c9 48 89 44 24 28 50 e8 55 3a 89 f7 48 83 c4 08 e8 9c 9b 35 00 41 89 c6 31 ff 89 c6 e8 b0 2b a7 f7 45 85 f6 74 10 <e8> f6 56 91 f7 84 c0 74 0e e8 3d 28 a7 f7 eb 58 e8 36 28 a7 f7 eb
[  631.296186][    C0] RSP: 0018:ffffc9000499fb70 EFLAGS: 00000202
[  631.302274][    C0] RAX: ffffffff89d9ab60 RBX: ffffffff89d9ae00 RCX: 0000000000000000
[  631.310253][    C0] RDX: ffff88807ce51dc0 RSI: 0000000000000001 RDI: 0000000000000000
[  631.318236][    C0] RBP: ffff888019a96968 R08: dffffc0000000000 R09: fffffbfff2117049
[  631.326225][    C0] R10: fffffbfff2117049 R11: 1ffffffff2117048 R12: dffffc0000000000
[  631.334217][    C0] R13: 1ffff1100b2b02f3 R14: 0000000000000001 R15: ffff888059580c80
[  631.342204][    C0]  ? batadv_nc_process_nc_paths+0x390/0x390
[  631.348120][    C0]  ? batadv_nc_process_nc_paths+0xf0/0x390
[  631.353953][    C0]  ? batadv_nc_process_nc_paths+0xba/0x390
[  631.359778][    C0]  batadv_nc_worker+0x425/0x600
[  631.364648][    C0]  ? process_one_work+0x7a1/0x1160
[  631.369778][    C0]  process_one_work+0x898/0x1160
[  631.374755][    C0]  ? worker_detach_from_pool+0x240/0x240
[  631.380406][    C0]  ? _raw_spin_lock_irq+0xab/0xe0
[  631.385448][    C0]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  631.390836][    C0]  ? kthread_data+0x4b/0xc0
[  631.395368][    C0]  worker_thread+0xaa2/0x1250
[  631.400069][    C0]  ? _raw_spin_unlock_irqrestore+0xa5/0x100
[  631.406011][    C0]  ? __kthread_parkme+0x162/0x1c0
[  631.411069][    C0]  kthread+0x29d/0x330
[  631.415159][    C0]  ? worker_clr_flags+0x1a0/0x1a0
[  631.420194][    C0]  ? kthread_blkcg+0xd0/0xd0
[  631.424803][    C0]  ret_from_fork+0x1f/0x30
[  631.429257][    C0]  </TASK>
[  631.432289][    C0] rcu: rcu_preempt kthread starved for 10527 jiffies! g37477 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  631.443522][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  631.453517][    C0] rcu: RCU grace-period kthread stack dump:
[  631.459410][    C0] task:rcu_preempt     state:R  running task     stack:28096 pid:16    ppid:2      flags:0x00004000
[  631.470206][    C0] Call Trace:
[  631.473511][    C0]  <TASK>
[  631.476464][    C0]  __schedule+0x10e9/0x40d0
[  631.480995][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  631.486229][    C0]  ? _raw_spin_unlock+0x40/0x40
[  631.491136][    C0]  ? release_firmware_map_entry+0x18a/0x18a
[  631.497065][    C0]  schedule+0xb9/0x180
[  631.501157][    C0]  schedule_timeout+0x15c/0x280
[  631.506028][    C0]  ? console_conditional_schedule+0x40/0x40
[  631.511946][    C0]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  631.517946][    C0]  ? update_process_times+0x1b0/0x1b0
[  631.523350][    C0]  ? prepare_to_swait_event+0x335/0x350
[  631.528921][    C0]  rcu_gp_fqs_loop+0x2f2/0x1310
[  631.533807][    C0]  ? rcu_gp_kthread+0x380/0x380
[  631.538685][    C0]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  631.544694][    C0]  ? rcu_gp_init+0x14b0/0x14b0
[  631.549477][    C0]  ? rcu_gp_cleanup+0xb4c/0xca0
[  631.554351][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  631.559572][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  631.564795][    C0]  rcu_gp_kthread+0x95/0x380
[  631.569402][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  631.574528][    C0]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  631.580451][    C0]  ? __kthread_parkme+0x162/0x1c0
[  631.585505][    C0]  kthread+0x29d/0x330
[  631.589591][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  631.594735][    C0]  ? kthread_blkcg+0xd0/0xd0
[  631.599347][    C0]  ret_from_fork+0x1f/0x30
[  631.603800][    C0]  </TASK>
[  631.606831][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  631.613186][    C0] CPU: 0 PID: 8860 Comm: syz.3.1246 Not tainted 6.1.138-syzkaller #0
[  631.621260][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  631.631330][    C0] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40
[  631.637180][    C0] Code: f5 ff 0f 1f 00 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 4e 1b 4a f7 48 89 df e8 a6 e0 4a f7 e8 11 e3 6d f7 fb bf 01 00 00 00 <e8> b6 5d 3e f7 65 8b 05 b7 22 e9 75 85 c0 74 02 5b c3 e8 04 34 e7
[  631.656805][    C0] RSP: 0018:ffffc9000c3ffbb8 EFLAGS: 00000286
[  631.662895][    C0] RAX: 611aa80f4335f300 RBX: ffff888077f6ef00 RCX: 611aa80f4335f300
[  631.670885][    C0] RDX: dffffc0000000000 RSI: ffffffff8a6bfe00 RDI: 0000000000000001
[  631.678874][    C0] RBP: ffff888077f6f198 R08: dffffc0000000000 R09: ffffed100efedde1
[  631.686869][    C0] R10: ffffed100efedde1 R11: 1ffff1100efedde0 R12: 1ffff1100efede33
[  631.694860][    C0] R13: 0000000000000011 R14: dffffc0000000000 R15: 0000000000000000
[  631.702851][    C0] FS:  000055556629f500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  631.711791][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  631.718382][    C0] CR2: 000000110c39b151 CR3: 0000000028651000 CR4: 00000000003506f0
[  631.726455][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  631.734441][    C0] DR3: 000000000000000c DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  631.742424][    C0] Call Trace:
[  631.745711][    C0]  <TASK>
[  631.748660][    C0]  get_signal+0x1163/0x1350
[  631.753206][    C0]  arch_do_signal_or_restart+0xb0/0x1230
[  631.758857][    C0]  ? __ia32_sys_rt_sigreturn+0x660/0x790
[  631.764505][    C0]  ? bpf_trace_run2+0xda/0x3b0
[  631.769299][    C0]  ? load_gs_index+0x120/0x120
[  631.774084][    C0]  ? get_sigframe_size+0x10/0x10
[  631.779079][    C0]  ? exit_to_user_mode_loop+0x3b/0x110
[  631.784565][    C0]  exit_to_user_mode_loop+0x70/0x110
[  631.789878][    C0]  exit_to_user_mode_prepare+0xb1/0x140
[  631.795455][    C0]  syscall_exit_to_user_mode+0x16/0x40
[  631.800928][    C0]  do_syscall_64+0x58/0xa0
[  631.805361][    C0]  ? clear_bhb_loop+0x45/0xa0
[  631.810053][    C0]  ? clear_bhb_loop+0x45/0xa0
[  631.814748][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  631.820670][    C0] RIP: 0033:0x7f1b1a78e969
[  631.825114][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  631.844750][    C0] RSP: 002b:00007fff44bc72d8 EFLAGS: 00000246
[  631.850842][    C0] RAX: fffffffffffffffc RBX: 0000000000080741 RCX: 00007f1b1a78e969
[  631.858831][    C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1b1a9b608c
[  631.866816][    C0] RBP: 0000000000000032 R08: 000830191aa886f2 R09: 0000001644bc75cf
[  631.874809][    C0] R10: 00007fff44bc73d0 R11: 0000000000000246 R12: 00007f1b1a9b608c
[  631.882801][    C0] R13: 00007fff44bc73d0 R14: 0000000000080773 R15: 00007fff44bc73f0
[  631.890807][    C0]  </TASK>