last executing test programs:

4m7.491604293s ago: executing program 32 (id=37):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=@newqdisc={0x2c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

3m39.667331474s ago: executing program 1 (id=323):
unshare(0x20000400)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r0, 0x0, 0x0}, 0x10)

3m39.667127074s ago: executing program 1 (id=324):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

3m38.846321042s ago: executing program 1 (id=328):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="f8000000160001000000000000000000ff03000000000000000000000000000100000000000000000000ffff000000000000000000000000000080a000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000ffffac14142300000000330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1ffffffffffffff03000000000000000000000000000000000000000000000000000000000000000000000000000000feffffffffffffff000000000000000096070000000000000000000000000000100000000000000000000000b1a00100"], 0xf8}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="d80100001c0001"], 0x1d8}}, 0x0)
remap_file_pages(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000003, 0x200, 0x10)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0x3, 0x9, @loopback, 0x6}, 0x1c)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe)
setsockopt$bt_BT_SECURITY(r6, 0x112, 0x4, 0x0, 0x0)
sendmsg(r5, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0xfffffffe)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x4000000)
setsockopt$inet6_int(r5, 0x29, 0x46, &(0x7f00000001c0)=0x3, 0x4)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x28002)
dup(r7)

3m37.880981295s ago: executing program 1 (id=333):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@discard}, {@init_itable}, {@nojournal_checksum}]}, 0x3, 0x44c, &(0x7f0000000340)="$eJzs28tvG1UXAPAzdpx++dKSUMqr5REoiIpH0qQFumABCCQWRUKCBSyjJK1C3QQ1QaJVJFIWZYUQEnvEkn+BFWwQYoXEFvaoUoWyoWVlNPZMYru2m6R2XOrfT5r23Hnk3uOZa9+ZawcwsCbSf5KI/RHxe0SM1YqNO0zU/ru+sTZ3Y2NtLolK5d2/kup+f2+szeW75seN1hciiSMt6l25eOncbLm8cCErT62e/2hq5eKlFxbPz55dOLuwNHPq1MkT0y+/NPNiV/IcjUIWvfXBV2+f/qIh/6Y8umSi08anK5UuV9dfB+riZKiPDWFHihGRnq5Stf+PRTG2Tt5YvPlZXxsH9FSlUqmMtt+8XgHuYkk0lnV5GBT5B316/5svzYOAV3s3/Oi7a6/VboDSvK9nS23L0OYTg1LT/W03TUTE++v/fJMu0ZvnEAAADX5Ixz/Pp6Od5vFfIR6o2++ebG5oPCLujYiDEXFfLMWhiLg/orrvgxHx0A7rb54kuXn8U7i6q8S2KR3/vZLNbTWO//LRX4wXs9KBav6l5MxieeF49poci9K+tDzdoY4f3/jty3bb6sd/6ZLWn48Fs3ZcHdrXeMz87Ors7eRc79rliMNDrfJPNmcCkoh4OCIO77KOxWe/e6Tdtlvn30EX5pkq30Y8Uzv/69GUfy7pPD859b8oLxyfyq+Km/3y65V32tV/W/l3QXr+/9/y+t/Mfzypn69d2XkdV/74vO09zW6v/+HkvWo8nK37ZHZ19cJ0xHByutbo+vUzW8fm5Xz/NP9jR1v3/4Ox9UociYj0In40Ih6LiMeztj8REU9GxNEO+f/8+lMfNq8b2Xb+vZXmP7+j878VDEfzmtZB8dxP3zdUOr4VZvnf6Hz+T1ajY9ma7bz/baddu7uaAQAA4L+nEBH7IylMbsaFwuRk7Tv8hyIK5eWV1efOLH+8NF/7jcB4lAr5k66xuueh09ltfa18OSJqXy3It5+IQvW58dfFkWp5cm65PN/v5GHAjbbp/6k/i/1uHdBzfq8Fg0v/h8Gl/8Pg2ln/39ezdgB7r0X/H+lHO4C91+rz/9M+tAPYe03937QfDBDP/2Bw6f8wuPR/GEgrI3HrH8l3DPK/tMvD79ogSndEM3oWROGOaIagR0F/35cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65d8AAAD//9S+3I8=")
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)

3m37.474813358s ago: executing program 1 (id=342):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000280)={0x4, 0xc, 0x4})
r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f})
close_range(r0, 0xffffffffffffffff, 0x0)

3m36.124646594s ago: executing program 1 (id=347):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd08, 0x8000, {0x0, 0x0, 0x0, r2, {0x10, 0xb}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x22044028}, 0x40040)

3m35.873792453s ago: executing program 33 (id=347):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd08, 0x8000, {0x0, 0x0, 0x0, r2, {0x10, 0xb}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x22044028}, 0x40040)

2m50.481832677s ago: executing program 2 (id=619):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r4, 0x0, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000100))
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x0, [<r6=>0x0], [0xffffffff], [0x9], [0xfffffffffffffffc]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000040)={r6})

2m50.115022269s ago: executing program 2 (id=622):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$USBDEVFS_GETDRIVER(r0, 0x41045508, &(0x7f00000000c0)={0x5, "0c141c59803529c9ddad4be2f81914e59778b874df750a47561ba68866f88ac5377142e021d59243b02d551fef15408c723e691fb272a3cc0fce4ca8ea47070ca74d53d1de669472df85a77f6263cc399abcbb75f798ca21be6345edd5eb44c950a6894894867d23e2b8d37a40def5de5a090aacdcbaf20459a616b9ce605756105ea66d3ab1ce590a12355ee87ebd22aeb4dd203f491d1e3c4a0f147e53d8556946603d2bb09f9d48db917d57231c6f831d7ea673ac859f9d5033e452edbf56882685c428836ae09eb278ac2825cfff2028689381f0dc7c2fcee9b911197ebfa2617e70c7b225f97d4e8d28e3ad56436cd4da906ee6874c9c563ca3622ef42b"})

2m49.331310766s ago: executing program 2 (id=625):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@usrquota}, {@grpjquota}, {@nodelalloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)

2m48.970707668s ago: executing program 2 (id=630):
r0 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d240701060000fd80000000e80924030000000001"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000140)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x407}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000c40)={0x84, &(0x7f00000002c0)=ANY=[@ANYBLOB="20b23b00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000000c0)={0x44, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x20, 0x82, 0x2, "c9a7"}, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000740)={0x44, 0x0, 0x0, &(0x7f00000005c0)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000600)={0x20, 0x81, 0x2, "3285"}, 0x0, 0x0, &(0x7f00000006c0)={0x20, 0x84, 0x2, "c3e4"}, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000180)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20, 0x84, 0x2, "078d"}, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000a00)={0x84, &(0x7f0000000540)=ANY=[@ANYBLOB="4005bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2m47.691198882s ago: executing program 2 (id=637):
r0 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000080)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x7, 0x50, 0xb, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x3944}, {0xd, 0x24, 0xf, 0x1, 0xb, 0x7, 0x401, 0x81}, {0x6, 0x24, 0x1a, 0x2, 0x5}}, {{0x9, 0x5, 0x81, 0x3, 0x10, 0x8, 0x9, 0x3}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0xa4, 0x9, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x2, 0xff, 0x3}}}}}}}]}}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0})
syz_usb_ep_read(r0, 0x81, 0x0, 0x0)

2m46.631834997s ago: executing program 2 (id=640):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x2, 0x4, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000480)='scsi_dispatch_cmd_start\x00', 0xffffffffffffffff, 0x0, 0x80}, 0x7a)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd63"], 0xfdef)

2m42.258359405s ago: executing program 5 (id=659):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
ftruncate(r1, 0xd5)
unshare(0x2a020400)
copy_file_range(r0, 0x0, r0, &(0x7f00000000c0)=0xae8, 0x863, 0x0)

2m41.911102217s ago: executing program 5 (id=661):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040bd28090900000000000109022400cc0000000009040000020300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)

2m40.774278025s ago: executing program 5 (id=665):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x40003})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000280)={0x4, 0xc, 0x4})
r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f})
close_range(r0, 0xffffffffffffffff, 0x0)

2m40.62623998s ago: executing program 5 (id=667):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000000)={[{@inlinecrypt}, {@usrquota}, {@test_dummy_encryption_v1}, {@data_err_ignore}]}, 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, 0x0)
quotactl$Q_GETINFO(0xffffffff80000500, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000440))

2m39.824021287s ago: executing program 5 (id=668):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000400)='./file3\x00', 0x210048, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1f0, &(0x7f0000000080)="$eJzslruO00AUhv8ZW3aCuEiUNBREAgoc2wFEE4lIiIoCiUtEgUQkTBSSAEpckEgo4Qno6SjoeQEkaHkIFGigCRVbezUXO87Fu8nuelPs+aSMf4/mcnxm9J+AIIgTy+9fO5Pof/VPAcBplGDr/r/GbAxPjf9Z+Pfu+7279Q9PP/+wJ05x1ZpRtP7+JoBvNQNhMnd+dkk/H4In+hE4rmpdB4Oj9TNwPBZibCMAwxMUZHwvpVa8FuMd50WrEzgMgBCuaDzR+KKpLMY3fc/wPBUfk+qs7hm2G51O0OsPchP75W9a46im4lOHYukeFa2byp8HDk/rChgeaH0LdpwblZLU918wZ+unrgaWw7Vyz4gIZYNZ589khdoXOZrvMTO/a16IvB7R52Cstsz1DilhLMZsQIr4RHO/yscuYG58tTLPYrR0W/IQBzmLr7fVnLgnGql3OeZcxoLRaM0tLKwZRlwNVOYTf4o+MVxO+ZMpK8pHWWrKYfcNx2B4rdVtNINm8Mr3Kzfd6657w78DYURlaUd7+F9R+tOp2fora5J0RGbhbSMMe55qk3dftascl0v/47hyKXbTKHFWgb2wB9M/Lp/Se9tfMqMnCILYHheFo2nMWOhqguS/LnB/izESBEEQBEEQBEEQBHE4dgMAAP//Id89jw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x101a02, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file3\x00', 0x60840, 0x8)
read$FUSE(r0, &(0x7f0000000640)={0x2020}, 0x2020)

2m31.44321253s ago: executing program 34 (id=640):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x2, 0x4, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000480)='scsi_dispatch_cmd_start\x00', 0xffffffffffffffff, 0x0, 0x80}, 0x7a)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd63"], 0xfdef)

2m28.586895117s ago: executing program 5 (id=686):
syz_mount_image$ext4(&(0x7f0000000440)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000c40), 0x0, 0x4b1, &(0x7f0000000d40)="$eJzs3E1vG0UfAPD/2nnpW5746dPneaAt1FAQES9JkxboAYkXgdQLEhIcyjGkaVWaNqgJEq0iGhAqR9RPUDgi8Qk4wQUBEhKIK9wRUoVyaekBGa29mzqJHWznxW3y+0muZzyzOzO7nvXsTDcBbFvl9J8kYk9E/BIRg7Xo0gzl2tuthbmJPxfmJpKoVF7/I6nmu7kwN5FnzbfbnUWGChGFj5I40KDcmUuXz41PTU1ezOIjs+ffGZm5dPmps+fHz0yembwwdvz4saOjzz4z9nSW4/k1tXMgrev+96cP3n/izWuvTpy89tZ3X6T13ZOl31yY61u6RSkP7I+IyvL9vdBCmeUoLz2WdR5tr/p3vYG6cNLTxYrQlmJEpKert9r/B6MYd07eYLzyYUShq/UDNk6lUqn0r/g0vSrsTAPzFWALS6LbNQC6I//FT+/j89cmD0G66saLtRugtN23slctpad651Mu1e6NBjao/HIciojb10/O374ey+ZTAAA2wlfp+OfJRuO/QvyvLt+/srWhUkT8OyL2RsR/ImJfRPw3opr3/xFxX6sFJ42XRlaOf37a2WHTWpKO/57L1raWjv8W571LxSw2UG1/b3L67NTkkeyYDEVvfxofXaWMr1/++ZNmaeWISMd++SstPx8LZvX4vWfZBN2p8dnxtbS53o1DEft7GrU/WVwJSGJHx/tPj9nZxz8/2Cz9n9u/inVYZ6p8FvFY7fzPx7L255LV1ydHdsTU5JGR/Fux0vc/Xn2tWflrav86uPFBxK6G3//F9peS+vXambaL6Ln668dN72k6/f73JW9Uw/mi7Xvjs7MXRyP6kvmVn4/d2TaP5/nT9g8dbtz/90b89Wm23YGISL/ED0TEgxHVu7a07g9FxMMRcXiVA/DtS4+8nb7/0FH7N1ba/lNtnf/6QG8s/6RRoHjumy+bld/a+T9WDQ1ln7Ry/asVnl+3mlew0+MGAAAA95JC9f/AJ0lEbd5kT13avthVmJqemX3i9PS7F07V0krRW8hnugbr5kNHs7nhPD62LH60Om9cqVQqO6vx4YnpqY1aUwdas7vW/wvDi9eCQmF4uJb2W3Fp3rU9gQPcldpaR2v2RBtwT2qt/+v4sBUt9v+VTwLmdH7Yomr9vzjY7XoAm8/fa4Htq1H/vxJxqwtVATaZ33/YvvR/2L7a7f+lDaoHsPn8/sO2tPSR+L5o4XH+lgJ7T6zPfrZ+oNjtavR3tnkUun7oVgaSBkmFBpkLLe+5b10qFqvl6Y+IVnd4JdovvdhRnbt9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgffwcAAP//LXTigA==")
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000100)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x3, 0x4)

2m27.774078625s ago: executing program 35 (id=686):
syz_mount_image$ext4(&(0x7f0000000440)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000c40), 0x0, 0x4b1, &(0x7f0000000d40)="$eJzs3E1vG0UfAPD/2nnpW5746dPneaAt1FAQES9JkxboAYkXgdQLEhIcyjGkaVWaNqgJEq0iGhAqR9RPUDgi8Qk4wQUBEhKIK9wRUoVyaekBGa29mzqJHWznxW3y+0muZzyzOzO7nvXsTDcBbFvl9J8kYk9E/BIRg7Xo0gzl2tuthbmJPxfmJpKoVF7/I6nmu7kwN5FnzbfbnUWGChGFj5I40KDcmUuXz41PTU1ezOIjs+ffGZm5dPmps+fHz0yembwwdvz4saOjzz4z9nSW4/k1tXMgrev+96cP3n/izWuvTpy89tZ3X6T13ZOl31yY61u6RSkP7I+IyvL9vdBCmeUoLz2WdR5tr/p3vYG6cNLTxYrQlmJEpKert9r/B6MYd07eYLzyYUShq/UDNk6lUqn0r/g0vSrsTAPzFWALS6LbNQC6I//FT+/j89cmD0G66saLtRugtN23slctpad651Mu1e6NBjao/HIciojb10/O374ey+ZTAAA2wlfp+OfJRuO/QvyvLt+/srWhUkT8OyL2RsR/ImJfRPw3opr3/xFxX6sFJ42XRlaOf37a2WHTWpKO/57L1raWjv8W571LxSw2UG1/b3L67NTkkeyYDEVvfxofXaWMr1/++ZNmaeWISMd++SstPx8LZvX4vWfZBN2p8dnxtbS53o1DEft7GrU/WVwJSGJHx/tPj9nZxz8/2Cz9n9u/inVYZ6p8FvFY7fzPx7L255LV1ydHdsTU5JGR/Fux0vc/Xn2tWflrav86uPFBxK6G3//F9peS+vXambaL6Ln668dN72k6/f73JW9Uw/mi7Xvjs7MXRyP6kvmVn4/d2TaP5/nT9g8dbtz/90b89Wm23YGISL/ED0TEgxHVu7a07g9FxMMRcXiVA/DtS4+8nb7/0FH7N1ba/lNtnf/6QG8s/6RRoHjumy+bld/a+T9WDQ1ln7Ry/asVnl+3mlew0+MGAAAA95JC9f/AJ0lEbd5kT13avthVmJqemX3i9PS7F07V0krRW8hnugbr5kNHs7nhPD62LH60Om9cqVQqO6vx4YnpqY1aUwdas7vW/wvDi9eCQmF4uJb2W3Fp3rU9gQPcldpaR2v2RBtwT2qt/+v4sBUt9v+VTwLmdH7Yomr9vzjY7XoAm8/fa4Htq1H/vxJxqwtVATaZ33/YvvR/2L7a7f+lDaoHsPn8/sO2tPSR+L5o4XH+lgJ7T6zPfrZ+oNjtavR3tnkUun7oVgaSBkmFBpkLLe+5b10qFqvl6Y+IVnd4JdovvdhRnbt9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgffwcAAP//LXTigA==")
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000100)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x3, 0x4)

2m27.760112015s ago: executing program 6 (id=688):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x7)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0xffd8)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000500)="7c003307000000000008000081001a", 0x0, 0x469, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m26.666301072s ago: executing program 6 (id=691):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x8042, 0x0)
msgrcv(0x0, 0x0, 0xfffffffffffffd6a, 0x1, 0x3000)
pwrite64(r0, &(0x7f0000000380)="1464bf92f23f", 0x6, 0x8080c61)
pwrite64(r0, &(0x7f0000000140)="82f369ff", 0x4, 0x1200000)
fallocate(r0, 0x3, 0x80007, 0x8000c60)

2m25.520675961s ago: executing program 6 (id=694):
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

2m24.35304766s ago: executing program 6 (id=699):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000000)={[{@inlinecrypt}, {@usrquota}, {@test_dummy_encryption_v1}, {@data_err_ignore}]}, 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, 0x0)
quotactl$Q_GETINFO(0xffffffff80000500, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000440))

2m23.195201829s ago: executing program 6 (id=701):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2800, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x641, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x3, &(0x7f00000000c0)=ANY=[], 0x21, 0x1b7, &(0x7f0000000200)="$eJzsVT+PEkEU/w0sg1qotTGxkCgWwu6ixk4rwwewNUpgReLiH5ZCCIlQ8T1sqP0GFvY2JhYmNlioiQXG9m4vb+bNMtxdcZcct7lkfsnym/f/zTB58yJ5mwDAzmrSxkMoSFzEdyHgAbgmtO5RWfMfqbnG8i9P8y3Wf2BOGclo/LIVx9Fgi4vDbQXdCEgzO2JG8t9v+rp6csnk2eo28loI66ByaUNieyXk6W3naVGf48kk/J/73fByv5nHW4iDprX4YFbAX3XTv60mbVo84ylFuo7+hO1D/+Zny+eKpz5RRJr50PAj4SaA+rD/pp6Mxrd7/VY36kavwrBxz7/j+3fD+vNeHPn6V1glzIgiptlLM/W8ZS8B+MED9gIs/NZlTWtsF3YszeGUh3T1OjZQsGINC3zKYjkMdASPcSN9T35ZNGkrKosHtaUmBIosBNwuRFbrnDLU2q/jzhwCwoQt4GU5giVKSpDrHrWlcX9qVHN8VFxhucm8YF4ymzfLvEWeyvCTpeqUWnzXGg4HgfzCIQG9ekoXSmA3VavLU/vAqOo/ubm5q2U4ODg4ODg4OJwx7AUAAP//cmpbhA==")

2m22.57609855s ago: executing program 6 (id=703):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000016c0)={0x40, r2, 0x1, 0x0, 0x2, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x20, 0x4, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x18, 0x4829, 0xb5d1, 0x6, 0x9, 0xf062, 0x6, 0x388]}}, @NL80211_TXRATE_GI={0x5}]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x20044080}, 0x0)

2m22.431510745s ago: executing program 36 (id=703):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000016c0)={0x40, r2, 0x1, 0x0, 0x2, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x20, 0x4, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x18, 0x4829, 0xb5d1, 0x6, 0x9, 0xf062, 0x6, 0x388]}}, @NL80211_TXRATE_GI={0x5}]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x20044080}, 0x0)

41.003435914s ago: executing program 8 (id=1235):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r2], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_u}]}})

40.939613886s ago: executing program 8 (id=1236):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000030000000400000012"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r1}, &(0x7f00000002c0), &(0x7f0000000440)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000000)=0x1000000, &(0x7f0000000080)=r0}, 0x20)

40.81927919s ago: executing program 8 (id=1237):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)

40.686901035s ago: executing program 8 (id=1239):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0xd000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f00000008c0)='./file0\x00', 0x2000000, &(0x7f0000000740)=ANY=[], 0x21, 0x7d5, &(0x7f0000003800)="$eJzs3U9oHOfZAPBnFNmWFT5/Id+HP2McZ2LnAxscZSUnCiKHZLMayZOsdsXuKtiUkphaDsZyEuIGah/q+NLS0lJ66jHNoZf2VHppKbTQQttToT300lsg0EPS0kIPLQGVndm1JUu78h/ZCuH3E9a8+84z8z4zu8yjsTQzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEUputVCaTqOeNpdPpYLXZVnNhyPz++n65bjJk3Iik+y/GxuJA2XXgf2/O3t/9diQOla8OxVh3MhZXH97/yPP/MzrSX35IQtttdLPOy1euXjy7srL8zgNM5D745s/XvfzBeNzmnp3PGnm7mS9U57M0bzfTmenpytOn5trpXF7P2mfanWwhrbWyaqfZSo/VjqeTMzMn02ziTHOpMT9brWfpaNn53FNTlcp0+vLEYlZttZuNp1+eaNdO5fV63pgvFuzO7sY81/0gvpJ30k5WXUjT8xdWlk+uT2nvhiS7QZPrej5dXfvq0JOPfPTuh/+4sDy11eZOVaamJienpiann5159rlKZXRDR+UWsSHigX5o+Qza5iM43L2RXv2PeuTRiKU4HemmX7WYjVY0Y2HA/J5+/f//p//6+2Hjrq3/ZZUfOXTg5uyDUdT/w+Wrw4Pqfzn27j0DcrpfX31pXI4rcTUuxtlYiZVYjnfuy3jJ9q1rZHszm48sGpFHO5qRx0JUi56015PGTEzHdFTitTgVc9GONOYij3pk0Y4z0Y5OZMUnqhatyKIanWhGK9I4FrU4HmlMxkzMxMlII4uJOBPNWIpGzMdsVIu1nI8LxX4/eUte+7/6+s/e+MNH7xfvVj9octgufi+iCPr7kCD1n3u3vQdwuAer/foPAAAAfG4lxf++d8//d8VjRWsur2df2GKp0e639x5MhgAAAMC9Kn7zf6g72dVtPRZJ9/y/sj7oR7t2JjkAAABgWyTFNXZJRIzH42Wrf7lUZadzAwAAALZH8fv/w93JeMS1osP5PwAAAHzOvPqTXqO8x/7YjXvsfti/x257cU/yi79Fq7Urub54+snkUrUbXr30ULlcb7Ja2BMRnbmDSf9+gsW6pkevPtztGK1lh5L+3S8/3VNOPym+Hxy9kdD6e/2/uLfsTZJkiwRu6iawr7cVNxIoXsW34oky5olz5fRcf065teNzeT2bqDXrz09GtbpvpJOd7rz75oWvRLH532gs7Evi/IWV5YkvvbVyrsjlenct1y/1NnjDfRSH5LLa2wPx2OZ3N95VXIjRG3e8HLeydvtHLu/rNkbuYMyvxZEy5sh4OR1fv/1j3TEnJwZt/Xi5fZMbtnx04wdraBZHuxG74+ixonH02CZZTA3LorsvptZm0dsJd7YvjpYxa7P49Z+KrvefuHb6n79pJtnJrbI4eY9ZAOyU88Vdf26tQv8uy/lqt/63Wrt2x7q6Uy5wu0e5pBhliyf53H51/9fqkCP6sTLmWPnzxOjBTepKZZMj+tsX3v5t74j+zA+/9/0vHv7dj++6ro/1Q/b2G4/+6uGRKLLY28viam9Oa1fy7RuVpKyqH3T7Pxg4brs+lXR34UNfvvR27L985epTFy6dfWP5jeU3p6ZOTleeqVSeTZLem7da/MSg9gCwiSNxuCzkA5+xM+ApPMUPAGXtfmbYWfVDkTx6408KujXxrViJc3GiuNogIh7ffNzxNX+GcGKLs9bxNU94ObHZWd2a2N0RvdipLWPH1zxe5qb/++79fD8A4EE4skUdHlj/15y7n9jivPtmHf3vOBHHy9jj/QwG13IA4P7IWp8k452vJ61Wvvja5MzMZLVzKktbzdoraSufnc/SvNHJWjFabcxn6WKr2WnWmvVu49V8Nmun7aXFxWark841W+lis52fLp78nvYe/d7OFqqNTl5rL9azajtLa81Gp1rrpLN5u5YuLr1Uz9unslaxcHsxq+Vzea3ayZuNtN1catWyiTRtZ9mawHw2a3TyubzbbKSLrXyh2roeEfWlhSydzdq1Vr7YaZYr7I+VN+aarYVitX/Zt9N7GwA+Gy5fuXrx7MrK8jt31/jz7QQPHn3MjYUBYAfcrNIf/9et817YmZQAAAAAAAAAAAAAAIBb3OP1fxsbe+94qX4qm8aMDVt89dpmSyWrq6t3kPPe2CJmdy+/bd5RD6RxfVvWMzLo3bnHxuPbtJ5k8KzXX3jh4qDFX7p24NTtf0SHxoxGRO9S1/c+3v3T75SzXryrzRm586X+GBF3MdZqMiRmxw5JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDQfwIAAP//2S5sNA==")
openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendfile(r0, r1, 0x0, 0x8000002b)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x0, 0x20}}, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(r3, 0x400448c8, &(0x7f0000000100)={r2, r2, 0x0, 0x0, 0x0, 0xc2, 0xff, 0x15c2, 0x5886, 0x6, 0x0, 0x8, 'syz1\x00'})
openat$ptmx(0xffffffffffffff9c, 0x0, 0x441, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)

40.058214406s ago: executing program 8 (id=1242):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

39.444007796s ago: executing program 8 (id=1252):
syz_emit_ethernet(0xae, &(0x7f00000004c0)=ANY=[@ANYBLOB="0180c20000000180c200000186dd6001012000783afffe8000000000000000000000000000bbffff"], 0x0)

39.249772463s ago: executing program 37 (id=1252):
syz_emit_ethernet(0xae, &(0x7f00000004c0)=ANY=[@ANYBLOB="0180c20000000180c200000186dd6001012000783afffe8000000000000000000000000000bbffff"], 0x0)

8.123390725s ago: executing program 9 (id=1399):
openat$mice(0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r0, 0x5607, 0x2c)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$TIOCL_SETVESABLANK(r2, 0x560e, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000040))

8.123082355s ago: executing program 7 (id=1400):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = dup3(0xffffffffffffffff, r2, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000040)=0x1800, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000003540)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000003740)={0x0, 0x0, &(0x7f0000003700)={&(0x7f0000000300)={0x70, r8, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_FRAME={0x46, 0x33, @assoc_req={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x6}, @device_a, @device_a, @initial, {0x2}}, 0x600, 0x8ae, {0x0, 0x6, @default_ibss_ssid}, @val, @val={0x2d, 0x1a, {0x2000, 0x3, 0x5, 0x0, {0x5, 0x4, 0x0, 0x9, 0x0, 0x0, 0x1, 0x3}, 0x1, 0x3, 0x9}}}}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}]]}, 0x70}, 0x1, 0x0, 0x0, 0x20040080}, 0x4)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r4, 0x0, 0x0)

7.218604986s ago: executing program 9 (id=1401):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000002000000bfa300000000000007030000007effff7a0af0ff3f00000079a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27126e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb6220fd8d4b470e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef0420f0000cac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e885340133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421a8223fe5308e4e65ee93e107000000f8ddeff70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b12000000000000000030711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dabec3d18fd0699ff3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623243643db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e69578e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea7e764dde8725d2b4a0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10b98c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5924948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476f9e0407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd96d2da66059de81abfa1acc9f889555eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b4fdc08000be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd9b31bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac4794680f3037f250e96f61cb20d46d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401413f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60530000000000000004b023e4954c9eb6cd70627f5c03edd4f5ce48b8a874c852064dd0efafc3df20ec8faf3d194db76127f88f1b4fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8b310900000c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1d8e80311895f0b99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44b57e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db6e3080000000000003e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f27b6c15b1ba971de1cb9c7e6a000000000000001478b2a78f9abfefce4448303ef54c71199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b462426ff9293a28a544a6a9e2279b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718b3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5f61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6485987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434cbd52325296e22802475edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a1471bab551bd6beae7dbf58530136c238e545b28211a92000000001501ae7d7cc75007e8ff56e6d8d72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db9966addf4877204047be633792118efdb6b88023e80da74fdf723c7f000000009f13c7e851dfc91ec01219af568825de0cedd55a92eafe9edd98a8529d64cbaa0b9f89f391b2db7369e934085e486b946a4558c68e195af1a6e6e878609f9ed7406dc9c93a5d5cc76e037d66abe4fe54f18b4c969814c7f2094ebe736ef0f0cd65b90942f2e8de44f6fd69a94ca27bb6d92e2282d4a0b0ee3abe30d877579aed9b54f460247890aed19ef12e45097631548d8639fb2b6eb9b41c7e89ee7223cdeae1b2d02cf664df99e4a661feecb63953a4d86f3060372861ac184824b7a4fd1c605128f1307f2bba91b9fbfe2884639073c1d51e42feeb5312b23b8e1e468aa31ea8e7597f5eb6ad1897a04afc8369ebec808165218b625a64a237ed01636880f70f0ed"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x4b}, 0x48)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000500)="7c003307000000000008000081001a", 0x0, 0x469, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

6.967332315s ago: executing program 3 (id=1403):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000180))
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
gettid()
write$dsp(r0, &(0x7f0000000200)="dce480febb0ccd0bcb66ade3495e87b440e5afdc984cc06eb1c91c85a7fec04b2f82e267c1edd1543b79d80c0f949073bdbaa464c040e61ea6e658101100101097a5821b6c0c79d177b96995281707ce6d20a6db", 0x54)
write$dsp(r0, &(0x7f0000000080)="cd", 0x1)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)

6.067654805s ago: executing program 3 (id=1408):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000), 0x50)
r0 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x2556, 0x1000, 0x2, 0x24d}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

5.996834237s ago: executing program 7 (id=1409):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000500)="7c003307000000000008000081001a", 0x0, 0x469, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.9086331s ago: executing program 3 (id=1411):
openat$mice(0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r0, 0x5607, 0x2c)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$TIOCL_SETVESABLANK(r2, 0x560e, &(0x7f0000000140))
syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, 0x0)

4.645553313s ago: executing program 4 (id=1415):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x4008800)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x24, 0x1402, 0x1, 0x70bd2a, 0x25dfdc01, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000801}, 0x40810)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$netlink(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000002d0021"], 0x1c}], 0x1}, 0x0)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

4.606862674s ago: executing program 3 (id=1417):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b0001006272696467650000400002800800050001000000"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

4.43773683s ago: executing program 9 (id=1420):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = syz_io_uring_setup(0x1eb2, &(0x7f0000000480)={0x0, 0x100000, 0x3800}, &(0x7f0000000080), &(0x7f0000000040))
io_uring_enter(r0, 0x1816, 0x0, 0xb, 0x0, 0x0)
r1 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0406618, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
open(0x0, 0x143c62, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x7, 0x8, 0x18, 0x28e, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1a000000}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x8, 0x8}, 0x50)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001980)={0x9, {"a2e3ad084fc752f91b2509094bf70e0dd038e7ff7fc6e5539b3241078b089b32373b6d1a0890e0878f0e1ac6e7049b074a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d346d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21cefdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a215cc46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)

4.279204905s ago: executing program 4 (id=1421):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000), 0x50)
r0 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x2556, 0x1000, 0x2, 0x24d}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

4.1233984s ago: executing program 3 (id=1423):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000200)='./file1\x00', 0x300000a, &(0x7f0000000080), 0xff, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000540), 0x44800, 0x0)
sendfile(r1, r2, 0x0, 0xfffe82)
sendfile(r0, r0, 0x0, 0x800000009)

4.042016113s ago: executing program 4 (id=1424):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r2, @ANYRESDEC], 0x52)
mount$9p_fd(0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_u}]}})

3.794229572s ago: executing program 4 (id=1426):
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000100)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x3, 0x4)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100), 0x8, 0x5fb, &(0x7f00000004c0)="$eJzs3c1vFVUbAPBnpp+07/u2kDcqLqSJMZAoLS1giDER9oTgx85VpYUghRJao0USS4IbE+PGhYkrF+J/oSRuXbh14caVISHGsBBD5Jq5nSnT23tLv+69pff3S4aemeHOOVP68Jx7es7cADrWSPZHGrE/Iq4mEUOlc92RnxxZ+nv3/7xxLtuSqFTe/iOJG58ki+VrJfnXwfzF/wxF8nMasa9rdb1zC9cvTc7MTF/L98fmL18dm1u4fvji5ckL0xemr0y8OnHi+LHjJ8aPbOn++kvl07fe/3DoszPvfvv1w2T8u1/PJHEyHuVty+6r9rV9W6o5+56NRGXJg/Lx7Pt6YovX3in+Gip+Th5Lag+wY53Pfx7/FxHPxlB0lf41h+LTN9vaOKCpKkkUOQroOMmm4r9/+xsCtFjRDyje29d7H7xa2uReCdAK904tDQAsxX5PRBTx3700Nhj9kR0duJ+sGOdJImJrI3NLsjp++vHMrWyLBuNwQHMs3ixGuWvzf1KNzeF8BH3gfroi/tPSlh1/a5P1j9Tsi39oncWbEfFcnv97Y0PxP1KK//c2Wb/4BwAAAAAAgO1z51REvFJv/l+6PP+nt878n8GIOLkN9T/593/p3byQbEN1QMm9UxGv153/uzzHd7gr3/tvdT5AT3L+4sz0kXzN4KHo6cv2x2uuW54hfPjzfV81qr88/y/bsvqLuYD5le521yzEnZqcn9zqfQMR925GPF+d/3sgP7Jy/k+W/5M6+T+L76vrrGPfS7fPNjr35PgHmqXyTcTBuvn/cXc7Wfv5HGPV/sBY0StY7YWPv/i+Uf3iH9ony/8Da8d/X1J+Xs/cxq7fGxFHF7orjc5vtv/fm7zTVVw/89Hk/Py18Yje5PTq4xMbazPsVkU8FPGSxf+hF9ce/1vu/5ficE9ELK6zzmceDf7W6Jz8D+2Txf/U2vl/eGX+33hh4vbwD43qP7uu/H+smtMP5UeM/0HZ6udxrDdA29JcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjKpRHxn0jS0eVymo6ORgxGxP9jIJ2ZnZt/+fzsB1emsnPVz/9Pi0/6HVraT4rP/x8u7U/U7B+NiL0R8WXXnur+6LnZmal23zwAAAAAAAAAAAAAAAAAAADsEIPVNf+Vvtr1/5nfu9rdOqDpuvOv4h06T/emX1np29aGAC23+fgHnnbrj/+eprYDaL3G8f/gYaWqpc0BWkj/HzrXJuPfrwtgF5D/oVOtc0yvv9ntANpB/gcAAAAAgF1l74E7vyQRsfjanuqW6c3PmewPu1va7gYAbWMOL3Su7tl2twBoF+/xgWS59Hfdxf6NZ/8nzWkQAAAAAAAAAAAAALDKwf3W/0OnWnv9v7n9sJutsf6/XvB7XADsIo0/+kPuh93Oe3zgSdne+n8AAAAAAAAAAAAA2AH6r1+anJmZvja38PQV3tgZzdhYYXFyRzRjWwuPmnPlnojYGTfY6kLxCI42NqPN/y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADL/g0AAP//QwInjA==")

2.93842213s ago: executing program 9 (id=1427):
openat$mice(0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r0, 0x5607, 0x2c)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$TIOCL_SETVESABLANK(r2, 0x560e, &(0x7f0000000140))
syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, 0x0)

2.65706043s ago: executing program 4 (id=1429):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x101202, 0x0)
read$nci(r0, 0x0, 0x0)
write$nci(r0, &(0x7f0000000100)=ANY=[], 0x4)
write$nci(r0, &(0x7f0000000080)=@NCI_OP_CORE_INIT_RSP={0x0, 0x1, 0x2, 0x1, 0x8, {{0x0, 0x9, 0x1b, "02895de26267143b9ab1a7966cb0f2fcd15b4482e47446fa3468aa"}, {0x3, 0xc29f, 0xe, 0x9, 0xea, 0x4}}}, 0x2f)

2.477046746s ago: executing program 4 (id=1430):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000002000000bfa300000000000007030000007effff7a0af0ff3f00000079a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27126e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb6220fd8d4b470e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef0420f0000cac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e885340133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421a8223fe5308e4e65ee93e107000000f8ddeff70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b12000000000000000030711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dabec3d18fd0699ff3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623243643db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e69578e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea7e764dde8725d2b4a0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10b98c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5924948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476f9e0407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd96d2da66059de81abfa1acc9f889555eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b4fdc08000be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd9b31bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac4794680f3037f250e96f61cb20d46d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401413f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60530000000000000004b023e4954c9eb6cd70627f5c03edd4f5ce48b8a874c852064dd0efafc3df20ec8faf3d194db76127f88f1b4fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8b310900000c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1d8e80311895f0b99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44b57e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db6e3080000000000003e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f27b6c15b1ba971de1cb9c7e6a000000000000001478b2a78f9abfefce4448303ef54c71199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b462426ff9293a28a544a6a9e2279b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718b3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5f61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6485987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434cbd52325296e22802475edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a1471bab551bd6beae7dbf58530136c238e545b28211a92000000001501ae7d7cc75007e8ff56e6d8d72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db9966addf4877204047be633792118efdb6b88023e80da74fdf723c7f000000009f13c7e851dfc91ec01219af568825de0cedd55a92eafe9edd98a8529d64cbaa0b9f89f391b2db7369e934085e486b946a4558c68e195af1a6e6e878609f9ed7406dc9c93a5d5cc76e037d66abe4fe54f18b4c969814c7f2094ebe736ef0f0cd65b90942f2e8de44f6fd69a94ca27bb6d92e2282d4a0b0ee3abe30d877579aed9b54f460247890aed19ef12e45097631548d8639fb2b6eb9b41c7e89ee7223cdeae1b2d02cf664df99e4a661feecb63953a4d86f3060372861ac184824b7a4fd1c605128f1307f2bba91b9fbfe2884639073c1d51e42feeb5312b23b8e1e468aa31ea8e7597f5eb6ad1897a04afc8369ebec808165218b625a64a237ed01636880f70f0ed"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x4b}, 0x48)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000500)="7c003307000000000008000081001a", 0x0, 0x469, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.313357772s ago: executing program 7 (id=1431):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="696f636861727365743d617363696900f1652c696f1e716b917365743d757466382c6e6f7672732c74000020acdc6ccf12fc2289215e4cf0690f9e7a280306dca93a9e0c471dcca261ecbfef7d2c689c923248fa9b4088a7ae1c236c0610e0d94663276aaad729233c1b8662d91bda299ad42d27bce2aaf403b00e01f9b18db781ff3c0e179108254e55b32dbedc4116bf5bf3179d05c6725190d783d5d996242d8e14ddb0d65017e6819f0264081c08d474216c5976e81757a9521f170a4fda7988bef80456155b5c7874a0806025ff017cc12aa9f4022ffb459047d400b694f592011b0a434741ebe55eb13ee21c2b4d6012211be0be85440646438465f71ba617c3cdf70e2436ac56ee186c66dff01181bf5bbecb2b386676fa6691ca7ad5276878e264f82cbcb33e48949bb7a132bbbe11cb4a7f2f0eb6fe1744f39baab9cd2eefc26500d0fc199810cd3dfdde4a37ef0bdc0d0f72baa7093d5e8e02f9f68e6d0d6ec9f15247880affc233ffcd9fb5168e62a3eeae33a1058afc2fff1216bcb998bc736307324ab146be1c2e5df28280b4e33e69c89f28e0ed16a470d41354698bf8bcfb0facce28c75ef863bf59210be9d4b1d2c2b623ec67e408fc872f5bef51c9d8d41f45b0cd1ff0787c29a4e0eb2ca772757e5f40a8c1988b514214217b5aa93f3f92d0db4a8b05364e5c5fe1692519d7e25ea9f3e40724b5de8e1649946162d3e77c09530e4277d5a392f5e2ac0493dc8fc120618c1166b24d865240c27551a349cc001ae3a56e522b1b3e4a2045075dff6f9514b24a000000000000000000", @ANYRESOCT, @ANYBLOB="0700000000000000bfd2696e6963622c7569643da02afa50cfaf7ef0b1136bb846c3dca93e00005965802071679add0000000000000000d1c3122f42ea96037a96b9522cba05114b1d06b523f39b61b9cf307b30998e0bf0d34de32a48605911737fe408577290a186e912c59fd4492df747f495da7617c456798a622dae5e5631a46fe76111dc37855e0295a34c646f4c3e54f149b16b056083c35865aa5d932539f0b4c9d952c2306bd4d41812d8d8f95b8eefb320bdfe0b82196d0208cd4a08f03410cf89160f62f28c8b77a10455ab7f06978896198c9c078dc983a02f769dc808dbe3c9443d0eb3ef9330d01d5d26e6672da4fcf4493833090c0dd12f35385f05c649716b76aada5a024358fe914c7fc1220b0bfb1a7ee91dab5cadd65fac8166ff005a56364fa5f4dcc9de1e0d78c5a30c57ba77ab113069b628ff5855abb3d1859bfcf71df7b1f734216f68479dee950c61b5177edafdb456f31e7365a6e26635d25fc2b7f38bf798d0ba69b1c871ea1a2c1c59a9ff24095410e61080ebd36bed60cb9438b9602aa1d46de30be0924278c8ca4acb4351f5221dfe3c2daceb15ebed45f3b477a42a53dbd58d1c2a4236a3f3a0ca0553a66645e00322bdbb29746c2bcd58f9e6fce46d46559d3865971a2cdec16fee7632907ac72cef45f95b74dcea95dfda5c83eb34385bc0b707639752eb7b0ede35acb809a2883236681ed543ab7fbff198511bcbf4df8ae460a958e4204f0500bf23676dfb0d8b7075219e8b79ede316e583cf69475f0d583ca73f62d019d49166605880d233eb3940327e265ecaf15fe74ab31a5f8f253de901881791e7589a9252b9", @ANYRESDEC, @ANYRESHEX], 0x9, 0xc56, &(0x7f0000001bc0)="$eJzs3U9sHNd9B/DfGy3FldzWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spC3TSw89BC2KHnIpgdYokKKB0RRBj0zrAsnFhyKnntgWNoKiB7YIEKBAwGJm34pLirRlkZQo+fOxqe/szHsz782sZ2RBb14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG/9fKFk6fSNhsOPYDGAAD3xaWxL588vd3zHwB4ZF3e6f//AQAAAAAAAAAAAACAgyJFEU9EirlLa2mi+txRv9juu3lrfHhk+2pHUlXzUFW+/KmfOn3m7BeeHzrXzYvtmfepv9c+Fa+OXb7QeGn2xtz81MLC1GRjfKZ9dXZy6q73sNv6Ww1WJ6Bx47Wbk9euLTROP3dm0+ZbA+/1P3Zs4PzQMyee7pYdHx4ZGdsoUu8tX7vnhnTsNMLjcBRxIlI8+50fp1ZEFLH7c1G/v9d+qyNVJwarTowPj1QdmW63ZhbLjaPdE1FENHoqNbvnaPtrEbW++9qHnTUjlsrmlw0eLLs3Nteab12ZnmqMtuYX24vt2ZnR1Glt2Z9GFHEuRSxHxGr/nbvriyJqkeJbj6+lK/mtH9V5+Hw1MHjndhT72Me7ULaz0RexXDwE1+wA648iXokUP3n7eFzN95nqXvO5iFfK/F7Em2W+GJHKL8bZiHe3+R7xcKpFEX9SXv/za2myuh907ysXv9L40sy12Z6y3fvKh3w+3HGneEDPhyNb8v444PemehTRqu74a+nef7MDAAAAAAAAAAAAAAAAwF47EkV8MlK8/K+/V40rjmpc+uPnh3574Od7x4w/9QH7Kcs+FxFLxd2NyT2cBwaOptGUdhxL/Kf/vunjARkz9yipRxG/n8f/feNBNwYAAAAAAAAAAAAAAAAAAOAjrYgfRYoX3jmelqN3TvH2zPXG5daV6c6ssN25f7tzpq+vr683UiebOSdyLuVczrmSczVnFLl+zmbOiZxLOZdzruRczRmHcv2czZwTOZdyLudcybmaM2q5fs5mzomcSzmXc67kXM3pPQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHuviCJ+Fim++bW1FCkimhET0cmV/gfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1J+K+G6kaPxO8/a6WkSk6t+O4+UvZ6N5uMyPR3OozBejeSFnq8pa8xsPoP3sTl8q4oeRor/+1u0Lnq9/X+fT7a9BvPn1jU+fqnXyUHfjwHv9jx17/PzQyGee2mk5bdeAwYvtmZu3GuPDIyNjPatr+egf71k3kI9b7E3XiYiF1994rTU9PTV/7wvlV2AX1R+ihVT7qPTUQrUQtQPRjAfT903qD+oGxb4qn//vRopff+ffug/8zvO/Hj/X+XT7CR8//YOItNJZfmHrju7y+V/bWi8//8tn+nbP/yd61r2QfzfSV4uoL96Y6zsWUV94/Y0T7Rut61PXp2bOnjz5xaGhL5452Xc4on6tPT3Vs7Q35wsAAAAAAAAAAAAAAADgvklF/GakaP1wLTUi4lY1Xmvg/NAzJ54+FIeq8Vabxm2/Onb5QuOl2Rtz81MLC1OTjfGZ9tXZyam7PVy9Gu41PjyyL535QEf2uf1H6i/Nzr0+377+u4vbbj9av3BlYXG+dXX7zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/vL5UxH9EiqtnG+mzeV0e/791hP+m8f9LW3e0h+P/P3N0Y/zfx3qKlsdMqYifRopf+7On4rNVO4/GHecsl/vrSDF47tO5XBwuy3Xb0HmvQGdkYFn2fyLF3/9sc9nueMgnNsqe+lAn9yFQXv/HI8V3//jb8ct53eb3P2x//Y9u3dE+vf/hyZ51Rze9r2DXXSdf/xOR4sUn3opfqdb83/u+/6P77o3jncIb7+fYp+v/iz3rBvJxf3WvOg8AAAAAAAAAAPAQ60tF/E2k+P5ILT2f193N3/+b3Lqjffr7X5/oWTe5N/MVfeDCrk8qAAAAABwQfamIH0WK64tv3R5DvXn8d8/4z9/YGP85nLZsrf6c7xeq9wbs5Z//9RrIx53YfbcBAAAAAAAAAAAAAAAAAADgQEmpiOfzfOoT3bd97jCf+kqkePm/nq3KpUjHynLdeeAHql/rl2ZnTlyYnp6tx2LryvRUY2yudXWqrPtkpFj7q0/nukU1v3p3vvnOHO8bc7HPR4qRv+2W7czF3p2b/MmNsqfKsh+LFP/5d5vL5qmp89zRVdnTZdm/iBRf/cftyx7bKHumLPvtSPGDrza6ZY+WZbvvR/3ERtnnrq6vr//h3l8WAAAAAAAAAAAAAAAAAAAAPmL6UhF/FCn++8ZyHsu/3t/dlLPWLfvm13vm+9/iVjXP/0A1//+tv4yI7nLP+nuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHU4oi3ogUc5fW0kp/+bmjfrE9c/PW+PDI9tWOpKrmoap8+VM/dfrM2S88P3Sum+9ff699Ml4du3yh8dLsjbn5qYWFqcnG+Ez76uzk1F3vYbf1txqsTkDjxms3J69dW2icfu7Mps23Bt7rf+zYwPmhZ0483S07PjwyMtZTptZ3z0e/Q9ph/eEo4s8jxbPf+XH6fn9EEbs/Fx/w3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RfbgWu9KMWCqbXzZ4sOze2FxrvnVleqox2ppfbC+2Z2dGU6e1ZX8aUcS5FLEcEav9d+6uL4p4LVJ86/G19E/9EYe65+Hzl8a+fPL0zu0o9rGPd6FsZ6MvYrl4CK7ZAdYfRfxDpPjJ28fjn/sjatH5ic9FvFLm9yLejM71TuUX42zEu9t8j3g41aKI/y2v//m19HZ/eT/o3lcufqXxpZlrsz1lu/eVh/75cD8d8HtTPYr4QXXHX0v/4r9rAAAAAAAAAAAAAAAAgAOkiF+KFC+8czxV44Nvjyluz1xvXG5dme4M6+uO/euOmV5fX19vpE42c07kXMq5nHMl52rOKHL9nM0y6+vrE/nzUs7lnCs5V3PGoVw/ZzPnRM6lnMs5V3Ku5oxarp+zmXMi51LO5ZwrOVdzxgEZuwcAAAAAAAAAAAAAAAAAADxaiuqfFN/82lpa7+/MLz0RnVwxH+gj7/8DAAD//6hz/pQ=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4808, 0x0, 0x0, 0x0, &(0x7f0000000000))

2.223208625s ago: executing program 3 (id=1432):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c75737271756f74612c626172726965723d30303030303030303030303030303030303030372c6865617274626561743d6e6f6e652c696e6f646536342c00467f3194ec170fff8b2094241db250d7cb6c792ef8d9bf28101e7b64a829a7ce01a0dda61742cc9e22fb44ebe555bc4ca9be9f"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000240)=@loop={'/dev/loop', 0x0}, 0xee00, &(0x7f0000000f00)={0x7, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x200000000009})

2.167343646s ago: executing program 7 (id=1433):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = dup3(0xffffffffffffffff, r2, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000040)=0x1800, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000003540)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000003740)={0x0, 0x0, &(0x7f0000003700)={&(0x7f0000000300)={0x70, r8, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_FRAME={0x46, 0x33, @assoc_req={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x6}, @device_a, @device_a, @initial, {0x2}}, 0x600, 0x8ae, {0x0, 0x6, @default_ibss_ssid}, @val, @val={0x2d, 0x1a, {0x2000, 0x3, 0x5, 0x0, {0x5, 0x4, 0x0, 0x9, 0x0, 0x0, 0x1, 0x3}, 0x1, 0x3, 0x9}}}}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}]]}, 0x70}, 0x1, 0x0, 0x0, 0x20040080}, 0x4)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r4, 0x0, 0x0)

1.972930823s ago: executing program 9 (id=1434):
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x2556, 0x1000, 0x2, 0x24d}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

1.967268783s ago: executing program 0 (id=1435):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x20000, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

1.935220574s ago: executing program 7 (id=1436):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpeername(r0, &(0x7f00000000c0)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000180)=0x80)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = epoll_create1(0x80000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, r2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DEST(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x28, r6, 0x50dc85624ea6cf59, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

1.742591871s ago: executing program 9 (id=1437):
socket(0x11, 0x3, 0x4)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x82002, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(0x0, 0x7)
read$FUSE(0xffffffffffffffff, &(0x7f0000002a00)={0x2020}, 0x2020)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000000c0))
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0x40043d14, &(0x7f0000000080)={{0xffffffffffffffff, 0x4}, {0x6, 0x571}})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000004)
sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x20}}, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x40002888, 0x80, 0xfffffffe, 0x4a}, 0x0, 0x0)

1.711052742s ago: executing program 0 (id=1438):
futex(&(0x7f0000000300), 0x4, 0x1, 0x0, &(0x7f0000000380)=0x2, 0x2)

1.639404374s ago: executing program 0 (id=1439):
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000100)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x3, 0x4)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100), 0x8, 0x5fb, &(0x7f00000004c0)="$eJzs3c1vFVUbAPBnpp+07/u2kDcqLqSJMZAoLS1giDER9oTgx85VpYUghRJao0USS4IbE+PGhYkrF+J/oSRuXbh14caVISHGsBBD5Jq5nSnT23tLv+69pff3S4aemeHOOVP68Jx7es7cADrWSPZHGrE/Iq4mEUOlc92RnxxZ+nv3/7xxLtuSqFTe/iOJG58ki+VrJfnXwfzF/wxF8nMasa9rdb1zC9cvTc7MTF/L98fmL18dm1u4fvji5ckL0xemr0y8OnHi+LHjJ8aPbOn++kvl07fe/3DoszPvfvv1w2T8u1/PJHEyHuVty+6r9rV9W6o5+56NRGXJg/Lx7Pt6YovX3in+Gip+Th5Lag+wY53Pfx7/FxHPxlB0lf41h+LTN9vaOKCpKkkUOQroOMmm4r9/+xsCtFjRDyje29d7H7xa2uReCdAK904tDQAsxX5PRBTx3700Nhj9kR0duJ+sGOdJImJrI3NLsjp++vHMrWyLBuNwQHMs3ixGuWvzf1KNzeF8BH3gfroi/tPSlh1/a5P1j9Tsi39oncWbEfFcnv97Y0PxP1KK//c2Wb/4BwAAAAAAgO1z51REvFJv/l+6PP+nt878n8GIOLkN9T/593/p3byQbEN1QMm9UxGv153/uzzHd7gr3/tvdT5AT3L+4sz0kXzN4KHo6cv2x2uuW54hfPjzfV81qr88/y/bsvqLuYD5le521yzEnZqcn9zqfQMR925GPF+d/3sgP7Jy/k+W/5M6+T+L76vrrGPfS7fPNjr35PgHmqXyTcTBuvn/cXc7Wfv5HGPV/sBY0StY7YWPv/i+Uf3iH9ony/8Da8d/X1J+Xs/cxq7fGxFHF7orjc5vtv/fm7zTVVw/89Hk/Py18Yje5PTq4xMbazPsVkU8FPGSxf+hF9ce/1vu/5ficE9ELK6zzmceDf7W6Jz8D+2Txf/U2vl/eGX+33hh4vbwD43qP7uu/H+smtMP5UeM/0HZ6udxrDdA29JcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjKpRHxn0jS0eVymo6ORgxGxP9jIJ2ZnZt/+fzsB1emsnPVz/9Pi0/6HVraT4rP/x8u7U/U7B+NiL0R8WXXnur+6LnZmal23zwAAAAAAAAAAAAAAAAAAADsEIPVNf+Vvtr1/5nfu9rdOqDpuvOv4h06T/emX1np29aGAC23+fgHnnbrj/+eprYDaL3G8f/gYaWqpc0BWkj/HzrXJuPfrwtgF5D/oVOtc0yvv9ntANpB/gcAAAAAgF1l74E7vyQRsfjanuqW6c3PmewPu1va7gYAbWMOL3Su7tl2twBoF+/xgWS59Hfdxf6NZ/8nzWkQAAAAAAAAAAAAALDKwf3W/0OnWnv9v7n9sJutsf6/XvB7XADsIo0/+kPuh93Oe3zgSdne+n8AAAAAAAAAAAAA2AH6r1+anJmZvja38PQV3tgZzdhYYXFyRzRjWwuPmnPlnojYGTfY6kLxCI42NqPN/y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADL/g0AAP//QwInjA==")

766.844164ms ago: executing program 0 (id=1440):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x101202, 0x0)
read$nci(r0, 0x0, 0x0)
write$nci(r0, &(0x7f0000000100)=ANY=[], 0x4)
write$nci(r0, &(0x7f0000000080)=@NCI_OP_CORE_INIT_RSP={0x0, 0x1, 0x2, 0x1, 0x8, {{0x0, 0x9, 0x1b, "02895de26267143b9ab1a7966cb0f2fcd15b4482e47446fa3468aa"}, {0x3, 0xc29f, 0xe, 0x9, 0xea, 0x4}}}, 0x2f)

731.053655ms ago: executing program 7 (id=1441):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000500)="7c003307000000000008000081001a", 0x0, 0x469, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

551.474811ms ago: executing program 0 (id=1442):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="000005"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

0s ago: executing program 0 (id=1443):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

kernel console output (not intermixed with test programs):

p2: p1 start 1601398130 is beyond EOD, truncated
[  426.407490][ T6690] loop2: p2 start 1702059890 is beyond EOD, truncated
[  426.732653][ T4348] EXT4-fs (loop4): unmounting filesystem.
[  427.032656][ T6700] loop5: detected capacity change from 0 to 1024
[  427.051301][ T6700] EXT4-fs: Ignoring removed nobh option
[  427.053046][ T6700] EXT4-fs: Ignoring removed bh option
[  427.056988][ T6700] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  427.095124][ T6698] loop4: detected capacity change from 0 to 2048
[  427.121856][ T6700] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  427.130734][ T6698] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  427.181106][ T6698] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  427.293033][ T4357] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  427.300488][ T4890] EXT4-fs (loop5): unmounting filesystem.
[  427.370668][ T6707] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  427.379807][ T6707] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  427.644208][ T6712] loop0: detected capacity change from 0 to 1024
[  427.652684][ T6712] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  428.456132][ T6716] loop4: detected capacity change from 0 to 512
[  428.458784][ T6716] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  428.685165][ T6722] loop5: detected capacity change from 0 to 4096
[  428.687688][ T6722] EXT4-fs: inline encryption not supported
[  428.690022][ T6722] EXT4-fs (loop5): Test dummy encryption mode enabled
[  428.859122][ T6722] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  428.874720][ T6722] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[  428.902112][ T6727] loop4: detected capacity change from 0 to 1024
[  429.530803][ T6727] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  429.540514][ T4890] EXT4-fs error (device loop5): ext4_readdir:263: inode #12: block 80: comm syz-executor: path /107/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  429.568999][ T4890] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #17: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 4c8, entries 1, max 4(0), depth 0(0)
[  429.589253][ T6727] EXT4-fs error (device loop4): __ext4_iget:5077: inode #8: block 1803188595: comm syz.4.664: invalid block
[  429.602732][ T4890] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #17: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 4c8, entries 1, max 4(0), depth 0(0)
[  429.616974][ T6727] EXT4-fs (loop4): no journal found
[  429.671919][ T5891] EXT4-fs (loop5): unmounting filesystem.
[  430.073641][   T22] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  430.273855][ T6734] loop4: detected capacity change from 0 to 1024
[  430.283821][   T22] usb 1-1: Using ep0 maxpacket: 32
[  430.287198][   T22] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  430.289987][   T22] usb 1-1: config 0 has no interface number 0
[  430.302887][   T22] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  430.304167][ T6734] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  430.305553][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.310092][   T22] usb 1-1: Product: syz
[  430.311356][   T22] usb 1-1: Manufacturer: syz
[  430.312787][   T22] usb 1-1: SerialNumber: syz
[  430.321329][   T22] usb 1-1: config 0 descriptor??
[  430.325028][   T22] smsc95xx v2.0.0
[  430.326038][   T22] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  430.328865][   T22] smsc95xx: probe of 1-1:0.67 failed with error -22
[  430.356946][ T4348] EXT4-fs (loop4): unmounting filesystem.
[  430.539740][ T6732] loop2: detected capacity change from 0 to 7
[  430.541936][ T6732] Dev loop2: unable to read RDB block 7
[  430.546023][ T6732]  loop2: AHDI p1 p2 p3
[  430.547299][ T6732] loop2: partition table partially beyond EOD, truncated
[  430.549933][ T6732] loop2: p1 start 1601398130 is beyond EOD, truncated
[  430.551946][ T6732] loop2: p2 start 1702059890 is beyond EOD, truncated
[  430.560097][ T4516] usb 1-1: USB disconnect, device number 27
[  431.157191][ T6741] loop0: detected capacity change from 0 to 512
[  431.179349][ T6741] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  431.655958][ T6747] loop4: detected capacity change from 0 to 512
[  431.994300][ T6747] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  432.118352][ T6747] EXT4-fs error (device loop4): ext4_add_entry:2486: inode #12: comm syz.4.674: Directory hole found for htree leaf block 0
[  432.124253][ T6747] EXT4-fs (loop4): Remounting filesystem read-only
[  432.348748][ T4348] EXT4-fs (loop4): unmounting filesystem.
[  432.401147][ T6753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  432.407054][ T6753] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  433.126883][ T2058] ieee802154 phy0 wpan0: encryption failed: -22
[  433.128960][ T2058] ieee802154 phy1 wpan1: encryption failed: -22
[  433.688511][ T6760] loop0: detected capacity change from 0 to 128
[  433.694217][ T6760] EXT4-fs: Ignoring removed nobh option
[  433.701850][ T6760] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  433.991013][ T4355] EXT4-fs (loop0): unmounting filesystem.
[  434.628619][ T6768] loop4: detected capacity change from 0 to 512
[  434.675302][ T6768] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  434.840014][ T6775] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.680: iget: bad i_size value: 2533274857506816
[  434.854946][ T6775] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.680: iget: bad i_size value: 2533274857506816
[  434.859607][ T6775] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.680: iget: bad i_size value: 2533274857506816
[  435.684112][ T4352] Bluetooth: hci2: command 0x0406 tx timeout
[  435.696784][ T4352] Bluetooth: hci4: command 0x0406 tx timeout
[  437.881283][ T4352] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  437.888786][ T4352] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  437.891910][ T4352] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  437.898338][ T4352] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  437.901426][ T4352] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  437.904844][ T4352] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  439.923191][ T4357] Bluetooth: hci3: command 0x0409 tx timeout
[  440.390751][ T4348] EXT4-fs (loop4): unmounting filesystem.
[  440.477215][ T6787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  440.480086][ T6787] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  440.489400][ T6787] loop2: detected capacity change from 0 to 7
[  440.500284][ T6788] Dev loop2: unable to read RDB block 7
[  440.501958][ T6788]  loop2: AHDI p1 p2 p3
[  440.506131][ T6788] loop2: partition table partially beyond EOD, truncated
[  440.508760][ T6788] loop2: p1 start 1601398130 is beyond EOD, truncated
[  440.510567][ T6788] loop2: p2 start 1702059890 is beyond EOD, truncated
[  440.631732][ T6787] Dev loop2: unable to read RDB block 7
[  440.634393][ T6787]  loop2: AHDI p1 p2 p3
[  440.635565][ T6787] loop2: partition table partially beyond EOD, truncated
[  440.637678][ T6787] loop2: p1 start 1601398130 is beyond EOD, truncated
[  440.646224][ T6787] loop2: p2 start 1702059890 is beyond EOD, truncated
[  441.455308][ T6366] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.655577][ T4365] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  441.666686][ T4365] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  441.672361][ T4365] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  441.675003][ T4365] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  441.678093][ T4365] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  441.680158][ T4365] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  441.802492][   T22] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  441.929737][ T6366] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.039754][   T22] usb 1-1: config 0 has too many interfaces: 204, using maximum allowed: 32
[  442.082341][ T4365] Bluetooth: hci3: command 0x041b tx timeout
[  442.095573][   T22] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 204
[  442.207160][   T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  442.306397][   T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.412764][   T22] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  442.418086][   T22] usb 1-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[  442.442112][   T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.448550][   T22] usb 1-1: config 0 descriptor??
[  442.735222][ T6828] loop6: detected capacity change from 0 to 512
[  442.750339][ T6828] EXT4-fs: Ignoring removed orlov option
[  442.755645][ T6828] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  442.774659][ T6366] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.790016][ T6828] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  442.821130][ T6777] chnl_net:caif_netlink_parms(): no params data found
[  442.824215][ T6828] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2195: inode #15: comm syz.6.691: corrupted in-inode xattr
[  442.828768][ T6828] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.691: couldn't read orphan inode 15 (err -117)
[  442.997050][ T6835] loop4: detected capacity change from 0 to 2048
[  443.071520][ T6828] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  443.104761][ T6835] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  443.564088][   T22] usbhid 1-1:0.0: can't add hid device: -71
[  443.565923][   T22] usbhid: probe of 1-1:0.0 failed with error -71
[  443.580669][   T22] usb 1-1: USB disconnect, device number 28
[  443.634040][ T6366] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.717456][ T5613] EXT4-fs (loop6): unmounting filesystem.
[  443.772000][ T4357] Bluetooth: hci4: command 0x0409 tx timeout
[  443.815586][ T6842] loop4: detected capacity change from 0 to 128
[  443.944133][ T6777] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.962206][ T6777] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.964992][ T6777] device bridge_slave_0 entered promiscuous mode
[  444.021014][ T6866] loop4: detected capacity change from 0 to 512
[  444.023154][ T6777] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.025563][ T6777] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.028207][ T6777] device bridge_slave_1 entered promiscuous mode
[  444.038055][ T6866] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  444.161898][ T4357] Bluetooth: hci3: command 0x040f tx timeout
[  444.189169][ T6366] tipc: Disabling bearer <udp:syz2>
[  444.190762][ T6366] tipc: Left network mode
[  444.193782][ T6777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  444.243963][ T6777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  444.246886][ T6810] chnl_net:caif_netlink_parms(): no params data found
[  444.396959][ T6777] team0: Port device team_slave_0 added
[  444.413985][ T6777] team0: Port device team_slave_1 added
[  444.477913][ T4365] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  444.595757][ T6777] batman_adv: batadv0: Adding interface: batadv_slave_0
[  444.597800][ T6777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.613564][ T6884] loop4: detected capacity change from 0 to 1024
[  444.636618][ T6884] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  444.640639][ T6884] EXT4-fs error (device loop4): __ext4_iget:5077: inode #8: block 1803188595: comm syz.4.696: invalid block
[  444.644679][ T6884] EXT4-fs (loop4): no journal found
[  444.657643][ T6777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  444.708612][ T6777] batman_adv: batadv0: Adding interface: batadv_slave_1
[  444.726662][ T6777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.768639][ T6777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  444.938074][ T6810] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.940348][ T6810] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.952430][   T22] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  444.952634][ T6810] device bridge_slave_0 entered promiscuous mode
[  445.064796][ T6890] loop6: detected capacity change from 0 to 4096
[  445.067149][ T6890] EXT4-fs: inline encryption not supported
[  445.111597][ T6890] EXT4-fs (loop6): Test dummy encryption mode enabled
[  445.151912][   T22] usb 1-1: Using ep0 maxpacket: 32
[  445.162394][   T22] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  445.164644][   T22] usb 1-1: config 0 has no interface number 0
[  445.180252][   T22] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  445.185523][ T6810] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.187456][ T6810] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.196430][ T6810] device bridge_slave_1 entered promiscuous mode
[  445.201209][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.205518][ T6890] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  445.208541][   T22] usb 1-1: Product: syz
[  445.209722][   T22] usb 1-1: Manufacturer: syz
[  445.211238][   T22] usb 1-1: SerialNumber: syz
[  445.224523][ T6890] EXT4-fs (loop6): re-mounted. Quota mode: writeback.
[  445.225896][   T22] usb 1-1: config 0 descriptor??
[  445.244582][   T22] smsc95xx v2.0.0
[  445.249707][   T22] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  445.871832][ T4365] Bluetooth: hci4: command 0x041b tx timeout
[  445.958651][   T22] smsc95xx: probe of 1-1:0.67 failed with error -22
[  446.015704][ T6872] loop2: detected capacity change from 0 to 7
[  446.021922][ T6872] Dev loop2: unable to read RDB block 7
[  446.023558][ T6872]  loop2: AHDI p1 p2 p3
[  446.033572][ T5613] EXT4-fs error (device loop6): ext4_readdir:263: inode #12: block 80: comm syz-executor: path /38/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  446.051770][ T6872] loop2: partition table partially beyond EOD, truncated
[  446.053913][ T6872] loop2: p1 start 1601398130 is beyond EOD, truncated
[  446.055814][ T6872] loop2: p2 start 1702059890 is beyond EOD, truncated
[  446.062405][ T5613] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #17: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 4c8, entries 1, max 4(0), depth 0(0)
[  446.073612][ T6777] device hsr_slave_0 entered promiscuous mode
[  446.076445][ T5613] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #17: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 4c8, entries 1, max 4(0), depth 0(0)
[  446.084399][ T4399] usb 1-1: USB disconnect, device number 29
[  446.103251][ T6777] device hsr_slave_1 entered promiscuous mode
[  446.219008][ T6810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  446.238289][ T6810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.241630][ T4357] Bluetooth: hci3: command 0x0419 tx timeout
[  446.356420][ T6810] team0: Port device team_slave_0 added
[  446.496550][ T6810] team0: Port device team_slave_1 added
[  446.532718][ T6810] batman_adv: batadv0: Adding interface: batadv_slave_0
[  446.534717][ T6810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.542229][ T6810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  446.546534][ T6810] batman_adv: batadv0: Adding interface: batadv_slave_1
[  446.548513][ T6810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.556397][ T6810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  446.587035][ T5613] EXT4-fs (loop6): unmounting filesystem.
[  446.807044][ T6810] device hsr_slave_0 entered promiscuous mode
[  446.862474][ T6810] device hsr_slave_1 entered promiscuous mode
[  446.901694][ T6810] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  446.909321][ T6810] Cannot create hsr debugfs directory
[  446.986335][ T4357] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  446.991661][ T4357] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  446.994561][ T4357] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  446.997630][ T4357] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  447.000057][ T4357] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  447.089613][ T6777] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  447.161921][ T4357] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  447.166660][ T6938] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  447.169247][ T6938] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  447.921463][ T4365] Bluetooth: hci4: command 0x040f tx timeout
[  448.897261][ T6777] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  448.953660][ T6777] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  449.141638][ T6777] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  449.196123][ T6961] loop4: detected capacity change from 0 to 8
[  449.461632][ T4516] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  449.769524][ T4365] Bluetooth: hci0: command 0x0409 tx timeout
[  449.963408][ T6969] loop4: detected capacity change from 0 to 512
[  449.985318][ T6969] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  450.001355][ T4357] Bluetooth: hci4: command 0x0419 tx timeout
[  450.016414][ T6969] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #2: comm syz.4.716: corrupted inode contents
[  450.021244][ T4516] usb 1-1: Using ep0 maxpacket: 32
[  450.027924][ T6969] EXT4-fs error (device loop4): ext4_dirty_inode:6119: inode #2: comm syz.4.716: mark_inode_dirty error
[  450.031457][ T4516] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  450.032499][ T6969] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #2: comm syz.4.716: corrupted inode contents
[  450.033672][ T4516] usb 1-1: config 0 has no interface number 0
[  450.037195][ T6969] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.716: mark_inode_dirty error
[  450.042576][ T4516] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  450.044988][ T4516] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.047195][ T4516] usb 1-1: Product: syz
[  450.048407][ T4516] usb 1-1: Manufacturer: syz
[  450.050106][ T4516] usb 1-1: SerialNumber: syz
[  450.062112][ T4516] usb 1-1: config 0 descriptor??
[  450.065164][ T4516] smsc95xx v2.0.0
[  450.066291][ T4516] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  450.069082][ T4516] smsc95xx: probe of 1-1:0.67 failed with error -22
[  450.097108][ T4348] EXT4-fs (loop4): unmounting filesystem.
[  450.169701][ T6976] netlink: 8 bytes leftover after parsing attributes in process `syz.4.717'.
[  450.180720][ T6976] netlink: 20 bytes leftover after parsing attributes in process `syz.4.717'.
[  450.242542][ T6366] device hsr_slave_0 left promiscuous mode
[  450.271672][ T6366] device hsr_slave_1 left promiscuous mode
[  450.277558][ T6957] loop2: detected capacity change from 0 to 7
[  450.280393][ T6957] Dev loop2: unable to read RDB block 7
[  450.289919][ T6957]  loop2: AHDI p1 p2 p3
[  450.291786][ T6957] loop2: partition table partially beyond EOD, truncated
[  450.295161][ T6957] loop2: p1 start 1601398130 is beyond EOD, truncated
[  450.297164][ T6957] loop2: p2 start 1702059890 is beyond EOD, truncated
[  450.308630][ T4414] usb 1-1: USB disconnect, device number 30
[  450.431480][ T6366] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  450.433537][ T6366] batman_adv: batadv0: Removing interface: batadv_slave_0
[  450.437307][ T6366] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  450.439519][ T6366] batman_adv: batadv0: Removing interface: batadv_slave_1
[  450.443783][ T6366] device bridge_slave_1 left promiscuous mode
[  450.445541][ T6366] bridge0: port 2(bridge_slave_1) entered disabled state
[  450.477375][ T6366] device bridge_slave_0 left promiscuous mode
[  450.479768][ T6366] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.391478][ T6366] device veth1_macvtap left promiscuous mode
[  451.393195][ T6366] device veth0_macvtap left promiscuous mode
[  451.394926][ T6366] device veth1_vlan left promiscuous mode
[  451.396617][ T6366] device veth0_vlan left promiscuous mode
[  451.841311][ T4365] Bluetooth: hci0: command 0x041b tx timeout
[  452.232881][ T7004] loop4: detected capacity change from 0 to 256
[  452.278300][ T7004] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  452.286414][ T7004] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  452.304351][ T7004] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  452.524888][ T7010] loop0: detected capacity change from 0 to 8
[  453.225034][ T4398] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  453.239767][ T4398] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  454.261923][ T4365] Bluetooth: hci0: command 0x040f tx timeout
[  455.240820][ T1962] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  455.431798][ T1962] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  455.434920][ T1962] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  455.437436][ T1962] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  455.439996][ T1962] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.451285][ T1962] usb 1-1: config 0 descriptor??
[  455.946097][ T1962] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0
[  455.955756][ T1962] cp2112 0003:10C4:EA90.0004: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  456.643053][ T4365] Bluetooth: hci0: command 0x0419 tx timeout
[  456.674356][ T1962] cp2112 0003:10C4:EA90.0004: Part Number: 0x17 Device Version: 0x76
[  456.898350][ T1962] cp2112 0003:10C4:EA90.0004: error requesting SMBus config
[  456.907428][ T1962] cp2112: probe of 0003:10C4:EA90.0004 failed with error -71
[  456.913451][ T1962] usb 1-1: USB disconnect, device number 31
[  456.956898][ T6366] team0 (unregistering): Port device team_slave_1 removed
[  457.617417][ T7041] fido_id[7041]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  457.732562][ T6366] team0 (unregistering): Port device team_slave_0 removed
[  457.941086][ T6366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  458.261216][ T6366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  461.313310][ T6366] bond0 (unregistering): Released all slaves
[  461.555798][ T7048] netlink: 4 bytes leftover after parsing attributes in process `syz.0.735'.
[  461.743907][ T6777] 8021q: adding VLAN 0 to HW filter on device bond0
[  461.752865][ T6777] 8021q: adding VLAN 0 to HW filter on device team0
[  461.774613][ T6777] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  461.777583][ T6777] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  461.823481][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  461.826433][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  461.828873][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  461.832414][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  461.834947][ T4546] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.836855][ T4546] bridge0: port 1(bridge_slave_0) entered forwarding state
[  461.850254][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  461.886436][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  461.891504][ T4546] bridge0: port 2(bridge_slave_1) entered blocking state
[  461.894047][ T4546] bridge0: port 2(bridge_slave_1) entered forwarding state
[  461.922038][ T7079] loop0: detected capacity change from 0 to 8
[  461.954414][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  462.202996][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  462.341988][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  462.498965][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  462.513133][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  462.526226][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  462.539602][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  462.554437][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  462.557316][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  462.561797][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  462.565017][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  462.567583][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  462.570259][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  462.589370][ T6928] chnl_net:caif_netlink_parms(): no params data found
[  462.625650][ T6810] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  462.686804][ T6810] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  462.721308][ T6810] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  462.789256][ T6777] 8021q: adding VLAN 0 to HW filter on device batadv0
[  462.800556][ T6810] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  462.842545][ T4476] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  462.844817][ T4476] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  463.013915][ T6928] bridge0: port 1(bridge_slave_0) entered blocking state
[  463.015995][ T6928] bridge0: port 1(bridge_slave_0) entered disabled state
[  463.039338][ T6928] device bridge_slave_0 entered promiscuous mode
[  463.108701][ T7116] device batadv0 entered promiscuous mode
[  463.120727][ T7116] device batadv0 left promiscuous mode
[  463.211680][ T6928] bridge0: port 2(bridge_slave_1) entered blocking state
[  463.213834][ T6928] bridge0: port 2(bridge_slave_1) entered disabled state
[  463.217226][ T6928] device bridge_slave_1 entered promiscuous mode
[  463.263112][ T6928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  463.289941][ T6928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  463.368227][ T6928] team0: Port device team_slave_0 added
[  463.417506][ T6928] team0: Port device team_slave_1 added
[  463.423399][ T7131] loop0: detected capacity change from 0 to 2048
[  463.487119][ T7131] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  463.553068][ T6928] batman_adv: batadv0: Adding interface: batadv_slave_0
[  463.555157][ T6928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  463.581052][ T6928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  463.595702][ T6810] 8021q: adding VLAN 0 to HW filter on device bond0
[  463.599800][ T7131] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  463.608053][ T7131] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 366 with error 28
[  463.613377][ T7131] EXT4-fs (loop0): This should not happen!! Data will be lost
[  463.613377][ T7131] 
[  463.615961][ T7131] EXT4-fs (loop0): Total free blocks count 0
[  463.617605][ T7131] EXT4-fs (loop0): Free/Dirty block details
[  463.619261][ T7131] EXT4-fs (loop0): free_blocks=2415919104
[  463.622114][ T7131] EXT4-fs (loop0): dirty_blocks=368
[  463.623623][ T7131] EXT4-fs (loop0): Block reservation details
[  463.625229][ T7131] EXT4-fs (loop0): i_reserved_data_blocks=23
[  463.627227][ T6928] batman_adv: batadv0: Adding interface: batadv_slave_1
[  463.629149][ T6928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  463.643646][ T6928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  463.705169][ T6751] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 366 with error 28
[  464.189720][ T4627] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  464.196653][ T6366] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.210316][ T6810] 8021q: adding VLAN 0 to HW filter on device team0
[  464.212580][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  464.215800][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  464.218676][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  464.221633][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  464.312544][ T6366] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.363011][ T6928] device hsr_slave_0 entered promiscuous mode
[  464.381016][ T4627] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  464.384420][ T4627] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  464.387343][ T4627] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  464.391223][ T4627] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  464.393733][ T4627] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.402529][ T4627] usb 1-1: config 0 descriptor??
[  464.416610][ T6928] device hsr_slave_1 entered promiscuous mode
[  464.449916][ T6928] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  464.452094][ T6928] Cannot create hsr debugfs directory
[  464.462272][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  464.465205][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  464.468732][ T6751] bridge0: port 1(bridge_slave_0) entered blocking state
[  464.470836][ T6751] bridge0: port 1(bridge_slave_0) entered forwarding state
[  464.521661][ T6366] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.533722][ T6777] device veth0_vlan entered promiscuous mode
[  464.566831][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  464.578874][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  464.583807][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  464.586686][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  464.598194][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  464.601237][ T6751] bridge0: port 2(bridge_slave_1) entered blocking state
[  464.603327][ T6751] bridge0: port 2(bridge_slave_1) entered forwarding state
[  464.605749][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  464.608324][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  464.697885][ T6366] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.727740][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  464.731693][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  464.734609][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  464.738733][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  464.745076][ T6777] device veth1_vlan entered promiscuous mode
[  464.757964][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  464.780362][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  464.783445][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  464.786275][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  464.789196][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  464.821361][ T4627] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  464.830703][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  464.839907][ T4627] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  464.844238][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  464.876254][ T6810] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  464.896480][ T6777] device veth0_macvtap entered promiscuous mode
[  464.926040][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  464.929028][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  464.932997][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  465.073153][ T6777] device veth1_macvtap entered promiscuous mode
[  465.941159][ T6366] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.959879][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  465.967555][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  465.975326][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.978348][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  465.985573][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.988665][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  465.999685][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.002465][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  466.005367][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.013494][ T6777] batman_adv: batadv0: Interface activated: batadv_slave_0
[  466.040567][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  466.043860][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.046605][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  466.062891][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.066073][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  466.081218][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.084300][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  466.087252][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.100571][ T6777] batman_adv: batadv0: Interface activated: batadv_slave_1
[  466.103315][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  466.106750][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  466.124531][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  466.128831][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  466.214044][ T6366] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.242793][ T6777] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  466.245901][ T6777] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  466.248538][ T6777] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  466.253621][ T6777] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  466.258204][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.4.766'.
[  466.351442][ T6366] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.403269][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  466.405554][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  466.408338][ T7220] fuse: Bad value for 'fd'
[  466.415591][ T6928] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  466.522549][ T6366] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.532334][ T6810] 8021q: adding VLAN 0 to HW filter on device batadv0
[  466.550288][ T6928] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  466.591800][ T6928] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  466.625960][ T6928] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  466.709583][ T4490] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.712054][ T4490] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.738116][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  466.753905][ T4546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.766624][ T4546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.791417][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  466.934701][ T4490] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  466.937915][ T4490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  467.017900][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  467.021071][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  467.025257][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  467.031166][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  467.038121][ T6810] device veth0_vlan entered promiscuous mode
[  467.076338][ T6928] 8021q: adding VLAN 0 to HW filter on device bond0
[  467.083731][ T6366] tipc: Disabling bearer <udp:syz2>
[  467.085355][ T6366] tipc: Left network mode
[  467.102252][ T7253] loop7: detected capacity change from 0 to 512
[  467.102621][ T6810] device veth1_vlan entered promiscuous mode
[  467.123741][ T7253] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  467.136489][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  467.140136][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  467.151539][ T7253] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee018, mo2=0002]
[  467.153725][ T7253] System zones: 1-12
[  467.155752][ T7253] EXT4-fs (loop7): 1 truncate cleaned up
[  467.155917][ T6928] 8021q: adding VLAN 0 to HW filter on device team0
[  467.157311][ T7253] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  467.203909][ T6810] device veth0_macvtap entered promiscuous mode
[  467.206892][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  467.208417][ T6810] device veth1_macvtap entered promiscuous mode
[  467.213685][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  467.216400][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  467.220317][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  467.245726][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  467.265433][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  467.268226][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  467.272084][  T232] bridge0: port 1(bridge_slave_0) entered blocking state
[  467.274193][  T232] bridge0: port 1(bridge_slave_0) entered forwarding state
[  467.292945][ T7260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  467.299751][ T7260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  467.626419][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.630793][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.636803][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.642703][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.646072][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.658574][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.664872][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.667899][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.678019][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.688419][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.697235][ T6810] batman_adv: batadv0: Interface activated: batadv_slave_0
[  467.703894][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  467.706692][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  467.714431][ T4640] usb 1-1: USB disconnect, device number 32
[  467.715354][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  467.731362][  T232] bridge0: port 2(bridge_slave_1) entered blocking state
[  467.733437][  T232] bridge0: port 2(bridge_slave_1) entered forwarding state
[  467.741168][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  467.747563][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  467.774635][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  467.903211][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.918305][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.925666][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.938350][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.952734][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.961967][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.970114][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.975971][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.978750][ T6810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.982952][ T6810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.992248][ T6810] batman_adv: batadv0: Interface activated: batadv_slave_1
[  468.010171][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  468.013603][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  468.021316][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  468.028086][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  468.034416][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  468.166580][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  468.171077][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  468.176281][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  468.194428][ T6810] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  468.198131][ T6810] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  468.207315][ T6810] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  468.213125][ T6810] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  468.292005][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  468.295838][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  468.298775][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  468.310148][ T6749] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  468.445252][ T6928] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  468.660584][ T4489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  468.663003][ T4489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  468.697788][ T4490] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  468.705928][ T4490] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  468.709799][ T4489] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  468.715883][ T4489] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  468.773180][ T4357] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  468.776008][ T4357] CPU: 0 PID: 4357 Comm: kworker/u5:4 Not tainted 6.1.144-syzkaller #0
[  468.778281][ T4357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  468.781220][ T4357] Workqueue: hci3 hci_rx_work
[  468.782494][ T4357] Call trace:
[  468.783531][ T4357]  dump_backtrace+0x1c8/0x1f4
[  468.784832][ T4357]  show_stack+0x2c/0x3c
[  468.786022][ T4357]  __dump_stack+0x30/0x40
[  468.787288][ T4357]  dump_stack_lvl+0xf8/0x160
[  468.788532][ T4357]  dump_stack+0x1c/0x5c
[  468.789727][ T4357]  sysfs_create_dir_ns+0x22c/0x24c
[  468.791196][ T4357]  kobject_add_internal+0x5a8/0xb30
[  468.792623][ T4357]  kobject_add+0x134/0x1f8
[  468.793798][ T4357]  device_add+0x3f0/0xf94
[  468.794957][ T4357]  hci_conn_add_sysfs+0xbc/0x1cc
[  468.796388][ T4357]  le_conn_complete_evt+0xa24/0xf8c
[  468.797833][ T4357]  hci_le_conn_complete_evt+0x114/0x3f8
[  468.799370][ T4357]  hci_le_meta_evt+0x2c0/0x4a4
[  468.800766][ T4357]  hci_event_packet+0x6ac/0xf08
[  468.802121][ T4357]  hci_rx_work+0x324/0xaa0
[  468.803351][ T4357]  process_one_work+0x7f4/0x13a8
[  468.804817][ T4357]  worker_thread+0x8c8/0xfbc
[  468.806103][ T4357]  kthread+0x250/0x2d8
[  468.807276][ T4357]  ret_from_fork+0x10/0x20
[  468.808674][    C0] vkms_vblank_simulate: vblank timer overrun
[  468.811158][ T4357] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  468.814794][ T4357] Bluetooth: hci3: failed to register connection device
[  468.870092][ T4489] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  468.872247][ T4489] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  469.011449][ T6928] 8021q: adding VLAN 0 to HW filter on device batadv0
[  469.133755][ T7327] loop0: detected capacity change from 0 to 128
[  469.174810][ T7327] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  469.196988][ T7335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  469.200468][ T7335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  470.077949][ T4355] EXT4-fs (loop0): unmounting filesystem.
[  470.480018][ T4640] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  470.685054][ T4640] usb 1-1: config 0 has too many interfaces: 204, using maximum allowed: 32
[  470.687839][ T4640] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 204
[  470.763624][ T4640] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  470.892316][ T4640] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  471.079455][ T4640] usb 1-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[  471.082326][ T4640] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.111685][ T4640] usb 1-1: config 0 descriptor??
[  471.241007][ T7359] loop7: detected capacity change from 0 to 512
[  471.258885][ T7359] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  471.276337][ T7359] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee018, mo2=0002]
[  471.282392][ T7359] System zones: 1-12
[  471.286790][ T7359] EXT4-fs (loop7): 1 truncate cleaned up
[  471.288322][ T7359] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  471.389251][ T6095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  471.406901][ T6095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  471.425616][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  471.489406][ T7369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.492575][ T7369] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.542356][ T4640] input: HID 28bd:0909 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28BD:0909.0006/input/input7
[  471.550584][ T4640] uclogic 0003:28BD:0909.0006: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.0-1/input0
[  471.725164][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  471.728232][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  471.732180][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  471.735371][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  471.738262][ T6928] device veth0_vlan entered promiscuous mode
[  471.749032][ T4398] usb 1-1: USB disconnect, device number 33
[  471.797752][ T6928] device veth1_vlan entered promiscuous mode
[  471.815762][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  471.828921][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  471.831633][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  471.834236][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  472.291439][ T7392] capability: warning: `syz.7.799' uses deprecated v2 capabilities in a way that may be insecure
[  472.643020][ T6928] device veth0_macvtap entered promiscuous mode
[  472.965469][ T6928] device veth1_macvtap entered promiscuous mode
[  473.019291][ T4490] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  473.022045][ T4490] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  473.074851][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.077845][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.099938][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.102899][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.105580][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.128365][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.135326][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.138270][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.148566][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.151557][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.192133][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.208438][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.226066][ T7400] loop8: detected capacity change from 0 to 32768
[  473.227674][ T6928] batman_adv: batadv0: Interface activated: batadv_slave_0
[  473.231842][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  473.236282][ T7400] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 scanned by syz.8.802 (7400)
[  473.251308][  T232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  473.254600][ T7400] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  473.257589][ T7400] BTRFS info (device loop8): using crc32c (crc32c-generic) checksum algorithm
[  473.260166][ T7400] BTRFS info (device loop8): turning on sync discard
[  473.262054][ T7400] BTRFS info (device loop8): use zlib compression, level 3
[  473.264138][ T7400] BTRFS info (device loop8): turning off barriers
[  473.266103][ T7400] BTRFS warning (device loop8): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  473.269195][ T7400] BTRFS info (device loop8): trying to use backup root at mount time
[  473.271559][ T7400] BTRFS info (device loop8): enabling auto defrag
[  473.273362][ T7400] BTRFS info (device loop8): max_inline at 0
[  473.275130][ T7400] BTRFS info (device loop8): using free space tree
[  473.305575][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  473.309142][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.311927][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  473.357472][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.360923][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  473.364327][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.366910][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  473.403048][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.405952][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  473.442029][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.449987][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  473.468789][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.495828][ T6928] batman_adv: batadv0: Interface activated: batadv_slave_1
[  473.512459][ T5384] BTRFS warning (device loop8): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  473.516519][ T7400] BTRFS error (device loop8): failed to load root extent
[  473.518755][ T7400] BTRFS warning (device loop8): try to load backup roots slot 1
[  473.529267][ T6095] BTRFS warning (device loop8): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  473.533199][ T7400] BTRFS warning (device loop8): couldn't read tree root
[  473.535063][ T7400] BTRFS warning (device loop8): try to load backup roots slot 2
[  473.537792][ T7400] BTRFS error (device loop8): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  473.541303][ T7400] BTRFS warning (device loop8): couldn't read tree root
[  473.543294][ T7400] BTRFS warning (device loop8): try to load backup roots slot 3
[  473.564855][ T7400] BTRFS info (device loop8): enabling ssd optimizations
[  473.571952][ T7400] BTRFS info (device loop8): rebuilding free space tree
[  474.061225][ T7400] BTRFS info (device loop8): checking UUID tree
[  474.444083][ T6810] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  474.637669][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  474.640904][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  474.646405][ T6928] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  474.649189][ T6928] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  474.656314][ T6928] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  474.676058][ T6928] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  474.692891][ T7449] netem: change failed
[  474.852284][ T7468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  474.854869][ T7468] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  476.225826][ T4357] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  476.228669][ T4357] CPU: 0 PID: 4357 Comm: kworker/u5:4 Not tainted 6.1.144-syzkaller #0
[  476.230990][ T4357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  476.233708][ T4357] Workqueue: hci4 hci_rx_work
[  476.234935][ T4357] Call trace:
[  476.235830][ T4357]  dump_backtrace+0x1c8/0x1f4
[  476.237052][ T4357]  show_stack+0x2c/0x3c
[  476.238163][ T4357]  __dump_stack+0x30/0x40
[  476.239322][ T4357]  dump_stack_lvl+0xf8/0x160
[  476.240598][ T4357]  dump_stack+0x1c/0x5c
[  476.241671][ T4357]  sysfs_create_dir_ns+0x22c/0x24c
[  476.243139][ T4357]  kobject_add_internal+0x5a8/0xb30
[  476.244596][ T4357]  kobject_add+0x134/0x1f8
[  476.245924][ T4357]  device_add+0x3f0/0xf94
[  476.247155][ T4357]  hci_conn_add_sysfs+0xbc/0x1cc
[  476.248587][ T4357]  le_conn_complete_evt+0xa24/0xf8c
[  476.250031][ T4357]  hci_le_conn_complete_evt+0x114/0x3f8
[  476.251660][ T4357]  hci_le_meta_evt+0x2c0/0x4a4
[  476.252910][ T4357]  hci_event_packet+0x6ac/0xf08
[  476.254306][ T4357]  hci_rx_work+0x324/0xaa0
[  476.255589][ T4357]  process_one_work+0x7f4/0x13a8
[  476.256988][ T4357]  worker_thread+0x8c8/0xfbc
[  476.258277][ T4357]  kthread+0x250/0x2d8
[  476.259624][ T4357]  ret_from_fork+0x10/0x20
[  476.262974][ T4387] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  476.265525][ T4387] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  476.268898][ T4546] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  476.270697][ T4357] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  476.271104][ T4546] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  476.274778][ T4357] Bluetooth: hci4: failed to register connection device
[  476.343659][ T6366] device hsr_slave_0 left promiscuous mode
[  476.407151][ T6366] device hsr_slave_1 left promiscuous mode
[  476.448114][ T4426] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  476.458037][ T7494] loop7: detected capacity change from 0 to 4096
[  476.468516][ T7494] ntfs3: Unknown parameter 'windows_names'
[  476.498227][ T6366] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  476.500545][ T6366] batman_adv: batadv0: Removing interface: batadv_slave_0
[  476.504203][ T6366] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.506315][ T6366] batman_adv: batadv0: Removing interface: batadv_slave_1
[  476.526981][ T6366] device bridge_slave_1 left promiscuous mode
[  476.529121][ T6366] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.536995][ T7496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  476.547872][ T7496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  476.575354][ T6366] device bridge_slave_0 left promiscuous mode
[  476.577375][ T6366] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.628105][ T4426] usb 1-1: Using ep0 maxpacket: 16
[  476.637636][ T6366] device hsr_slave_0 left promiscuous mode
[  476.637960][ T4426] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  476.642121][ T4426] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.659685][ T4426] usb 1-1: Product: syz
[  476.661177][ T4426] usb 1-1: Manufacturer: syz
[  476.662510][ T4426] usb 1-1: SerialNumber: syz
[  476.664970][ T4426] r8152-cfgselector 1-1: config 0 descriptor??
[  476.678625][ T6366] device hsr_slave_1 left promiscuous mode
[  476.768075][ T6366] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  476.770243][ T6366] batman_adv: batadv0: Removing interface: batadv_slave_0
[  476.774069][ T6366] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.776182][ T6366] batman_adv: batadv0: Removing interface: batadv_slave_1
[  476.778863][ T6366] device bridge_slave_1 left promiscuous mode
[  476.780638][ T6366] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.818876][ T6366] device bridge_slave_0 left promiscuous mode
[  476.820771][ T6366] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.958833][ T6366] device veth1_macvtap left promiscuous mode
[  476.960703][ T6366] device veth0_macvtap left promiscuous mode
[  476.962462][ T6366] device veth1_vlan left promiscuous mode
[  476.964129][ T6366] device veth0_vlan left promiscuous mode
[  477.048111][ T6366] device veth1_macvtap left promiscuous mode
[  477.050076][ T6366] device veth0_macvtap left promiscuous mode
[  477.053156][ T6366] device veth1_vlan left promiscuous mode
[  477.054836][ T6366] device veth0_vlan left promiscuous mode
[  477.099029][ T4426] r8152-cfgselector 1-1: Unknown version 0x0000
[  477.100929][ T4426] r8152-cfgselector 1-1: bad CDC descriptors
[  477.105482][ T4426] r8152-cfgselector 1-1: Unknown version 0x0000
[  477.130173][ T4426] r8152-cfgselector 1-1: USB disconnect, device number 34
[  478.298063][ T7248] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  478.480146][ T7248] usb 1-1: config 0 has too many interfaces: 204, using maximum allowed: 32
[  478.482622][ T7248] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 204
[  478.485283][ T7248] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  478.488761][ T7248] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  478.491642][ T7248] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  478.495326][ T7248] usb 1-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[  478.508018][ T7248] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.512762][ T7248] usb 1-1: config 0 descriptor??
[  479.161297][ T7248] usbhid 1-1:0.0: can't add hid device: -71
[  479.163156][ T7248] usbhid: probe of 1-1:0.0 failed with error -71
[  479.168556][ T7248] usb 1-1: USB disconnect, device number 35
[  479.362973][ T6366] team0 (unregistering): Port device team_slave_1 removed
[  479.559933][ T6366] team0 (unregistering): Port device team_slave_0 removed
[  479.749319][ T6366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  479.968977][ T6366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  482.460626][ T6366] bond0 (unregistering): Released all slaves
[  484.672184][ T6366] team0 (unregistering): Port device team_slave_1 removed
[  484.869053][ T6366] team0 (unregistering): Port device team_slave_0 removed
[  485.058738][ T6366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  485.288308][ T6366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  487.845695][ T6366] bond0 (unregistering): Released all slaves
[  488.117360][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  488.167736][ T4476] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  488.170152][ T4476] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  488.174940][ T6095] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  488.285427][ T7546] netlink: 80 bytes leftover after parsing attributes in process `syz.0.847'.
[  488.331672][ T7549] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  488.343407][ T7549] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  488.385720][ T7549] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  488.596361][ T7562] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.613483][ T7562] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  488.677719][ T7559] loop0: detected capacity change from 0 to 4096
[  488.721880][ T7567] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.732402][ T7567] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  488.780677][ T7571] netlink: 16402 bytes leftover after parsing attributes in process `syz.9.852'.
[  488.783457][ T7566] netlink: 16402 bytes leftover after parsing attributes in process `syz.9.852'.
[  488.886006][ T7577] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.891408][ T7577] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  489.054206][ T7585] netlink: 8 bytes leftover after parsing attributes in process `syz.4.857'.
[  489.060494][ T7585] netlink: 'syz.4.857': attribute type 30 has an invalid length.
[  489.065400][ T7585] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  489.068571][ T7585] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  489.070991][ T7585] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  489.073431][ T7585] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  489.089052][ T7585] netlink: 8 bytes leftover after parsing attributes in process `syz.4.857'.
[  489.091525][ T7585] netlink: 'syz.4.857': attribute type 30 has an invalid length.
[  489.250537][ T7593] loop8: detected capacity change from 0 to 164
[  489.347612][ T7593] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  489.541447][ T7593] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.757004][ T7610] loop7: detected capacity change from 0 to 16
[  489.763968][ T7610] MTD: Attempt to mount non-MTD device "/dev/loop7"
[  489.766182][ T7612] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  489.773949][ T7593] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.795940][ T7612] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  489.938772][ T7593] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.957208][ T7619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  489.959732][ T7619] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  490.062345][ T7593] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.330251][ T7593] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  490.337523][ T7593] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  490.343804][ T7593] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  490.350279][ T7593] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  491.329798][ T7636] loop0: detected capacity change from 0 to 32768
[  491.361990][ T7647] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  491.364458][ T7647] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  491.382038][ T7649] loop8: detected capacity change from 0 to 1024
[  491.429531][ T7649] EXT4-fs: Ignoring removed bh option
[  491.438304][ T7636] XFS (loop0): Mounting V5 Filesystem
[  491.455577][ T7657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  491.466966][ T7657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  491.511441][ T7649] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  491.529486][ T7649] EXT4-fs error (device loop8): ext4_check_all_de:666: inode #12: block 7: comm syz.8.877: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0
[  491.570209][ T7636] XFS (loop0): Ending clean mount
[  491.583088][ T7636] XFS (loop0): Quotacheck needed: Please wait.
[  491.657141][ T7636] XFS (loop0): Quotacheck: Done.
[  491.676763][ T6810] EXT4-fs (loop8): unmounting filesystem.
[  491.760366][ T7674] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  491.764660][ T7674] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  491.765619][ T4355] XFS (loop0): Unmounting Filesystem
[  492.110180][ T7690] loop7: detected capacity change from 0 to 512
[  492.145961][ T7690] EXT4-fs (loop7): couldn't mount as ext3 due to feature incompatibilities
[  492.500903][ T7700] loop7: detected capacity change from 0 to 1024
[  492.613795][ T7700] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  492.632154][ T7700] EXT4-fs error (device loop7): __ext4_iget:5077: inode #8: block 1803188595: comm syz.7.885: invalid block
[  492.647914][ T7700] EXT4-fs (loop7): no journal found
[  493.154359][ T7706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  493.166198][ T7706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  493.241365][ T7707] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  493.243775][ T7707] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  493.341421][ T7718] loop0: detected capacity change from 0 to 128
[  493.665583][ T7737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  493.670084][ T7737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  493.677283][ T7737] loop2: detected capacity change from 0 to 7
[  493.679663][ T7737] Dev loop2: unable to read RDB block 7
[  493.681149][ T7737]  loop2: unable to read partition table
[  493.682745][ T7737] loop2: partition table beyond EOD, truncated
[  493.684534][ T7737] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  493.756360][ T7248] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  494.047718][ T7248] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  494.050977][ T7248] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  494.053611][ T7248] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  494.058748][ T7248] usb 1-1: config 0 descriptor??
[  494.062791][ T7248] pwc: Askey VC010 type 2 USB webcam detected.
[  494.223772][ T7758] loop9: detected capacity change from 0 to 1024
[  494.321179][ T7758] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  494.337319][ T7758] EXT4-fs error (device loop9): __ext4_iget:5077: inode #8: block 1803188595: comm syz.9.902: invalid block
[  494.422162][ T7758] EXT4-fs (loop9): no journal found
[  494.636777][ T2058] ieee802154 phy0 wpan0: encryption failed: -22
[  494.639069][ T2058] ieee802154 phy1 wpan1: encryption failed: -22
[  494.733114][ T7248] pwc: send_video_command error -71
[  494.734673][ T7248] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  494.738016][ T7248] Philips webcam: probe of 1-1:0.0 failed with error -71
[  494.741239][ T7248] usb 1-1: USB disconnect, device number 36
[  494.786250][ T7539] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  495.027640][ T7763] loop8: detected capacity change from 0 to 32768
[  495.101496][ T7763] XFS (loop8): Mounting V5 Filesystem
[  495.143002][ T7763] XFS (loop8): Ending clean mount
[  495.225562][ T6810] XFS (loop8): Unmounting Filesystem
[  495.385854][ T7248] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  495.575182][ T7248] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  495.578530][ T7248] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  495.581092][ T7248] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.591663][ T7248] usb 1-1: config 0 descriptor??
[  495.603670][ T7248] pwc: Askey VC010 type 2 USB webcam detected.
[  495.756018][ T4365] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  495.759078][ T4365] CPU: 1 PID: 4365 Comm: kworker/u5:8 Not tainted 6.1.144-syzkaller #0
[  495.761490][ T4365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  495.764234][ T4365] Workqueue: hci0 hci_rx_work
[  495.765571][ T4365] Call trace:
[  495.766471][ T4365]  dump_backtrace+0x1c8/0x1f4
[  495.767824][ T4365]  show_stack+0x2c/0x3c
[  495.768939][ T4365]  __dump_stack+0x30/0x40
[  495.770142][ T4365]  dump_stack_lvl+0xf8/0x160
[  495.771374][ T4365]  dump_stack+0x1c/0x5c
[  495.772491][ T4365]  sysfs_create_dir_ns+0x22c/0x24c
[  495.773889][ T4365]  kobject_add_internal+0x5a8/0xb30
[  495.775357][ T4365]  kobject_add+0x134/0x1f8
[  495.776593][ T4365]  device_add+0x3f0/0xf94
[  495.777758][ T4365]  hci_conn_add_sysfs+0xbc/0x1cc
[  495.779107][ T4365]  le_conn_complete_evt+0xa24/0xf8c
[  495.780623][ T4365]  hci_le_conn_complete_evt+0x114/0x3f8
[  495.782150][ T4365]  hci_le_meta_evt+0x2c0/0x4a4
[  495.783525][ T4365]  hci_event_packet+0x6ac/0xf08
[  495.784895][ T4365]  hci_rx_work+0x324/0xaa0
[  495.786061][ T4365]  process_one_work+0x7f4/0x13a8
[  495.787420][ T4365]  worker_thread+0x8c8/0xfbc
[  495.788650][ T4365]  kthread+0x250/0x2d8
[  495.789790][ T4365]  ret_from_fork+0x10/0x20
[  495.792969][ T4365] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  495.796763][ T4365] Bluetooth: hci0: failed to register connection device
[  495.882842][ T7805] loop8: detected capacity change from 0 to 512
[  495.890303][ T7807] loop9: detected capacity change from 0 to 16
[  495.900799][ T7807] MTD: Attempt to mount non-MTD device "/dev/loop9"
[  495.961831][ T7805] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  496.016425][ T7248] pwc: recv_control_msg error -32 req 02 val 2b00
[  496.019048][ T7248] pwc: recv_control_msg error -32 req 02 val 2700
[  496.021597][ T7248] pwc: recv_control_msg error -32 req 02 val 2c00
[  496.024729][ T7248] pwc: recv_control_msg error -32 req 04 val 1000
[  496.035321][ T7248] pwc: recv_control_msg error -32 req 04 val 1300
[  496.045865][ T7248] pwc: recv_control_msg error -32 req 04 val 1400
[  496.071579][ T7817] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  496.086212][ T7817] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28
[  496.089764][ T7817] EXT4-fs (loop8): This should not happen!! Data will be lost
[  496.089764][ T7817] 
[  496.095188][ T7817] EXT4-fs (loop8): Total free blocks count 0
[  496.098226][ T7817] EXT4-fs (loop8): Free/Dirty block details
[  496.101088][ T7817] EXT4-fs (loop8): free_blocks=65280
[  496.103747][ T7817] EXT4-fs (loop8): dirty_blocks=2
[  496.107751][ T7817] EXT4-fs (loop8): Block reservation details
[  496.110689][ T7817] EXT4-fs (loop8): i_reserved_data_blocks=2
[  496.155129][ T6810] EXT4-fs (loop8): unmounting filesystem.
[  496.183886][ T7819] netlink: 8 bytes leftover after parsing attributes in process `syz.9.914'.
[  496.234661][ T7824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  496.248803][ T7824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  496.263179][ T7248] pwc: recv_control_msg error -71 req 02 val 2100
[  496.265257][ T7248] pwc: recv_control_msg error -71 req 04 val 1500
[  496.267421][ T7824] loop2: detected capacity change from 0 to 7
[  496.268720][ T7248] pwc: recv_control_msg error -71 req 02 val 2500
[  496.271988][ T7824] Dev loop2: unable to read RDB block 7
[  496.274682][ T7248] pwc: recv_control_msg error -71 req 02 val 2400
[  496.275829][ T7824]  loop2: unable to read partition table
[  496.280544][ T7248] pwc: recv_control_msg error -71 req 02 val 2600
[  496.280561][ T7824] loop2: partition table beyond EOD, truncated
[  496.296727][ T7248] pwc: recv_control_msg error -71 req 02 val 2900
[  496.300547][ T7824] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  496.300887][ T7248] pwc: recv_control_msg error -71 req 02 val 2800
[  496.323099][ T7248] pwc: recv_control_msg error -71 req 04 val 1100
[  496.325263][ T7248] pwc: recv_control_msg error -71 req 04 val 1200
[  496.343755][ T7248] pwc: Registered as video11.
[  496.353265][ T7248] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input8
[  496.379293][ T7832] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  496.381913][ T7248] usb 1-1: USB disconnect, device number 37
[  496.402796][ T7832] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  496.550476][ T7841] loop7: detected capacity change from 0 to 64
[  496.613497][ T7841] Trying to free block not in datazone
[  496.615540][ T7841] Trying to free block not in datazone
[  496.622241][ T7841] Trying to free block not in datazone
[  496.762319][ T7848] loop7: detected capacity change from 0 to 2048
[  497.020460][ T7856] 9pnet: p9_errstr2errno: server reported unknown error 1844674
[  497.130273][ T7848] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  497.174963][ T7848] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  497.230089][ T7848] EXT4-fs (loop7): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 17 with error 28
[  497.254210][ T7848] EXT4-fs (loop7): This should not happen!! Data will be lost
[  497.254210][ T7848] 
[  497.268622][ T7848] EXT4-fs (loop7): Total free blocks count 0
[  497.270429][ T7848] EXT4-fs (loop7): Free/Dirty block details
[  497.272144][ T7848] EXT4-fs (loop7): free_blocks=2415919104
[  497.273720][ T7848] EXT4-fs (loop7): dirty_blocks=32
[  497.275107][ T7848] EXT4-fs (loop7): Block reservation details
[  497.278363][ T7848] EXT4-fs (loop7): i_reserved_data_blocks=2
[  497.340267][ T7868] loop0: detected capacity change from 0 to 1024
[  497.390939][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  497.739818][ T7885] loop9: detected capacity change from 0 to 64
[  497.791058][ T6095] hfsplus: b-tree write err: -5, ino 4
[  498.573793][ T7922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.586570][ T7922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.837923][ T7911] loop9: detected capacity change from 0 to 8
[  499.342904][ T7965] loop8: detected capacity change from 0 to 64
[  499.354267][ T7967] loop7: detected capacity change from 0 to 256
[  499.369548][ T7967] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  499.387170][ T7967] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  499.414462][ T7967] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  499.842866][ T7992] netlink: 16 bytes leftover after parsing attributes in process `syz.0.967'.
[  499.989421][ T7991] loop7: detected capacity change from 0 to 4096
[  500.017064][ T7991] ntfs3: Unknown parameter 'nocase'
[  500.867742][ T8025] loop7: detected capacity change from 0 to 32768
[  501.201142][ T8025] XFS (loop7): Mounting V5 Filesystem
[  502.030127][ T8057] loop8: detected capacity change from 0 to 16
[  502.032446][ T8057] MTD: Attempt to mount non-MTD device "/dev/loop8"
[  502.153935][ T8063] loop0: detected capacity change from 0 to 1024
[  502.163873][ T8025] XFS (loop7): Ending clean mount
[  502.174777][ T8025] XFS (loop7): Quotacheck needed: Please wait.
[  502.264654][ T8063] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  502.279350][ T8025] XFS (loop7): Quotacheck: Done.
[  502.492045][ T4355] EXT4-fs (loop0): unmounting filesystem.
[  502.598155][ T6777] XFS (loop7): Unmounting Filesystem
[  502.752741][ T8086] loop8: detected capacity change from 0 to 512
[  502.785735][ T8086] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found
[  502.789898][ T8086] UDF-fs: Scanning with blocksize 512 failed
[  502.802258][ T8086] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found
[  502.804347][ T8086] UDF-fs: Scanning with blocksize 1024 failed
[  502.858140][ T8086] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found
[  502.867011][ T8086] UDF-fs: Scanning with blocksize 2048 failed
[  502.875482][ T8086] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  502.911235][ T8086] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  503.609478][ T8116] syz.9.1005 uses obsolete (PF_INET,SOCK_PACKET)
[  504.095575][ T8130] loop7: detected capacity change from 0 to 8
[  504.265232][ T8131] loop0: detected capacity change from 0 to 64
[  504.549224][ T4365] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  504.758564][ T8146] loop0: detected capacity change from 0 to 256
[  504.760215][ T8150] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  504.769182][ T8150] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  505.053309][ T8169] loop7: detected capacity change from 0 to 64
[  505.401288][ T4414] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  505.584519][ T4414] usb 1-1: Using ep0 maxpacket: 32
[  505.587706][ T4414] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  505.589871][ T4414] usb 1-1: config 0 has no interface number 0
[  505.593410][ T4414] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  505.604580][ T4414] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.608648][ T4414] usb 1-1: Product: syz
[  505.610753][ T4414] usb 1-1: Manufacturer: syz
[  505.612056][ T4414] usb 1-1: SerialNumber: syz
[  505.621075][ T4414] usb 1-1: config 0 descriptor??
[  505.630251][ T4414] smsc95xx v2.0.0
[  505.631329][ T4414] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  505.644599][ T4414] smsc95xx: probe of 1-1:0.67 failed with error -22
[  505.707349][ T8199] loop7: detected capacity change from 0 to 256
[  505.831909][ T8164] loop2: detected capacity change from 0 to 7
[  505.861283][ T8164] Dev loop2: unable to read RDB block 7
[  505.865539][ T8164]  loop2: unable to read partition table
[  505.867198][ T8164] loop2: partition table beyond EOD, truncated
[  505.901555][ T8164] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  505.922354][ T4414] usb 1-1: USB disconnect, device number 38
[  506.056641][ T8213] loop7: detected capacity change from 0 to 64
[  506.066043][ T8213] syz.7.1036: attempt to access beyond end of device
[  506.066043][ T8213] loop7: rw=0, sector=655368, nr_sectors = 1 limit=64
[  506.070011][ T8213] Buffer I/O error on dev loop7, logical block 655368, async page read
[  506.072330][ T8213] syz.7.1036: attempt to access beyond end of device
[  506.072330][ T8213] loop7: rw=0, sector=655369, nr_sectors = 1 limit=64
[  506.076445][ T8213] Buffer I/O error on dev loop7, logical block 655369, async page read
[  506.078658][ T8213] syz.7.1036: attempt to access beyond end of device
[  506.078658][ T8213] loop7: rw=0, sector=655370, nr_sectors = 1 limit=64
[  506.082223][ T8213] Buffer I/O error on dev loop7, logical block 655370, async page read
[  506.084605][ T8213] syz.7.1036: attempt to access beyond end of device
[  506.084605][ T8213] loop7: rw=0, sector=655371, nr_sectors = 1 limit=64
[  506.088257][ T8213] Buffer I/O error on dev loop7, logical block 655371, async page read
[  506.090528][ T8213] syz.7.1036: attempt to access beyond end of device
[  506.090528][ T8213] loop7: rw=0, sector=655372, nr_sectors = 1 limit=64
[  506.094184][ T8213] Buffer I/O error on dev loop7, logical block 655372, async page read
[  506.096504][ T8213] syz.7.1036: attempt to access beyond end of device
[  506.096504][ T8213] loop7: rw=0, sector=655373, nr_sectors = 1 limit=64
[  506.100160][ T8213] Buffer I/O error on dev loop7, logical block 655373, async page read
[  506.102413][ T8213] syz.7.1036: attempt to access beyond end of device
[  506.102413][ T8213] loop7: rw=0, sector=655374, nr_sectors = 1 limit=64
[  506.106189][ T8213] Buffer I/O error on dev loop7, logical block 655374, async page read
[  506.108463][ T8213] syz.7.1036: attempt to access beyond end of device
[  506.108463][ T8213] loop7: rw=0, sector=655375, nr_sectors = 1 limit=64
[  506.112070][ T8213] Buffer I/O error on dev loop7, logical block 655375, async page read
[  506.114755][ T8213] hfs: unable to open catalog tree
[  506.116592][ T8213] hfs: can't find a HFS filesystem on dev loop7
[  506.165440][ T7544] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  506.287006][ T8220] loop7: detected capacity change from 0 to 64
[  506.332082][ T8221] loop8: detected capacity change from 0 to 1024
[  506.452700][ T8221] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  506.503930][ T8221] EXT4-fs error (device loop8): __ext4_iget:5077: inode #8: block 1803188595: comm syz.8.1029: invalid block
[  506.542860][ T8221] EXT4-fs (loop8): no journal found
[  507.701974][ T8238] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1041'.
[  507.737440][ T8238] device dummy0 entered promiscuous mode
[  507.739248][ T8238] device macvtap1 entered promiscuous mode
[  507.873156][ T8245] 9pnet_fd: Insufficient options for proto=fd
[  508.338989][ T8267] loop9: detected capacity change from 0 to 256
[  508.469580][ T8267] FAT-fs (loop9): Directory bread(block 64) failed
[  508.471697][ T8267] FAT-fs (loop9): Directory bread(block 65) failed
[  508.478118][ T8267] FAT-fs (loop9): Directory bread(block 66) failed
[  508.486660][ T8267] FAT-fs (loop9): Directory bread(block 67) failed
[  508.491347][ T8267] FAT-fs (loop9): Directory bread(block 68) failed
[  508.500797][ T8267] FAT-fs (loop9): Directory bread(block 69) failed
[  508.502896][ T8267] FAT-fs (loop9): Directory bread(block 70) failed
[  508.513364][ T8267] FAT-fs (loop9): Directory bread(block 71) failed
[  508.521063][ T8267] FAT-fs (loop9): Directory bread(block 72) failed
[  508.562595][ T8267] FAT-fs (loop9): Directory bread(block 73) failed
[  509.124641][ T8284] 9pnet_fd: Insufficient options for proto=fd
[  509.244869][ T8290] netlink: 'syz.8.1058': attribute type 12 has an invalid length.
[  509.535088][ T8295] loop7: detected capacity change from 0 to 8192
[  509.713579][ T8307] loop8: detected capacity change from 0 to 1024
[  509.862340][ T4546] hfsplus: b-tree write err: -5, ino 4
[  509.918053][ T8315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.935497][ T8315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  510.196249][ T8321] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  510.198862][ T8321] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  510.222334][ T8321] loop2: detected capacity change from 0 to 7
[  510.239727][ T7544] Dev loop2: unable to read RDB block 7
[  510.241557][ T7544]  loop2: unable to read partition table
[  510.243208][ T7544] loop2: partition table beyond EOD, truncated
[  510.248590][ T8321] Dev loop2: unable to read RDB block 7
[  510.250292][ T8321]  loop2: unable to read partition table
[  510.273231][ T8321] loop2: partition table beyond EOD, truncated
[  510.301098][ T8321] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  510.962038][   T27] kauditd_printk_skb: 403 callbacks suppressed
[  510.962051][   T27] audit: type=1326 audit(4350.959:6553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8337 comm="syz.8.1071" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff7fb5aba8 code=0x0
[  510.995716][ T8341] 9pnet_fd: Insufficient options for proto=fd
[  511.473221][ T8357] loop7: detected capacity change from 0 to 1024
[  511.588245][ T4546] hfsplus: b-tree write err: -5, ino 4
[  511.912454][ T8364] device syzkaller0 entered promiscuous mode
[  512.168746][ T8382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  512.171511][ T8382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  512.178729][ T8382] loop2: detected capacity change from 0 to 7
[  512.181128][ T8382] Dev loop2: unable to read RDB block 7
[  512.182959][ T8382]  loop2: unable to read partition table
[  512.190718][ T8382] loop2: partition table beyond EOD, truncated
[  512.197918][ T8382] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  512.329521][ T4357] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  512.866459][ T8413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  512.877598][ T8413] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  513.086522][ T4365] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  514.297650][ T4365] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  523.426201][ T8450] loop8: detected capacity change from 0 to 256
[  523.470965][ T8450] FAT-fs (loop8): Directory bread(block 64) failed
[  523.486876][ T8450] FAT-fs (loop8): Directory bread(block 65) failed
[  523.488823][ T8450] FAT-fs (loop8): Directory bread(block 66) failed
[  523.490609][ T8450] FAT-fs (loop8): Directory bread(block 67) failed
[  523.507232][ T8450] FAT-fs (loop8): Directory bread(block 68) failed
[  523.509037][ T8450] FAT-fs (loop8): Directory bread(block 69) failed
[  523.510867][ T8450] FAT-fs (loop8): Directory bread(block 70) failed
[  523.544625][ T8450] FAT-fs (loop8): Directory bread(block 71) failed
[  523.546615][ T8450] FAT-fs (loop8): Directory bread(block 72) failed
[  523.553271][ T8457] loop0: detected capacity change from 0 to 512
[  523.555582][ T8457] EXT4-fs: Ignoring removed orlov option
[  523.568109][ T8457] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  523.568143][ T8450] FAT-fs (loop8): Directory bread(block 73) failed
[  523.583170][ T8457] EXT4-fs (loop0): orphan cleanup on readonly fs
[  523.658783][ T8457] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1108: bg 0: block 248: padding at end of block bitmap is not set
[  523.728741][ T8457] Quota error (device loop0): write_blk: dquota write failed
[  523.731093][ T8457] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  523.743330][ T8457] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.1108: Failed to acquire dquot type 1
[  523.755328][ T8457] EXT4-fs (loop0): 1 truncate cleaned up
[  523.757379][ T8457] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  523.764857][ T8475] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  523.767324][ T8475] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  523.796558][ T8475] loop2: detected capacity change from 0 to 7
[  523.801629][ T8475] Dev loop2: unable to read RDB block 7
[  523.804019][ T8475]  loop2: unable to read partition table
[  523.805883][ T8475] loop2: partition table beyond EOD, truncated
[  523.824137][ T8475] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  523.921751][ T8482] tipc: Failed to obtain node identity
[  523.948958][ T8482] tipc: Enabling of bearer <ib:gre0> rejected, failed to enable media
[  523.981967][ T8487] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1117'.
[  523.991345][ T8487] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1117'.
[  524.097895][ T8496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  524.107341][ T8496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  524.246061][    C0] vcan0: j1939_tp_rxtimer: 0x00000000d6d68a49: rx timeout, send abort
[  524.250503][    C0] vcan0: j1939_tp_rxtimer: 0x000000005a59d49a: rx timeout, send abort
[  524.254140][    C0] vcan0: j1939_xtp_rx_abort_one: 0x00000000d6d68a49: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  524.259151][    C0] vcan0: j1939_xtp_rx_abort_one: 0x000000005a59d49a: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  524.303889][ T4355] EXT4-fs (loop0): unmounting filesystem.
[  524.337519][ T8496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  524.340111][ T8496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  525.487658][ T4357] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  525.554550][ T8527] loop9: detected capacity change from 0 to 256
[  525.907072][ T8537] tipc: Enabled bearer <ib:gre0>, priority 0
[  526.157640][ T8550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  526.171993][ T8550] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  526.440947][ T8550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  526.443652][ T8550] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  526.564796][ T8558] loop7: detected capacity change from 0 to 2048
[  526.674675][ T8564] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  527.317728][ T8587] loop9: detected capacity change from 0 to 4096
[  527.618481][ T8595] loop8: detected capacity change from 0 to 40427
[  527.623068][ T8595] F2FS-fs (loop8): build fault injection attr: rate: 19, type: 0x3ffff
[  527.625383][ T8595] F2FS-fs (loop8): Unrecognized mount option "barrier" or missing value
[  527.727665][ T8484] I/O error, dev loop8, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  527.796024][ T4365] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  527.889083][ T8611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  527.914826][ T8611] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  527.946037][ T8611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  527.948748][ T8611] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  527.992849][ T8615] loop9: detected capacity change from 0 to 128
[  528.046983][ T8615] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  528.391541][ T8611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  528.603895][ T8611] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  528.863451][ T8611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  528.865966][ T8611] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  528.876304][ T8629] loop7: detected capacity change from 0 to 512
[  528.878573][ T8629] EXT4-fs: Ignoring removed bh option
[  528.925817][ T6928] EXT4-fs (loop9): unmounting filesystem.
[  528.935211][ T8629] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  528.956681][ T8629] EXT4-fs (loop7): 1 truncate cleaned up
[  528.958469][ T8629] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  529.059760][ T8638] 9pnet_fd: Insufficient options for proto=fd
[  529.153409][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  529.350092][ T8655] loop7: detected capacity change from 0 to 256
[  529.879471][    C0] vcan0: j1939_tp_rxtimer: 0x000000004a2f3a68: rx timeout, send abort
[  529.881866][    C0] vcan0: j1939_tp_rxtimer: 0x000000002e652657: rx timeout, send abort
[  529.884459][    C0] vcan0: j1939_xtp_rx_abort_one: 0x000000004a2f3a68: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  529.888419][    C0] vcan0: j1939_xtp_rx_abort_one: 0x000000002e652657: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  530.143662][  T216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  530.145997][  T216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  530.548369][ T8709] loop9: detected capacity change from 0 to 512
[  530.568017][ T8709] EXT4-fs (loop9): orphan cleanup on readonly fs
[  530.578030][ T8709] EXT4-fs error (device loop9): ext4_orphan_get:1426: comm syz.9.1185: bad orphan inode 13
[  530.582412][ T8709] ext4_test_bit(bit=12, block=18) = 1
[  530.586478][ T8709] is_bad_inode(inode)=0
[  530.587793][ T8709] NEXT_ORPHAN(inode)=2130706432
[  530.591409][ T8709] max_ino=32
[  530.593842][ T8709] i_nlink=1
[  530.596169][ T8709] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  530.625338][ T8709] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  530.722243][ T8709] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1185: bg 0: block 248: padding at end of block bitmap is not set
[  530.760728][ T8709] Quota error (device loop9): write_blk: dquota write failed
[  530.765503][ T8709] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  530.775252][ T8709] EXT4-fs error (device loop9): ext4_acquire_dquot:6814: comm syz.9.1185: Failed to acquire dquot type 1
[  530.797850][ T8709] EXT4-fs warning (device loop9): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  530.918724][ T6928] EXT4-fs (loop9): unmounting filesystem.
[  542.104572][ T8986] loop8: detected capacity change from 0 to 512
[  542.166030][ T8986] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  542.212595][ T8986] EXT4-fs (loop8): 1 truncate cleaned up
[  542.214419][ T8986] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  542.724397][ T6810] EXT4-fs (loop8): unmounting filesystem.
[  542.899849][ T9000] loop7: detected capacity change from 0 to 128
[  542.906586][ T8974] loop9: detected capacity change from 0 to 1024
[  542.940373][ T9000] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  542.943268][ T8974] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  542.956671][ T8974] EXT4-fs error (device loop9): __ext4_iget:5077: inode #8: block 1803188595: comm syz.9.1191: invalid block
[  543.055672][ T8974] EXT4-fs (loop9): no journal found
[  543.839752][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  544.381456][ T9034] loop8: detected capacity change from 0 to 32768
[  544.386024][ T9034] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 scanned by syz.8.1207 (9034)
[  544.404868][ T9034] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  544.407780][ T9034] BTRFS info (device loop8): using crc32c (crc32c-generic) checksum algorithm
[  544.410268][ T9034] BTRFS info (device loop8): max_inline at 0
[  544.411808][ T9034] BTRFS info (device loop8): enabling disk space caching
[  544.413763][ T9034] BTRFS info (device loop8): setting nodatasum
[  544.415442][ T9034] BTRFS info (device loop8): turning off barriers
[  544.417127][ T9034] BTRFS info (device loop8): turning on flush-on-commit
[  544.418968][ T9034] BTRFS info (device loop8): doing ref verification
[  544.420958][ T9034] BTRFS warning (device loop8): excessive commit interval 2147483647
[  544.423088][ T9034] BTRFS info (device loop8): enabling ssd optimizations
[  544.425959][ T9034] BTRFS info (device loop8): max_inline at 4096
[  544.427669][ T9034] BTRFS error (device loop8): cannot disable free space tree
[  544.434412][ T9034] BTRFS error (device loop8): open_ctree failed: -22
[  544.730578][ T9003] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 scanned by udevd (9003)
[  546.548986][ T9088] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  546.584550][ T9088] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  546.823930][ T9102] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1226'.
[  546.826458][ T9102] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1226'.
[  548.251757][ T9137] 9pnet: p9_errstr2errno: server reported unknown error 
[  548.270460][ T9135] loop7: detected capacity change from 0 to 1024
[  548.336486][ T9135] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  548.474094][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  548.628986][ T9156] loop8: detected capacity change from 0 to 764
[  548.664304][ T9156] rock: directory entry would overflow storage
[  548.666030][ T9156] rock: sig=0x4654, size=5, remaining=4
[  548.713613][ T9156] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input9
[  549.476832][ T6366] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  549.478964][ T6366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  550.042674][ T9204] sctp: [Deprecated]: syz.7.1255 (pid 9204) Use of struct sctp_assoc_value in delayed_ack socket option.
[  550.042674][ T9204] Use struct sctp_sack_info instead
[  550.173313][ T4490] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.242088][ T9215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  550.251336][ T9215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  550.261617][ T4490] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.305368][ T4365] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  550.310516][ T4365] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  550.314169][ T4365] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  550.317422][ T4352] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  550.323408][ T4352] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  550.325706][ T4352] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  550.334202][ T4490] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.414163][ T4490] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.758536][ T9217] chnl_net:caif_netlink_parms(): no params data found
[  550.883874][ T9217] bridge0: port 1(bridge_slave_0) entered blocking state
[  550.885893][ T9217] bridge0: port 1(bridge_slave_0) entered disabled state
[  550.892037][ T9217] device bridge_slave_0 entered promiscuous mode
[  550.915954][ T9217] bridge0: port 2(bridge_slave_1) entered blocking state
[  550.918129][ T9217] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.935693][ T9217] device bridge_slave_1 entered promiscuous mode
[  551.135953][ T9217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  551.174287][ T9217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  551.469737][ T9254] loop7: detected capacity change from 0 to 32768
[  551.503727][ T9265] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  551.506428][ T9265] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  551.526648][ T9217] team0: Port device team_slave_0 added
[  551.557076][ T9254] XFS (loop7): Mounting V5 Filesystem
[  551.603313][ T9217] team0: Port device team_slave_1 added
[  551.637672][ T9254] XFS (loop7): Ending clean mount
[  551.642429][ T9217] batman_adv: batadv0: Adding interface: batadv_slave_0
[  551.644634][ T9217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  551.650926][ T9254] XFS (loop7): Unmounting Filesystem
[  551.659184][ T9217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  551.916636][ T9217] batman_adv: batadv0: Adding interface: batadv_slave_1
[  551.918678][ T9217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  551.941705][ T9217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  552.076684][ T9288] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  552.091654][ T9217] device hsr_slave_0 entered promiscuous mode
[  552.160369][ T9217] device hsr_slave_1 entered promiscuous mode
[  552.200231][ T9217] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  552.202365][ T9217] Cannot create hsr debugfs directory
[  552.290626][ T9298] loop7: detected capacity change from 0 to 256
[  552.328711][ T9298] FAT-fs (loop7): Directory bread(block 64) failed
[  552.330729][ T9298] FAT-fs (loop7): Directory bread(block 65) failed
[  552.332613][ T9298] FAT-fs (loop7): Directory bread(block 66) failed
[  552.334441][ T9298] FAT-fs (loop7): Directory bread(block 67) failed
[  552.346785][ T9298] FAT-fs (loop7): Directory bread(block 68) failed
[  552.349098][ T9298] FAT-fs (loop7): Directory bread(block 69) failed
[  552.351014][ T9298] FAT-fs (loop7): Directory bread(block 70) failed
[  552.352757][ T9298] FAT-fs (loop7): Directory bread(block 71) failed
[  552.354645][ T9298] FAT-fs (loop7): Directory bread(block 72) failed
[  552.356466][ T9298] FAT-fs (loop7): Directory bread(block 73) failed
[  552.389109][ T4352] Bluetooth: hci4: command 0x0409 tx timeout
[  553.823004][ T9331] loop9: detected capacity change from 0 to 4096
[  553.909711][ T9331] ntfs3: loop9: Mark volume as dirty due to NTFS errors
[  553.924477][ T9331] ntfs3: loop9: Failed to load $Extend.
[  554.207661][ T9328] loop7: detected capacity change from 0 to 32768
[  554.249063][ T9328] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  554.253850][ T9328] BTRFS info (device loop7): using crc32c (crc32c-generic) checksum algorithm
[  554.256510][ T9328] BTRFS info (device loop7): turning on sync discard
[  554.262680][ T9328] BTRFS info (device loop7): use zlib compression, level 3
[  554.266637][ T9328] BTRFS info (device loop7): turning off barriers
[  554.268577][ T9328] BTRFS warning (device loop7): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  554.305590][ T9328] BTRFS info (device loop7): trying to use backup root at mount time
[  554.309302][ T9328] BTRFS info (device loop7): enabling auto defrag
[  554.318585][ T9328] BTRFS info (device loop7): max_inline at 0
[  554.320550][ T9328] BTRFS info (device loop7): using free space tree
[  554.469020][ T4352] Bluetooth: hci4: command 0x041b tx timeout
[  554.503721][ T6749] BTRFS warning (device loop7): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  554.511282][ T9328] BTRFS error (device loop7): failed to load root extent
[  554.513546][ T9328] BTRFS warning (device loop7): try to load backup roots slot 1
[  554.531119][ T6095] BTRFS warning (device loop7): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  554.535403][ T9328] BTRFS warning (device loop7): couldn't read tree root
[  554.537464][ T9328] BTRFS warning (device loop7): try to load backup roots slot 2
[  554.541748][ T9328] BTRFS error (device loop7): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  554.547318][ T9328] BTRFS warning (device loop7): couldn't read tree root
[  554.551650][ T9328] BTRFS warning (device loop7): try to load backup roots slot 3
[  554.579405][ T9328] BTRFS info (device loop7): enabling ssd optimizations
[  554.582054][ T9328] BTRFS info (device loop7): rebuilding free space tree
[  554.594049][ T9328] BTRFS info (device loop7): checking UUID tree
[  554.777977][ T6777] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  556.068447][ T2058] ieee802154 phy0 wpan0: encryption failed: -22
[  556.071311][ T2058] ieee802154 phy1 wpan1: encryption failed: -22
[  556.518224][ T9421] loop7: detected capacity change from 0 to 1024
[  556.547681][ T9421] EXT4-fs: Ignoring removed nobh option
[  556.548626][ T4352] Bluetooth: hci4: command 0x040f tx timeout
[  556.549405][ T9421] EXT4-fs: Ignoring removed bh option
[  556.556605][ T9421] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  556.605369][ T4490] device hsr_slave_0 left promiscuous mode
[  556.618064][ T9421] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  556.629531][ T4490] device hsr_slave_1 left promiscuous mode
[  556.788979][ T4490] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  556.791291][ T4490] batman_adv: batadv0: Removing interface: batadv_slave_0
[  556.793885][ T4490] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  556.796106][ T4490] batman_adv: batadv0: Removing interface: batadv_slave_1
[  556.798635][ T4490] device bridge_slave_1 left promiscuous mode
[  556.800631][ T4490] bridge0: port 2(bridge_slave_1) entered disabled state
[  556.937676][ T4490] device bridge_slave_0 left promiscuous mode
[  557.475831][ T4490] bridge0: port 1(bridge_slave_0) entered disabled state
[  557.521102][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  557.748636][ T4490] device veth1_macvtap left promiscuous mode
[  557.750555][ T4490] device veth0_macvtap left promiscuous mode
[  557.752335][ T4490] device veth1_vlan left promiscuous mode
[  557.754145][ T4490] device veth0_vlan left promiscuous mode
[  558.628435][ T4352] Bluetooth: hci4: command 0x0419 tx timeout
[  559.597625][ T9460] loop7: detected capacity change from 0 to 128
[  559.602863][ T9460] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  560.482370][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  560.544435][ T4490] team0 (unregistering): Port device team_slave_1 removed
[  560.730379][ T4490] team0 (unregistering): Port device team_slave_0 removed
[  560.919491][ T4490] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  561.190377][ T4490] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  563.187791][ T4357] Bluetooth: hci3: command 0x0406 tx timeout
[  563.800872][ T4490] bond0 (unregistering): Released all slaves
[  564.229524][ T9217] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  564.377460][ T9217] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  565.784855][ T9217] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  565.843586][ T9217] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  565.998807][ T9513] loop7: detected capacity change from 0 to 64
[  566.058344][ T9513] minix_free_block (loop7:21): bit already cleared
[  566.073465][ T9217] 8021q: adding VLAN 0 to HW filter on device bond0
[  566.101970][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  566.104801][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  566.115360][ T9217] 8021q: adding VLAN 0 to HW filter on device team0
[  566.139608][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  566.142505][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  566.145071][ T5384] bridge0: port 1(bridge_slave_0) entered blocking state
[  566.147085][ T5384] bridge0: port 1(bridge_slave_0) entered forwarding state
[  566.153914][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  566.176082][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  566.180125][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  566.193314][ T5384] bridge0: port 2(bridge_slave_1) entered blocking state
[  566.195148][ T5384] bridge0: port 2(bridge_slave_1) entered forwarding state
[  566.205457][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  566.219913][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  566.237522][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  566.251834][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  566.259206][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  566.268054][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  566.295938][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  566.302899][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  566.310871][ T9217] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  566.314171][ T9217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  566.318916][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  566.325105][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  566.331902][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  567.542382][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  567.544587][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  567.550939][ T9217] 8021q: adding VLAN 0 to HW filter on device batadv0
[  567.657849][ T9217] device veth0_vlan entered promiscuous mode
[  567.693682][ T9217] device veth1_vlan entered promiscuous mode
[  567.713902][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  567.716873][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  567.721014][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  567.732553][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  567.808880][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  568.122309][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  568.349624][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  568.493149][ T9528] loop9: detected capacity change from 0 to 40427
[  568.516383][ T9528] F2FS-fs (loop9): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[  568.521830][ T9528] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[  568.524800][  T216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  568.527671][  T216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  568.574834][ T9528] F2FS-fs (loop9): invalid crc value
[  568.593951][ T9217] device veth0_macvtap entered promiscuous mode
[  568.606356][ T9217] device veth1_macvtap entered promiscuous mode
[  568.684552][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  568.717143][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  568.719869][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  568.743811][ T9528] F2FS-fs (loop9): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[  568.787231][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  568.789959][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  568.831515][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  568.834367][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  568.873284][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  568.882081][ T9528] F2FS-fs (loop9): f2fs_check_nid_range: out-of-range nid=1000000, run fsck to fix.
[  568.907610][ T9217] batman_adv: batadv0: Interface activated: batadv_slave_0
[  568.912573][ T9528] F2FS-fs (loop9): sanity_check_inode: inode (ino=3) has corrupted i_xattr_nid: 16777216, run fsck to fix.
[  568.916165][ T9528] F2FS-fs (loop9): Failed to read root inode
[  568.942667][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  568.947766][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  568.950570][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  568.953448][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.034289][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  569.054056][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.067593][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  569.070422][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.084198][ T9217] batman_adv: batadv0: Interface activated: batadv_slave_1
[  569.089324][  T216] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  569.092245][  T216] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  569.095038][  T216] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  569.105524][  T216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  569.115406][  T216] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  569.123700][  T216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  569.145132][ T9217] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  569.153215][ T9217] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  569.155661][ T9217] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  569.161169][ T9217] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  569.328462][ T4397] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  569.330947][ T4397] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  569.355705][ T6751] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  569.384177][ T4397] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  569.386547][ T4397] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  569.392897][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  569.558958][ T9587] loop9: detected capacity change from 0 to 64
[  569.599155][ T9587] minix_free_block (loop9:21): bit already cleared
[  569.850252][ T9597] tipc: Resetting bearer <ib:gre0>
[  571.889372][ T9597] bridge0: port 2(bridge_slave_1) entered disabled state
[  571.892612][ T9597] bridge0: port 1(bridge_slave_0) entered disabled state
[  571.967417][ T9623] loop7: detected capacity change from 0 to 32768
[  572.029582][ T9623] XFS (loop7): Mounting V5 Filesystem
[  572.151104][ T9623] XFS (loop7): Ending clean mount
[  572.168111][ T9623] XFS (loop7): Quotacheck needed: Please wait.
[  572.226412][ T9623] XFS (loop7): Quotacheck: Done.
[  572.265492][ T6777] XFS (loop7): Unmounting Filesystem
[  572.617525][ T9597] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  572.682507][ T9597] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  572.754098][ T9638] loop7: detected capacity change from 0 to 128
[  572.815009][ T9638] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  573.055093][ T9638] fscrypt: Adiantum using implementation "adiantum(xchacha12-neon,aes-ce,nhpoly1305-generic)"
[  573.085460][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  573.396363][ T9597] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  573.399221][ T9597] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  573.401758][ T9597] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  573.405001][ T9597] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  573.616814][ T9657] ptrace attach of "./syz-executor exec"[9659] was attempted by "./syz-executor exec"[9657]
[  574.515609][ T9662] loop3: detected capacity change from 0 to 2048
[  574.546126][ T9662] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  574.618165][ T9597] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  574.620735][ T9597] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  574.623122][ T9597] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  574.625738][ T9597] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  574.808817][ T9619] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1354'.
[  574.811609][ T9619] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  574.838662][ T9670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  574.841321][ T9670] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  575.953034][ T9691] loop7: detected capacity change from 0 to 2048
[  575.995367][ T9691] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  576.049475][ T9698] input: syz0 as /devices/virtual/input/input10
[  576.094016][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  579.928874][ T9764] loop7: detected capacity change from 0 to 128
[  579.998913][ T9764] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  580.695177][ T9794] loop9: detected capacity change from 0 to 256
[  580.783685][ T6777] EXT4-fs (loop7): unmounting filesystem.
[  580.819442][ T9794] FAT-fs (loop9): Directory bread(block 64) failed
[  580.821546][ T9794] FAT-fs (loop9): Directory bread(block 65) failed
[  580.824713][ T9794] FAT-fs (loop9): Directory bread(block 66) failed
[  580.831369][ T9794] FAT-fs (loop9): Directory bread(block 67) failed
[  580.833452][ T9794] FAT-fs (loop9): Directory bread(block 68) failed
[  580.844245][ T9794] FAT-fs (loop9): Directory bread(block 69) failed
[  580.850917][ T9794] FAT-fs (loop9): Directory bread(block 70) failed
[  580.860439][ T9794] FAT-fs (loop9): Directory bread(block 71) failed
[  580.870054][ T9794] FAT-fs (loop9): Directory bread(block 72) failed
[  580.872100][ T9794] FAT-fs (loop9): Directory bread(block 73) failed
[  580.900892][ T9799] input: syz1 as /devices/virtual/input/input11
[  581.012083][ T9802] futex_wake_op: syz.4.1398 tries to shift op by -1; fix this program
[  581.030383][ T9786] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.032658][ T9786] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.938339][ T9786] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  581.979819][ T9786] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  582.085513][ T9708] Set syz1 is full, maxelem 65536 reached
[  582.685359][ T9786] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  582.688171][ T9786] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  582.690700][ T9786] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  582.693246][ T9786] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  582.910007][ T9802] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1398'.
[  583.119412][ T9802] device hsr_slave_1 left promiscuous mode
[  584.668985][ T9879] netlink: 'syz.4.1415': attribute type 10 has an invalid length.
[  584.689030][ T9879] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1415'.
[  584.703194][ T9879] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  584.730520][ T9879] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  584.733206][ T9879] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  584.738709][ T9879] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  584.825120][ T9879] team0: Port device geneve0 added
[  584.827313][ T9882] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1417'.
[  584.833861][ T9882] bridge0: port 2(bridge_slave_1) entered disabled state
[  584.836412][ T9882] bridge0: port 1(bridge_slave_0) entered disabled state
[  584.902659][ T9889] loop9: detected capacity change from 0 to 128
[  585.040482][ T9889] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  586.316244][ T6928] EXT4-fs (loop9): unmounting filesystem.
[  586.662351][ T9902] loop3: detected capacity change from 0 to 32768
[  586.701061][ T9902] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1423 (9902)
[  586.733910][ T9902] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  586.743800][ T9902] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm
[  586.753652][ T9902] BTRFS info (device loop3): using free space tree
[  586.920741][ T9902] BTRFS info (device loop3): enabling ssd optimizations
[  586.951108][ T9961] loop7: detected capacity change from 0 to 2048
[  586.971311][ T9961] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  587.028400][ T9217] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  588.985787][ T9967] loop3: detected capacity change from 0 to 32768
[  589.040157][ T9967] (syz.3.1432,9967,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  589.049301][ T9967] (syz.3.1432,9967,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  589.117328][ T9967] JBD2: Ignoring recovery information on journal
[  589.254036][ T9967] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  589.348772][ T9967] 
[  589.349436][ T9967] ======================================================
[  589.351363][ T9967] WARNING: possible circular locking dependency detected
[  589.353315][ T9967] 6.1.144-syzkaller #0 Not tainted
[  589.354713][ T9967] ------------------------------------------------------
[  589.356650][ T9967] syz.3.1432/9967 is trying to acquire lock:
[  589.358262][ T9967] ffff0000df258650 (sb_internal#5){.+.+}-{0:0}, at: ocfs2_reserve_local_alloc_bits+0xb8c/0x278c
[  589.361183][ T9967] 
[  589.361183][ T9967] but task is already holding lock:
[  589.363245][ T9967] ffff0000f56642c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x12c/0x3cd4
[  589.367081][ T9967] 
[  589.367081][ T9967] which lock already depends on the new lock.
[  589.367081][ T9967] 
[  589.370004][ T9967] 
[  589.370004][ T9967] the existing dependency chain (in reverse order) is:
[  589.372196][ T9967] 
[  589.372196][ T9967] -> #8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}:
[  589.375200][ T9967]        down_write+0x5c/0x88
[  589.376427][ T9967]        ocfs2_reserve_suballoc_bits+0x12c/0x3cd4
[  589.378183][ T9967]        ocfs2_reserve_cluster_bitmap_bits+0xcc/0x1c8
[  589.380159][ T9967]        ocfs2_reserve_local_alloc_bits+0x720/0x278c
[  589.381969][ T9967]        ocfs2_reserve_clusters_with_limit+0x198/0x9e0
[  589.383967][ T9967]        ocfs2_lock_allocators+0x27c/0x518
[  589.385615][ T9967]        ocfs2_extend_allocation+0x328/0x15ec
[  589.387417][ T9967]        ocfs2_extend_no_holes+0x1a8/0x424
[  589.389037][ T9967]        ocfs2_acquire_dquot+0x550/0xac4
[  589.390585][ T9967]        dqget+0x654/0xccc
[  589.391771][ T9967]        dquot_set_dqblk+0x40/0xe50
[  589.393208][ T9967]        quota_setquota+0x400/0x490
[  589.394708][ T9967]        do_quotactl+0x65c/0x738
[  589.396298][ T9967]        __arm64_sys_quotactl+0x2ac/0x730
[  589.398107][ T9967]        invoke_syscall+0x98/0x2bc
[  589.399582][ T9967]        el0_svc_common+0x138/0x258
[  589.400985][ T9967]        do_el0_svc+0x58/0x13c
[  589.402322][ T9967]        el0_svc+0x58/0x138
[  589.403480][ T9967]        el0t_64_sync_handler+0x84/0xf0
[  589.405046][ T9967]        el0t_64_sync+0x18c/0x190
[  589.406396][ T9967] 
[  589.406396][ T9967] -> #7 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}:
[  589.409400][ T9967]        down_write+0x5c/0x88
[  589.410681][ T9967]        ocfs2_reserve_local_alloc_bits+0xf8/0x278c
[  589.412447][ T9967]        ocfs2_reserve_clusters_with_limit+0x198/0x9e0
[  589.414373][ T9967]        ocfs2_lock_allocators+0x27c/0x518
[  589.415903][ T9967]        ocfs2_extend_allocation+0x328/0x15ec
[  589.417555][ T9967]        ocfs2_extend_no_holes+0x1a8/0x424
[  589.419098][ T9967]        ocfs2_acquire_dquot+0x550/0xac4
[  589.420658][ T9967]        dqget+0x654/0xccc
[  589.421858][ T9967]        dquot_set_dqblk+0x40/0xe50
[  589.423356][ T9967]        quota_setquota+0x400/0x490
[  589.424798][ T9967]        do_quotactl+0x65c/0x738
[  589.426146][ T9967]        __arm64_sys_quotactl+0x2ac/0x730
[  589.427689][ T9967]        invoke_syscall+0x98/0x2bc
[  589.429079][ T9967]        el0_svc_common+0x138/0x258
[  589.430547][ T9967]        do_el0_svc+0x58/0x13c
[  589.431902][ T9967]        el0_svc+0x58/0x138
[  589.433141][ T9967]        el0t_64_sync_handler+0x84/0xf0
[  589.434815][ T9967]        el0t_64_sync+0x18c/0x190
[  589.436238][ T9967] 
[  589.436238][ T9967] -> #6 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}:
[  589.438740][ T9967]        down_write+0x5c/0x88
[  589.440023][ T9967]        ocfs2_lock_global_qf+0x1a8/0x22c
[  589.441598][ T9967]        ocfs2_acquire_dquot+0x268/0xac4
[  589.443159][ T9967]        dqget+0x654/0xccc
[  589.444387][ T9967]        dquot_set_dqblk+0x40/0xe50
[  589.445834][ T9967]        quota_setquota+0x400/0x490
[  589.447260][ T9967]        do_quotactl+0x65c/0x738
[  589.448740][ T9967]        __arm64_sys_quotactl+0x2ac/0x730
[  589.450385][ T9967]        invoke_syscall+0x98/0x2bc
[  589.451894][ T9967]        el0_svc_common+0x138/0x258
[  589.453502][ T9967]        do_el0_svc+0x58/0x13c
[  589.454865][ T9967]        el0_svc+0x58/0x138
[  589.456114][ T9967]        el0t_64_sync_handler+0x84/0xf0
[  589.457723][ T9967]        el0t_64_sync+0x18c/0x190
[  589.459569][ T9967] 
[  589.459569][ T9967] -> #5 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}:
[  589.462615][ T9967]        down_write+0x5c/0x88
[  589.463928][ T9967]        ocfs2_lock_global_qf+0x18c/0x22c
[  589.465508][ T9967]        ocfs2_acquire_dquot+0x268/0xac4
[  589.467088][ T9967]        dqget+0x654/0xccc
[  589.468271][ T9967]        dquot_set_dqblk+0x40/0xe50
[  589.469683][ T9967]        quota_setquota+0x400/0x490
[  589.471255][ T9967]        do_quotactl+0x65c/0x738
[  589.472654][ T9967]        __arm64_sys_quotactl+0x2ac/0x730
[  589.474217][ T9967]        invoke_syscall+0x98/0x2bc
[  589.475677][ T9967]        el0_svc_common+0x138/0x258
[  589.477098][ T9967]        do_el0_svc+0x58/0x13c
[  589.478435][ T9967]        el0_svc+0x58/0x138
[  589.479732][ T9967]        el0t_64_sync_handler+0x84/0xf0
[  589.481255][ T9967]        el0t_64_sync+0x18c/0x190
[  589.482693][ T9967] 
[  589.482693][ T9967] -> #4 (&dquot->dq_lock){+.+.}-{3:3}:
[  589.484854][ T9967]        __mutex_lock_common+0x190/0x1f38
[  589.486424][ T9967]        mutex_lock_nested+0x38/0x44
[  589.487870][ T9967]        dquot_commit+0x50/0x1c4
[  589.489264][ T9967]        ext4_write_dquot+0x1b4/0x31c
[  589.490772][ T9967]        ext4_mark_dquot_dirty+0xe8/0x140
[  589.492347][ T9967]        mark_all_dquot_dirty+0x108/0x424
[  589.493997][ T9967]        __dquot_alloc_space+0x560/0xce8
[  589.495594][ T9967]        ext4_mb_new_blocks+0xd30/0x435c
[  589.497092][ T9967]        ext4_ext_map_blocks+0x1018/0x559c
[  589.498675][ T9967]        ext4_map_blocks+0x860/0x1770
[  589.500200][ T9967]        _ext4_get_block+0x194/0x4c8
[  589.501781][ T9967]        ext4_get_block+0x4c/0x60
[  589.503191][ T9967]        ext4_block_write_begin+0x508/0x10f8
[  589.504885][ T9967]        ext4_write_begin+0x5ec/0x133c
[  589.506457][ T9967]        ext4_da_write_begin+0x360/0x9d8
[  589.508064][ T9967]        generic_perform_write+0x230/0x4b0
[  589.509754][ T9967]        ext4_buffered_write_iter+0x2c4/0x530
[  589.511421][ T9967]        ext4_file_write_iter+0x188/0x152c
[  589.513054][ T9967]        vfs_write+0x5ac/0x7c4
[  589.514404][ T9967]        __arm64_sys_pwrite64+0x170/0x200
[  589.516045][ T9967]        invoke_syscall+0x98/0x2bc
[  589.517473][ T9967]        el0_svc_common+0x1fc/0x258
[  589.518981][ T9967]        do_el0_svc+0x58/0x13c
[  589.520379][ T9967]        el0_svc+0x58/0x138
[  589.521604][ T9967]        el0t_64_sync_handler+0x84/0xf0
[  589.523212][ T9967]        el0t_64_sync+0x18c/0x190
[  589.524676][ T9967] 
[  589.524676][ T9967] -> #3 (&ei->i_data_sem){++++}-{3:3}:
[  589.526875][ T9967]        down_write+0x5c/0x88
[  589.528238][ T9967]        ext4_map_blocks+0x7c4/0x1770
[  589.529843][ T9967]        ext4_writepages+0xd8c/0x284c
[  589.531346][ T9967]        do_writepages+0x2c0/0x4fc
[  589.532780][ T9967]        __writeback_single_inode+0x164/0x157c
[  589.534472][ T9967]        writeback_sb_inodes+0x824/0x1404
[  589.536059][ T9967]        __writeback_inodes_wb+0x110/0x394
[  589.537670][ T9967]        wb_writeback+0x414/0xfb0
[  589.539012][ T9967]        wb_workfn+0xac0/0xd98
[  589.540345][ T9967]        process_one_work+0x7f4/0x13a8
[  589.541806][ T9967]        worker_thread+0x8c8/0xfbc
[  589.543198][ T9967]        kthread+0x250/0x2d8
[  589.544470][ T9967]        ret_from_fork+0x10/0x20
[  589.545875][ T9967] 
[  589.545875][ T9967] -> #2 (jbd2_handle){++++}-{0:0}:
[  589.547883][ T9967]        start_this_handle+0xfe0/0x122c
[  589.549506][ T9967]        jbd2__journal_start+0x288/0x51c
[  589.551119][ T9967]        jbd2_journal_start+0x3c/0x4c
[  589.552555][ T9967]        ocfs2_start_trans+0x380/0x6c4
[  589.554046][ T9967]        ocfs2_modify_bh+0xe4/0x43c
[  589.555479][ T9967]        ocfs2_local_read_info+0x102c/0x131c
[  589.557188][ T9967]        dquot_load_quota_sb+0x6c4/0xa24
[  589.558759][ T9967]        dquot_load_quota_inode+0x274/0x4e4
[  589.560451][ T9967]        ocfs2_enable_quotas+0x17c/0x3b4
[  589.562013][ T9967]        ocfs2_fill_super+0x3060/0x3e98
[  589.563589][ T9967]        mount_bdev+0x264/0x358
[  589.564924][ T9967]        ocfs2_mount+0x44/0x58
[  589.566226][ T9967]        legacy_get_tree+0xd4/0x16c
[  589.567719][ T9967]        vfs_get_tree+0x90/0x274
[  589.569063][ T9967]        do_new_mount+0x228/0x810
[  589.570511][ T9967]        path_mount+0x5b4/0xe78
[  589.571875][ T9967]        __arm64_sys_mount+0x49c/0x584
[  589.573378][ T9967]        invoke_syscall+0x98/0x2bc
[  589.574817][ T9967]        el0_svc_common+0x138/0x258
[  589.576164][ T9967]        do_el0_svc+0x58/0x13c
[  589.577455][ T9967]        el0_svc+0x58/0x138
[  589.578709][ T9967]        el0t_64_sync_handler+0x84/0xf0
[  589.580270][ T9967]        el0t_64_sync+0x18c/0x190
[  589.581698][ T9967] 
[  589.581698][ T9967] -> #1 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  589.584106][ T9967]        down_read+0x64/0x304
[  589.585422][ T9967]        ocfs2_start_trans+0x374/0x6c4
[  589.586934][ T9967]        ocfs2_modify_bh+0xe4/0x43c
[  589.588460][ T9967]        ocfs2_local_read_info+0x102c/0x131c
[  589.590039][ T9967]        dquot_load_quota_sb+0x6c4/0xa24
[  589.591566][ T9967]        dquot_load_quota_inode+0x274/0x4e4
[  589.593121][ T9967]        ocfs2_enable_quotas+0x17c/0x3b4
[  589.594629][ T9967]        ocfs2_fill_super+0x3060/0x3e98
[  589.596232][ T9967]        mount_bdev+0x264/0x358
[  589.597551][ T9967]        ocfs2_mount+0x44/0x58
[  589.598876][ T9967]        legacy_get_tree+0xd4/0x16c
[  589.600260][ T9967]        vfs_get_tree+0x90/0x274
[  589.601636][ T9967]        do_new_mount+0x228/0x810
[  589.602984][ T9967]        path_mount+0x5b4/0xe78
[  589.604357][ T9967]        __arm64_sys_mount+0x49c/0x584
[  589.605907][ T9967]        invoke_syscall+0x98/0x2bc
[  589.607246][ T9967]        el0_svc_common+0x138/0x258
[  589.608732][ T9967]        do_el0_svc+0x58/0x13c
[  589.610097][ T9967]        el0_svc+0x58/0x138
[  589.611327][ T9967]        el0t_64_sync_handler+0x84/0xf0
[  589.612891][ T9967]        el0t_64_sync+0x18c/0x190
[  589.614323][ T9967] 
[  589.614323][ T9967] -> #0 (sb_internal#5){.+.+}-{0:0}:
[  589.616358][ T9967]        __lock_acquire+0x293c/0x6544
[  589.617868][ T9967]        lock_acquire+0x20c/0x644
[  589.619299][ T9967]        ocfs2_start_trans+0x20c/0x6c4
[  589.620842][ T9967]        ocfs2_reserve_local_alloc_bits+0xb8c/0x278c
[  589.622667][ T9967]        ocfs2_reserve_clusters_with_limit+0x198/0x9e0
[  589.624607][ T9967]        ocfs2_lock_allocators+0x27c/0x518
[  589.626211][ T9967]        ocfs2_extend_allocation+0x328/0x15ec
[  589.627861][ T9967]        ocfs2_extend_no_holes+0x1a8/0x424
[  589.629448][ T9967]        ocfs2_acquire_dquot+0x550/0xac4
[  589.631041][ T9967]        dqget+0x654/0xccc
[  589.632261][ T9967]        dquot_set_dqblk+0x40/0xe50
[  589.633759][ T9967]        quota_setquota+0x400/0x490
[  589.635184][ T9967]        do_quotactl+0x65c/0x738
[  589.636523][ T9967]        __arm64_sys_quotactl+0x2ac/0x730
[  589.638142][ T9967]        invoke_syscall+0x98/0x2bc
[  589.639675][ T9967]        el0_svc_common+0x138/0x258
[  589.641053][ T9967]        do_el0_svc+0x58/0x13c
[  589.642335][ T9967]        el0_svc+0x58/0x138
[  589.643553][ T9967]        el0t_64_sync_handler+0x84/0xf0
[  589.645092][ T9967]        el0t_64_sync+0x18c/0x190
[  589.646478][ T9967] 
[  589.646478][ T9967] other info that might help us debug this:
[  589.646478][ T9967] 
[  589.649343][ T9967] Chain exists of:
[  589.649343][ T9967]   sb_internal#5 --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3 --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4
[  589.649343][ T9967] 
[  589.654607][ T9967]  Possible unsafe locking scenario:
[  589.654607][ T9967] 
[  589.656651][ T9967]        CPU0                    CPU1
[  589.658129][ T9967]        ----                    ----
[  589.659643][ T9967]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4);
[  589.661664][ T9967]                                lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3);
[  589.664333][ T9967]                                lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4);
[  589.667074][ T9967]   lock(sb_internal#5);
[  589.668348][ T9967] 
[  589.668348][ T9967]  *** DEADLOCK ***
[  589.668348][ T9967] 
[  589.670588][ T9967] 6 locks held by syz.3.1432/9967:
[  589.672020][ T9967]  #0: ffff0000df2580e0 (&type->s_umount_key#93){.+.+}-{3:3}, at: user_get_super+0x118/0x234
[  589.674914][ T9967]  #1: ffff0000f558c0a8 (&dquot->dq_lock){+.+.}-{3:3}, at: ocfs2_acquire_dquot+0x25c/0xac4
[  589.677712][ T9967]  #2: ffff0000f5665f48 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}, at: ocfs2_lock_global_qf+0x18c/0x22c
[  589.681408][ T9967]  #3: ffff0000f5665be0 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1a8/0x22c
[  589.684549][ T9967]  #4: ffff0000f57b3488 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}, at: ocfs2_reserve_local_alloc_bits+0xf8/0x278c
[  589.688436][ T9967]  #5: ffff0000f56642c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x12c/0x3cd4
[  589.692231][ T9967] 
[  589.692231][ T9967] stack backtrace:
[  589.693849][ T9967] CPU: 1 PID: 9967 Comm: syz.3.1432 Not tainted 6.1.144-syzkaller #0
[  589.696030][ T9967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  589.698770][ T9967] Call trace:
[  589.699650][ T9967]  dump_backtrace+0x1c8/0x1f4
[  589.700940][ T9967]  show_stack+0x2c/0x3c
[  589.702082][ T9967]  __dump_stack+0x30/0x40
[  589.703253][ T9967]  dump_stack_lvl+0xf8/0x160
[  589.704522][ T9967]  dump_stack+0x1c/0x5c
[  589.705688][ T9967]  print_circular_bug+0x148/0x1b0
[  589.707054][ T9967]  check_noncircular+0x240/0x2d4
[  589.708420][ T9967]  __lock_acquire+0x293c/0x6544
[  589.709793][ T9967]  lock_acquire+0x20c/0x644
[  589.711070][ T9967]  ocfs2_start_trans+0x20c/0x6c4
[  589.712479][ T9967]  ocfs2_reserve_local_alloc_bits+0xb8c/0x278c
[  589.714201][ T9967]  ocfs2_reserve_clusters_with_limit+0x198/0x9e0
[  589.715931][ T9967]  ocfs2_lock_allocators+0x27c/0x518
[  589.717395][ T9967]  ocfs2_extend_allocation+0x328/0x15ec
[  589.718911][ T9967]  ocfs2_extend_no_holes+0x1a8/0x424
[  589.720372][ T9967]  ocfs2_acquire_dquot+0x550/0xac4
[  589.721816][ T9967]  dqget+0x654/0xccc
[  589.722893][ T9967]  dquot_set_dqblk+0x40/0xe50
[  589.724154][ T9967]  quota_setquota+0x400/0x490
[  589.725485][ T9967]  do_quotactl+0x65c/0x738
[  589.726705][ T9967]  __arm64_sys_quotactl+0x2ac/0x730
[  589.728199][ T9967]  invoke_syscall+0x98/0x2bc
[  589.729429][ T9967]  el0_svc_common+0x138/0x258
[  589.730658][ T9967]  do_el0_svc+0x58/0x13c
[  589.731842][ T9967]  el0_svc+0x58/0x138
[  589.732915][ T9967]  el0t_64_sync_handler+0x84/0xf0
[  589.734332][ T9967]  el0t_64_sync+0x18c/0x190
[  589.769540][ T9217] ocfs2: Unmounting device (7,3) on (node local)