last executing test programs:

7m59.177607604s ago: executing program 2 (id=18):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x200840, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x5, 0x4445, &(0x7f000000cd00)="$eJzs3c9PXFsdAPDvveB7gO9V+t5bPBMTJ/ElGjUEulJpYktpKbRYU21j3EwHmLbowDQwGBdd4K6JKxMXjYtGE3esGhZu65/gxmVdN9GFGxOTRszMXOjcy4xMGwZs3+ez4DDnN3zvPZy7uJw007i/ulla3SxV1kv15bub50q/qNe21qqRDt5wROTHj+2THJ/XMIjr5BSvvc+9G5eu/Oj2uYg/r/z1xd7e3l40DUdXUx3f/+ufD5c7031poU2z3+69HZefRsQnh+bVNBQRP/lTRBIRF7O8mSwdjYgz0S67/fDXd0rHNJunz6vnyy8XH+1Of7aw82S398+eRPyu9uVv31v7+9eGpv/2zWMaHgAAAAAAAAAAAAAAAACAt9zczRu3fjg5Fc+SGN5JDr+vO5elvd6P3Ts2Xx38DwsAAAAAAAAAAAAAAAAAAAD/p169/19KPury/v9sll7o0X7v+4OfI4Mz/4Mbs5cnp7Lz35ND5d/Jsv5xcSjOdjn3vXj++8VC++7nvx8e503tz29/3PFI0pGO8vFI04mJiD9kB79/moyltfpm41t361vrK8c2jbdWPv7t0/tz0ckO9O83/jOF/gd//v/Hh66m5uc7x3eJvdPy8R/qWe+Pv0r6iv+lfLPHA5p2h48HP8Q7LB//4VbeaGeF99tJM/6/GT46/rOF/gd1/5+JiFLSnGsptwI09zDN/F77FfLy8f9CKy+3dGa/yF73/78L8b9c6P+01v/t4h8iusrH/71W3kiuRnsD0Ip/evT9f6XQ/2nEvzn/bX//+5KPf7bYD+eqtH6T/a7/c4X+u8S/9ybjNdxKs3meSXJXwE7Szu/1/+rIy8d/5FD5q+e/tK/939VC+5N6/tsft/n8N9HxHPKNpP38R3f5+I/2rNfv/T9faDfo9f9Ca//Hm8rHf6yVl987j7e+9hv/hUL/g4p/a1cysh//V+vJf95v5//e/q8v+fh/sZ2ZdtbYbn1t7f+So/f/1wr9n8b+rzn/7XSwo74r8vH/oGe9Zvz/ksV97H/c/9cL7QYf/4hJe/03lo//hz3rte7/kaPX/8VCu0HH/+uD7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLTCTpeORpBO5z2k6MRFxKfv8aYwlS5WV8lKtvvzzzYjZLL8UHyX3avWlSq28ul5fqZYrtVp9OeJyVv5JjCSbtXqjvFZ5cOWgr9HkfrWy0ViqVhoRMZflfyU+3O9rabWxVnkQEVcPyr6U1jce3K+sl1dWN743OTk5GfMHczibVH/ZqK432qO3SyMWDtqOJx2TaxVfO5jLB8nP6lsb65VaK/96R5tafblS62izmJX9Ns4mjY2t9eVKo1qu1e/tj3eaLmTp7PzNH9+8PnWo/E7STmdOdloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvKZn0999HBHD7U9pRJSS5jfv9aj/9Hn1fPnl4qPd6c8Wdp7svoiI5CTnCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLt2jRBAEYQCtbgUNPYbRMJOZjiiigSOCJ9BjeBg9ipfwDgYGpgbLwm4PLPMDy8Amy3tJQX9UV0MXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBs7p67l6e6iUhxvjqL+Hr7/tnNH0r9uJ7uP1kw83RBD4dx/9jd3NZN+fc0yq/K0W+bN+n/3/trTNTe52BPhvu0NZ4zNLdvc+/r515EylVEtCW/TDlX1X53AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0yJHBw=")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2804001, 0x0, 0x1, 0x0, &(0x7f0000000000))
lseek(0xffffffffffffffff, 0x9, 0x4)
getdents64(0xffffffffffffffff, 0xfffffffffffffffe, 0xff80)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000280), 0xffff, 0x14f600)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0xe, 0x4000080000000700, 0x0, 0x0, 0x19, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900000000000000000000000000000000000000004000", [0xfffffffffffffffc, 0x31]}})

7m44.154898576s ago: executing program 32 (id=18):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x200840, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x5, 0x4445, &(0x7f000000cd00)="$eJzs3c9PXFsdAPDvveB7gO9V+t5bPBMTJ/ElGjUEulJpYktpKbRYU21j3EwHmLbowDQwGBdd4K6JKxMXjYtGE3esGhZu65/gxmVdN9GFGxOTRszMXOjcy4xMGwZs3+ez4DDnN3zvPZy7uJw007i/ulla3SxV1kv15bub50q/qNe21qqRDt5wROTHj+2THJ/XMIjr5BSvvc+9G5eu/Oj2uYg/r/z1xd7e3l40DUdXUx3f/+ufD5c7031poU2z3+69HZefRsQnh+bVNBQRP/lTRBIRF7O8mSwdjYgz0S67/fDXd0rHNJunz6vnyy8XH+1Of7aw82S398+eRPyu9uVv31v7+9eGpv/2zWMaHgAAAAAAAAAAAAAAAACAt9zczRu3fjg5Fc+SGN5JDr+vO5elvd6P3Ts2Xx38DwsAAAAAAAAAAAAAAAAAAAD/p169/19KPury/v9sll7o0X7v+4OfI4Mz/4Mbs5cnp7Lz35ND5d/Jsv5xcSjOdjn3vXj++8VC++7nvx8e503tz29/3PFI0pGO8vFI04mJiD9kB79/moyltfpm41t361vrK8c2jbdWPv7t0/tz0ckO9O83/jOF/gd//v/Hh66m5uc7x3eJvdPy8R/qWe+Pv0r6iv+lfLPHA5p2h48HP8Q7LB//4VbeaGeF99tJM/6/GT46/rOF/gd1/5+JiFLSnGsptwI09zDN/F77FfLy8f9CKy+3dGa/yF73/78L8b9c6P+01v/t4h8iusrH/71W3kiuRnsD0Ip/evT9f6XQ/2nEvzn/bX//+5KPf7bYD+eqtH6T/a7/c4X+u8S/9ybjNdxKs3meSXJXwE7Szu/1/+rIy8d/5FD5q+e/tK/939VC+5N6/tsft/n8N9HxHPKNpP38R3f5+I/2rNfv/T9faDfo9f9Ca//Hm8rHf6yVl987j7e+9hv/hUL/g4p/a1cysh//V+vJf95v5//e/q8v+fh/sZ2ZdtbYbn1t7f+So/f/1wr9n8b+rzn/7XSwo74r8vH/oGe9Zvz/ksV97H/c/9cL7QYf/4hJe/03lo//hz3rte7/kaPX/8VCu0HH/+uD7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLTCTpeORpBO5z2k6MRFxKfv8aYwlS5WV8lKtvvzzzYjZLL8UHyX3avWlSq28ul5fqZYrtVp9OeJyVv5JjCSbtXqjvFZ5cOWgr9HkfrWy0ViqVhoRMZflfyU+3O9rabWxVnkQEVcPyr6U1jce3K+sl1dWN743OTk5GfMHczibVH/ZqK432qO3SyMWDtqOJx2TaxVfO5jLB8nP6lsb65VaK/96R5tafblS62izmJX9Ns4mjY2t9eVKo1qu1e/tj3eaLmTp7PzNH9+8PnWo/E7STmdOdloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvKZn0999HBHD7U9pRJSS5jfv9aj/9Hn1fPnl4qPd6c8Wdp7svoiI5CTnCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLt2jRBAEYQCtbgUNPYbRMJOZjiiigSOCJ9BjeBg9ipfwDgYGpgbLwm4PLPMDy8Amy3tJQX9UV0MXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBs7p67l6e6iUhxvjqL+Hr7/tnNH0r9uJ7uP1kw83RBD4dx/9jd3NZN+fc0yq/K0W+bN+n/3/trTNTe52BPhvu0NZ4zNLdvc+/r515EylVEtCW/TDlX1X53AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0yJHBw=")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2804001, 0x0, 0x1, 0x0, &(0x7f0000000000))
lseek(0xffffffffffffffff, 0x9, 0x4)
getdents64(0xffffffffffffffff, 0xfffffffffffffffe, 0xff80)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000280), 0xffff, 0x14f600)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0xe, 0x4000080000000700, 0x0, 0x0, 0x19, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900000000000000000000000000000000000000004000", [0xfffffffffffffffc, 0x31]}})

7m34.674706904s ago: executing program 33 (id=120):
syz_open_procfs(0x0, &(0x7f0000000040)='net/icmp6\x00')
r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
fchdir(r1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x121440, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0)

7m30.134740787s ago: executing program 34 (id=135):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000300)={<r3=>r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f00000000c0)={r3, @in={{0x2, 0x0, @empty}}}, 0x90)

7m22.213564996s ago: executing program 35 (id=158):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000280)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x2}]}, 0x10)
r2 = fcntl$dupfd(r1, 0x406, r0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x240540c7, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000000000)="04", 0x1, 0x44001, 0x0, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000002580)={&(0x7f000024e000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f00000025c0)=0x40)

6m22.648333367s ago: executing program 36 (id=347):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x28, r1, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}]}]}, 0x28}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r4, &(0x7f0000000840)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r3, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48040}, 0x0)

5m51.03972089s ago: executing program 37 (id=519):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000180)=""/186, 0xba}], 0x1}, 0x5}, {{0x0, 0x0, 0x0}, 0x1}], 0x2, 0x40000001, 0x0)
read$FUSE(r2, &(0x7f0000003100)={0x2020}, 0x2020)

5m15.282091704s ago: executing program 38 (id=655):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)

5m4.139464323s ago: executing program 4 (id=708):
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x24e6, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x3, 0x20002f7})
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='/', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

5m3.827784383s ago: executing program 4 (id=710):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000007a00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000ac0)="01", 0x1}], 0x1}}], 0x1, 0x0)

5m3.580918591s ago: executing program 4 (id=712):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4090}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x6c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x7}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="40000000210a018800000000000000000a0000010900020073797a31000000000900010073797a310000000014000380100000800c000180060001"], 0x40}, 0x1, 0x0, 0x0, 0x4000015}, 0x8000)

5m3.31501321s ago: executing program 4 (id=714):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x1cb)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
mkdir(&(0x7f0000000140)='./file0/../file0\x00', 0x190)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2)

5m3.104176306s ago: executing program 4 (id=716):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x85, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x833, 0x0, 0x4}, &(0x7f00000001c0)=0x9c)

5m1.580526224s ago: executing program 2 (id=656):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x10, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
wait4(0xffffffffffffffff, 0x0, 0x9, 0x0)

5m1.472347198s ago: executing program 4 (id=721):
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000100), 0x900, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x82002)
r0 = syz_ublk_setup_io_uring(0x1d, &(0x7f0000000040)={0x0, 0x30b5, 0x0, 0x2, 0x158}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_ublk_add_dev(r0, r1, r2, r3, &(0x7f0000000200)={0x2e, 0x14, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000004c0)=@any_dev={0x3, 0xe26, 0x0, 0x0, 0x1000, 0x10000, 0xffffffffffffffff, 0x0, 0x4d}}}, &(0x7f0000000480)=<r4=>0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
syz_ublk_setup_queues(r6, r4, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x3, 0x257}, &(0x7f0000000800)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7ffffe, 0x1000, 0x2000, 0x10000004, 0x0, r6}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x5ded, 0x1, 0x0, 0x30b}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xc1cf, 0x0, 0x0, 0x1f0, 0x0, r6}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x8200, 0x2, 0x367}}], 0x1, &(0x7f0000000340)={0x2e, 0x44, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {}, 0x1f, 0x0, '\x00', {0xfff9, 0x4, 0x0, 0x0}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004", @ANYRES32=0x0], 0x48)

5m1.096609359s ago: executing program 39 (id=721):
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000100), 0x900, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x82002)
r0 = syz_ublk_setup_io_uring(0x1d, &(0x7f0000000040)={0x0, 0x30b5, 0x0, 0x2, 0x158}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_ublk_add_dev(r0, r1, r2, r3, &(0x7f0000000200)={0x2e, 0x14, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000004c0)=@any_dev={0x3, 0xe26, 0x0, 0x0, 0x1000, 0x10000, 0xffffffffffffffff, 0x0, 0x4d}}}, &(0x7f0000000480)=<r4=>0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
syz_ublk_setup_queues(r6, r4, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x3, 0x257}, &(0x7f0000000800)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7ffffe, 0x1000, 0x2000, 0x10000004, 0x0, r6}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x5ded, 0x1, 0x0, 0x30b}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xc1cf, 0x0, 0x0, 0x1f0, 0x0, r6}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x8200, 0x2, 0x367}}], 0x1, &(0x7f0000000340)={0x2e, 0x44, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {}, 0x1f, 0x0, '\x00', {0xfff9, 0x4, 0x0, 0x0}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004", @ANYRES32=0x0], 0x48)

5m0.495718938s ago: executing program 2 (id=728):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
unlink(0x0)

4m59.890269297s ago: executing program 2 (id=731):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x1cb)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
mkdir(&(0x7f0000000140)='./file0/../file0\x00', 0x190)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2)

4m59.686928284s ago: executing program 2 (id=733):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sysfs(0xffffff9c, &(0x7f00000003c0)='/sys/power/pm_trace_dev_match', 0x80, 0x40)
read$FUSE(r1, &(0x7f0000000400)={0x2020}, 0x2020)

4m56.392359187s ago: executing program 2 (id=743):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000340))
r2 = dup(r1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000004c0)={0x1, 0x0, 0x0, &(0x7f0000000380)=""/48, 0x0, 0x41000})
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1, r2})
close(0x3)

4m55.824422835s ago: executing program 40 (id=743):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000340))
r2 = dup(r1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000004c0)={0x1, 0x0, 0x0, &(0x7f0000000380)=""/48, 0x0, 0x41000})
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1, r2})
close(0x3)

3m37.672709291s ago: executing program 3 (id=1169):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x40ead000)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000280)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1, 0x0, 0x10001})
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, &(0x7f0000000040)={0x20000020064e, 0xe, 0x200000, 0x3, 0x5, 0x9})

3m36.052177351s ago: executing program 3 (id=1175):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='\x00', 0x274)

3m35.615614336s ago: executing program 3 (id=1180):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0x0, 0x0, {}, 0x1, 0xffffffffffffffff}, {'\x00', "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000045b45011c8c377fe00"}})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000240)="66410fc7b12098a40c0f21430f30c74424002a000000c744240200000080ff2c240fc79e64dc0000660f38815b01c7442400fb000000c744240200000000ff2c24b8010000000f01c1f3406fee450fc1d7", 0x51}], 0x1, 0x48, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m35.009479764s ago: executing program 3 (id=1184):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x81899, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
unshare(0x22020400)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x80000, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000003c0)={0x2020}, 0x2020)

3m34.572399838s ago: executing program 3 (id=1186):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x4000042, 0x82, 0x1}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f00000001c0)={0x8000042, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r3, &(0x7f0000002340)={&(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42, 0x4}}}, 0x10, 0x0}, 0x0)

3m33.537108481s ago: executing program 3 (id=1191):
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x80)
acct(&(0x7f00000000c0)='./file1\x00')
acct(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181c42, 0x56)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111670000000000851000000200000085000000b200000095000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)

3m32.976644398s ago: executing program 41 (id=1191):
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x80)
acct(&(0x7f00000000c0)='./file1\x00')
acct(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181c42, 0x56)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111670000000000851000000200000085000000b200000095000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)

2m26.339392222s ago: executing program 1 (id=1565):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000100)='./bus\x00', 0x80421c, &(0x7f0000003240)=ANY=[], 0x6, 0x36c, &(0x7f00000023c0)="$eJzs3c9rK1UUwPGTNMlL8nhNFqIoSC++jW6GNroWg7wHQsBHXyO2gjBtJxoyJmUmVCNi25Vbce9KcFG6s+CioP0HunGnGxHcdSO4sAt1ZH4lk2SSpjE1vvb7gZKbe++Z3Jt7C2fSTub87c8/aNRsraa3JZlVkhARuRApSlJCieAx6ZUzErUvL939/cfnH69Xs36Felhee7mklFpc+u7DT3JBt5M7clZ89/y30q9nT589e/732vt1W9Vt1Wy1la42Wz+39U3TUNt1u6Ep9cg0dNtQ9aZtWH77N8FxzNbOTkfpze17+R3LsG2lNzuqYXRUu6XaVkfp7+n1ptI0Td3Lyzjpsa23RfVwdVUvTxm8NePB4JpYlqMviEhuqKV6OJcBAQCAuRrM/5NuSj9N/r8hi5XKg1Xldu7l/0cvnLbvvnW8GOT/J5m4/P+Vn/xj9eX/7ulEL/9v+ecHtcvz/y9lovzfN5wR3S5T5//FaxgMprOUGapK9D2zrLKeD35/PQfvHC17BfJ/AAAAAAAAAAAAAAAAAAAAAACeBBeOU3AcpxA+hj+9SwiC57iRsiPW/47b5q6+w/rfZI/XNyTrXbjnrrH52W51t+o/Bh1ORcQU4y9nkLs3wiuPlKso35t7QfzebnXBaynXpO7Gy4oUpOjtp0i84zx8o/JgRfmC+O5lSvlofEkK8lQ0/ltvd7rxpf744PUz8uL9SLwmBflhS1piyrYX2Xv9T1eUev3NykB8zusnIr/854sCAAAAAMCMaaor9vxd00a1+98yUq55HxMZsiwF+TP+/H459vw8VXguNe/ZAwAAAABwO9idjxu6JA3LK5hmXCEnI5viC7mrdE711aRFJLZzZqAmPe7IC5EZTjgMPSP+HUyuNNOYwlfhu3qVqPAfKdyBd5uCO6rIdOMJ5+/VJFLTTsc0E/vibYD9aFNSJghPDQ5+ya1QsZ3vjzzOQTCRbk34sVFmxPssj4aPkxyzE9JDNU5iug3wzBdf//Fv90+v8OpxsAM+urzzgWk4ezLJogwU3JcYbuL2OAAAAMAN1Ev6w5rXos3RG4lEb5bDX+4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJihmXxR2SWFec8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+L/4JwAA//94DPMO")
close(0x3)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f000029a000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a3, 0xc000, 0x8, 0xc1})
write$FUSE_INIT(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2m25.952407054s ago: executing program 1 (id=1566):
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r0, 0x0, 0xee01)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
setuid(0xee01)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14e174135c0b87af)

2m24.987724164s ago: executing program 1 (id=1570):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c7400", '\x00', "1e00040000000100"}, 0x28)
write$binfmt_script(r0, &(0x7f0000000140)={'#! ', './file0'}, 0xb)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x6, 0x72, 0x3, 0x1007}]})
timer_create(0x2, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

2m23.983718496s ago: executing program 1 (id=1578):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
mkdir(&(0x7f0000000140)='./file0/../file0\x00', 0x190)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0)

2m23.772300122s ago: executing program 1 (id=1579):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000140)=0xffffffff, 0x4)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x9, 0x3, 0x220, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1f8, 0xffffffff, 0xffffffff, 0x1f8, 0xffffffff, 0x3, 0x0, {[{{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x1e}, 0xffffffff, 0xffffff00, 'veth0_macvtap\x00', 'geneve0\x00', {0xff}, {}, 0x62, 0x3, 0x15}, 0x0, 0x70, 0xb0}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "0953fe44d3b7cf74cdcbec194929756c03773c4a09ea38c3d7a1baebc26f"}}, {{@ip={@rand_addr=0x64010101, @loopback, 0xffffff00, 0xffffffff, 'pim6reg\x00', 'veth1_to_bridge\x00', {0xff}, {0xff}, 0x6c, 0x2}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x2, 0x81, 0x3, 'syz1\x00', 'syz1\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000180)=0x7, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

2m23.389897245s ago: executing program 1 (id=1581):
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r1, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8)
dup2(r1, r2)
prlimit64(r0, 0x7, &(0x7f0000000040)={0x1, 0x1000}, 0x0)
fcntl$setown(r1, 0x8, r0)
tkill(r0, 0x13)

2m22.978409738s ago: executing program 42 (id=1581):
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r1, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8)
dup2(r1, r2)
prlimit64(r0, 0x7, &(0x7f0000000040)={0x1, 0x1000}, 0x0)
fcntl$setown(r1, 0x8, r0)
tkill(r0, 0x13)

1m28.764312351s ago: executing program 5 (id=1925):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32=r1], 0x78}, 0x1, 0x0, 0x0, 0x24008040}, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r3 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000840)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x2b}, @ipv4=@udp={{0x5, 0x4, 0x3, 0x1b, 0x30, 0x66, 0x0, 0x40, 0x11, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x16}}, {0x4e20, 0x4e20, 0x1c, 0x0, @gue={{0x2, 0x0, 0x0, 0x2, 0x100}, "c1963bf57e73e3279fdbd0c7"}}}}, 0x3e)

1m28.47486081s ago: executing program 5 (id=1927):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0xfffffffffffffea6)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
munmap(&(0x7f0000e29000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000694000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000807000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)

1m28.296318396s ago: executing program 5 (id=1929):
timer_create(0x1, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0x2b)
acct(&(0x7f0000000040)='./file0\x00')
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x3a09406, &(0x7f0000000540)=ANY=[@ANYBLOB="6e6fffff7473810000006f74732c67696489", @ANYRESHEX=0xee01, @ANYBLOB=',dots,dots,dots,nfs,sys_immutable,allow_utime=00000000000000000000010,dots,nodots,dots,nodots,usefree,dots,nodots,nodots,dots,nodots,nodots,dots,dots,showexec,dots,nodots,nodots,\x00'], 0x1, 0x1f5, &(0x7f0000000340)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")

1m27.439941613s ago: executing program 5 (id=1935):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

1m26.816482542s ago: executing program 5 (id=1938):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
futex(&(0x7f0000000200)=0x1, 0x6, 0x0, 0x0, 0x0, 0x1)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)

1m26.394137946s ago: executing program 5 (id=1942):
open(&(0x7f0000000140)='./bus\x00', 0xe2b40, 0xa8)
r0 = io_uring_setup(0x2f55, &(0x7f0000000140)={0x0, 0x2639, 0x2, 0x1, 0x10001d4})
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/6, 0x6}], &(0x7f00000002c0)=[0x7]}, 0x20)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0x1f400, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000006c0)=[{0x0}], 0x0, 0x1}, 0x20)

1m25.9514534s ago: executing program 43 (id=1942):
open(&(0x7f0000000140)='./bus\x00', 0xe2b40, 0xa8)
r0 = io_uring_setup(0x2f55, &(0x7f0000000140)={0x0, 0x2639, 0x2, 0x1, 0x10001d4})
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/6, 0x6}], &(0x7f00000002c0)=[0x7]}, 0x20)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0x1f400, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000006c0)=[{0x0}], 0x0, 0x1}, 0x20)

48.68818631s ago: executing program 6 (id=2237):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c744240093085afcc7442402f8ffffffc7442406000000000f011424660fc25cc5dd030fc77ace0f01cbf30fc7b1002000003e2e3e660fda49e2660fc77200adb805000000b9dd8200000f01c10f01c5", 0x50}], 0x1, 0x9, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text32={0x20, 0x0}], 0x1, 0x9, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

48.360168671s ago: executing program 6 (id=2241):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000000c0)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ec32831a079882440718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b8898ff070000000000007a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d00", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x68801, 0x164)
lseek(r4, 0x40000000f4, 0x4)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="2a812c73e7e89222339817213a1f88d473e0e422c1a7b9b0c85b67cc94e42c9f091c2799ae1c311723324419bfdd85b385c190750f5f9f0c400b2bd7ede1af740553766b1400bf491cf088a73b6d6855be0d83edeab44f2a326a7794aacbf309b81c266431d69ac03e800e03372b3b8f11dc7c5cf2ca562bc412ef5b745a342fa529cb2ad187053a5768a4ff421d0733b7456073f8cdd8aaa82358d50c7d91673d020e43d40d62f6d13913f02f810f6ad07742074719c31257a9df06e9b30338ca56e3d786e09a6a5e8675e5e42fe35019eaf84e6b99636ee26a2001dc8c6e01058851da346543530024ac9ee97fc24775044be69612f1171f177a3f36cc99328021498f34cfd5aec4ca50ac1e4c2ef6e56008a0060cabbebfd22fbc27e9a8b3ad20d79b9bd8d792026ea6657d74020dfdec6f938feaa5144e78952b5372548ec4a73bef04cd32b2f5e870074b2093c2cda1e0e6401c37d805b5369c8dee388ff5577eca2599689d5a05eebf13ca0d70280016a9000c4256bc92cd72500736aea52ef9e3c507511c7b6d9bd4dc92ecd25a7b1d57f7d4a520225a593e8cd65706eb3808baf527243dcc19718df69f45e687bd7418150f0516189d065bb66de71a777d48fdf4d0318df8297d9c81e68662dc6854856fb4d36d87fcbe712c562edce43b7e19f1d53661a0cd995502a6293509c20eaaf9cf1b4ebf8ba828b65f18a0d51d1904d10c086e32d5a65919fcb35a3be896d698f3fa4aec704792ee909800ac47e49f1ea2db08a4694cd8f6eb3e7da50389def062be2d59f32eb24ec1e826fef86f4bcdc73f51fbba499aada67b6418d80d04582be75af8d2dba1e14ffebe43f915c8cfd33e6a711cd671bb16c3ac6fd9794071de4a30f8c1d283a34069178d509ac5c63224668901ac8d4fd5bbbb6f35a4094264139128a74588b68c06f126d1e73257b71ec111aa0294acf52c15146f26f26e455156a844ae1c59e9a9fd03ad22a5efafd0449727a13e86f1fdf9f7f3d93ac74bfbf6a0e785f2f7b5152b8ca893250c75ef2ad62cfb008e338ae62145af76e6c980de85f8a3a5d2930d67371705e2b85cc6ec87d27cd7aac6cae8171724611d941e5f1811db8f0d1d347eb01ec01cb6335d58d161552cc1d1e1b2eba49550388210be72c46b296564ec4405f7debe4433b5bf520591173111095d2a4adf065ebfde5f6876fa806646d8fc86626741d32dd9ab24497ffaee1045e41e4c9a1bd57a91fe3da1d8fd5a64c971cc4774151849704c9f9e264ff8a54d6703fde329af6b4673de1e2cffffa4637f63ab25a8d67416097999ae91a84a4ed49307b7274f8e8f237648469083e584216c933a4b8cd7e3ab5c9703c2e6665ad1fe1a5723b231068cd66599f146bd9fa227f0d69e42186876643bbc6284e3886fa7aaff8bf9b29511852f6b88d7e63a761e2affa59d0a074cf7f7869945187a9525ab301af1bd72de8a8e2d324592e04165601419314f22168995ae5d75948010e605a330d18aa1e5548fd28282f0aec5ee6abe87256ee4b18b0b1a6ed08f99f60613a1d78d5f81754afb2e487749b1de7a444eb012662d11350ed0147c1aa013e51c380034cd78c51b6cdb6d8a8711f22b03ebb9bdb18235688a79cee999e26f7556266577d677ca40cd517511e0cc4c5f7349b0f1efbc422e28b8d9a57b087b5771af7dd4bece0fdb553a90e0a70892cda8cf86fa8df9013f4db902a64691f4fbe5d3ac2ad608db6d2e1aa6024f7ee82198df1d55d7988f8e82f2e8c701790fd7ccfa180355aa911ea9c372ee8bd5ae408edc56421773a6bc88c3177d03fb4fe5451c6eebef61b091a513df83ee157e4248511fcac1010a052bcdb423428bd7343f9bdc652d45c2fe0f87a5128ac00cb97a2aafa5c0b577114f8f61b50cd6d00a9de0a451a64c69aa2eb0ec01ddf6d00e0cf55933544b0947c6d3d80f4132c9f69fa66c4531c64523119ddd31b0985132a539ef339225492771989d3f6b3afc97c153233bce6ff4fad3b3de32d5dde76653146a992d96cacfd1e583861a3df7963e79a770d04f25b828a81f207e778eddbeb282abad69f3585a4f29a0268b27de68c3a5018b8c37a2184b136770b85e3c70fbebf59a22a77a947e124c50b682e604c28f899c4a76aebb81f28c2a80dcbafd75d08d1a5f242acd3b6bbc3d5f68b5f8b52ce5d23beaee021847fd022567e21f91a945ce9bbd479467f946dec01499996b0451d04ed8709e1d1371c3e4b2c80bdedef5cda4a9fdbb710c899bf967b6b80524623ad23aa77cd86647ef82f5fa09437eaf59f2446130c8f6047c731c7c3e26e716a632d59775f9186af08398290ab9d8bb674850dbd16e1271b1c17f56d5d50b79d4777ad9faf31a8ded302866554879921f7ffaff1441836dcccce4fb072aa2ca1ba2e0c5fd1a5ccc37f9b83be4ef8b0e9ee18433883d2439c1925dab16bfe7502473855f33c8d9b0b118b62aca22815684c1f4c11ce734ad49df2db562d572c26d656275cc0990f2189c16f52fb5b37e46de799e6695276d95a6d84d697b498e5b293b79645d1b12c4d02d10857fafb9dfd37a38a705be8d8ff6204db5cbbb7f4eaa08ec623b6949c5c6e1ac79b7c1dbe960dd5a6287e415ead2bc7fc224e2339f5fc253c02d60975e4a3af5930e483cd5e18ec26a94556a433e683a17782e6e110984e974104ce41afbb564cd5df1a918b0370165291c5af6c7b7d8c5e71f050129465f6277819d31bd7af981857acb2e4c89ca695ca92764be3bc647f99a1fdf892929b0014361649cdaf0f1615ef61524e9a798d62a9eff00ef58e15134bdd4e40495d1666ed5d212c403e505f279766e9bf7f7d10845ebaeaf777eed5d4fc578bbc874fb190a8a314680c9cd6e9f583734345a4f90aa300f33556fd62583cd6b96a24686b5a6e524849700ec26f7f84f8195c98efe419eebaf96d42a813b4516769383bb6c2e46ed329049a1c156a2f6259d6b7587ba0047ace66e08405d26600e98dc55140f95c78db9f493b1fc93c3898f8e2cea9df7c60033aabff41a77c0d091dab191578fab2188ccc0befd09ce5018516e572aa42e944fcfd1afc1f8f021d61e789be03ea990c3b6a3dcecaaab2601d16e001c96987433ffa6e7b59e69f305a2d0a498a959b84509c6a9f31223ea5af2a605c0d480181817d9780429ebbc5fa0b1411a21972afa11ba0c9c0525bfd603e4d71f97516999d8f07fc7f1f04795eb125ef676131504c0f77f7dcfc078cf09f869e5d66e2d4eab6c97894139fd324fb71cc8a4e94b1845fbe4c464529e1fdf6bbf763843d09b56e73d4a6b7daeb55ea33faf5a541679b8568005fc3ad7927ab768b60e73a29566bb632fbb056bf1a7fb68a056173cdb9b2287863b9ffe752d04c2a9b66e14f7343e220d26ce3deeedaa3faf6e24d785b25a78d3eef2f87896993f214db0f9d65487400ca711bbb253bbb81cf186db0d0690ad9821d54b845d028d85b3fa2852e798d77b4b6cfee72f31065f66d18e074247e2bd972c2c5e99f73ae7d71294cfbd3834bafc960d5f6a3e8b20bb8ae4e676088290b560ec2188bd0b37e2d970f0e131bf0ec54c85214d848109dd124beb1f53bcae147abab0f19439c3b4b1d95cfe5a165f07f9ea29d04d5acd82b05f1eaf0963adae2be0960879561bc993412d697ab8b9a869e770854d409189fc46b5a14960b3b80675a68667e82a5e09cc946616a6467db7024c8e93c2f3e754f46c62d55bbc66f03ac54037a698af8a6dabb2c1a554f2d24145fbe2aaa8ce3a0515e35b351a5ca864067cebecdd9b1dbaabb03395bee964857c3403c8850e8041427815dee202ccaf2627db75b8639e6c4a1546eed3f92f6d28d97212234c40b41ce699956a3fd5fc8d1319cefd26660439c636625a7d67bd07102b4eca93f89a60907b353d894cae5ecdc269304f50d9b4b825ca7a81d6370b9a249d4ae0729c2693bd1d6ab9ec4d56904ea118a251454a9106095a17077f5d80952de31c6cf7e322a84d2882f253dcd0d60d2e4e9bc977f8280e8c986b8a80474a9378b3f48d53e77516bddf673feb545c6dd7e3f3961ea6201052a4009c60b9e55d5e3d730e8d8be6947506f6870c45f779986214a39fd9fa5f9df56422897d5c004a81fba2b2a796850aa791f120b1bb59e2eb9ed65bfc20a6a0980b5ec2a9bb9b4631b1967301313892f9c1f7ff339dbad6f9b115a8fedb4599e76dbe56218f7bccd0a079086c9dcd2972f8a59a2c9c1cc8916137e85b08a6bb387dc3ea3752c83c21fdecb7933f0a504d76df53a1504c9c7b8ccfeee8d088dd4f45ff021a85de5ab72a5ddf4565beec50cd5a950d28a9514508c584bf6b3969d7b7d47d8796ae07e93059879274c3a08644661954bb7d05f5b13cb51b57624abe9051be1b5bf7c9b93381407f7bb9c3ed858c133e5381755223e46f84a783dc0964898d70d5664bea2edeb57262cf25cc5fb18ef4f3a8121017d00ce7a2469b6ef11f57599fc4fc49c23353a93ca70dc9d5fa2b02d378caddc3280b2d5f502e738e01766ef14de3df315377a45dd45fa70db2e52992e6f950fe46fd89a777b649fb0d8593f690a12bed1e787d5998ac892133fe8dc7282b563d4c2cca12f2c0fbb43da07dd744ea0396761b43902203649c833fd52330645adca99cea29fef3b5d2f2135769d65b1dbdcf4704c6b28aaafe6b27dd8f3e41f8247573263338b71cbdf53407204bf691f925ab1d54d5793ed344e8975693d46eed6a1fbef4ce4107434b7645a38610fd8f12cc315194ec976def1f80848c461992e73a654af63a9a24912738db9d62e8ee4a782da2113dc957bb19dc11ed089d2f7970bb7cbde62c4cbc312321d6c57f08fbf2b435cbc88dc2ceef2d67ce129813392c7bb7c8407853564275964c2bbe6b161081431d2f95b37955d3dcc930d77550fa98b5af795f436d6cca87f1246d5e8bd2e31d1d7eadd008537c0d8ef3b6ce8df772dcf68d10acabb15b8e12aa26f8f0f3c2501c9951ecd5ef5cd7ba3088d9f2733ce931ba0fc25f2dfb716a6215f04fabcd23bbf7b5add225b01140cf0d3365cd23495f9af868548db7585c0fe2722ce210f45dabafc15822d023e8dd58c9e180b3c3100ef602bd7c3b5f93b5d25aa4fd5fc8451bb7e797ecc6923f019ccd7dfa9cb92ee331977009a55fdf437177722d9f24364607f4ba9f4fe12ce26aad7309e3670ce8f49dd542af8a19d739f6b70ce47f1c432b926610eda127cb77bbbd1749177f8a59df80e94b253187461a53b8a7347bb5c605679495f70c9e4fa2da9bb7052027941e41e92b3927b35fb62bc35c67da7bd810d1615f7399013b3d6b73742ab88c6fcc2861f2410ad8b5ea21363419e9bf630bd7ae84d358ef6d4f041d52137e8f27526344e1a9ba9a62dc5096d01049d8c7c1a789c0e26bba605bedd95344da05f3c332661c41b36bbd2babe226bbf5e9bc2c66e255df84b24c2e9ef7f402b45860ed61d5fa150eeb73cfe42511d5c775ab7a4293a06bc4ed917cf68f275dbcfaeea9faef569cee5dbe6b1482c04f43d9e29dbe4e99e3a0d867e6eb9861d8dc5203fd28c1bf9ad8bedb9058905eb9e04bbc39856c99425f87c5a3167501b3c024877709abb473b1245b8988ee68de0417f748fe016ed86b4b192d54b8039d6f15da572ca0703359f48d991b083dc942e97f4f371dfa1842c5e3d926e73f194e07c79442f58335391909363020a83ff2464e3dbc56c9c154a2ebee169deefc5a6213ba4d4d44d1fe165b846085606f421443a1a83720aada920fb2d6e84c7f89a81c352e7211b106d819eb2dd1f671c387d6fb16af73aa346a3a4a231dbe1d49069667ddc170678aaaab3c216148109c054536dcbdadb44597c56642200f4390d6370ba83e040bcdd9dee128c4b2e35571a8c1cfab00966cfb90233938cb20ea3c41362a76a7f5f2824a94c8fc8dbe838c135b20f9e5a7773088bd110c546fc7d74d79b6c1cc2df832e16aa1753d46ce770b1f64cf3ef3754ef2d98425a797c235ae6851a3604d1cdcc28c5bf3dd39e3770a94f67b819d15c4a200a3fe6f49b137865492e7a814f07bbb9ae50a665c5d799a2ea52f97aa01b0d4c74e7a3828c94c25cf27087bfa489abc3ea7bed169b220687b4ee245506f4db9361f178a8096d633848bd371485e39483b76334f26fb62b9ee968de6abb34215845fa2fbaffd3354fe5d09f17d83e9545c815737a8ddac116d156294c857f7faaf5a7374c7a0c358a97abd67684ea77316fc1231581c5898df9469206fc52d35cbba7b098de84834db27ebecb40229273c065ff3c10aa668a71880562ba83fb1e98cbcff4117e47a75311a0ef393ebff6ce222e11be472528f0d562c901a89aed8f9c8d3f941bd21060eba6c2c5133ba075b4475eb70a4d26db6ea87012583c3ae24bccbb98ce7753356b5165a5cf155fb9002b750956d700cc12b2a089bb51ed20fe6bd2780e5f0a3da59a348cf5c3a5db5b6583c3fc19423d096e1e64562c810f7aa5b417e8d77941bbf159e45fce7d43e5de0cc6a15266ba286ecb30d42136f22b54d9d2dc2f7fce41ac31fc4bd7946a407e1eef54b71105526ca461f6fd76bf97054910bf1665ebb5a3393dfb27c5a34bbe3b7dbe36501e09b6841fa5e5a4aff4892bb01388dc651a51a2648de19639db1eccc14bf434b8b9a96211e3c744a5ac47d3cc7a00d456989e7e0d6547cd24bd4cd9b475c1a5633decf538a5951418df26672f21c7efbcd1161f96af86bd79cacac286be97ef0b20f51d827e157f33f27655f27b1dafde35de07a8470188caab17a4f46a042952c3b5d8e8ae4af6607e5717f28e2e727cd8d59223a7d1fbf484d2d8c9f8c055573184d1897c236be835d4e1a72ee29e6c731e3fdc308ee2304d5e33fb989216d109d5c2b63e8fd8ad3ada79204f16ab8524a9adc2fc9dcf8798811ab17c8f19c2c7bc5c5d09984c7c0dc30ab3a1b1a9819d02012e0dbad7e2acbd906b2736cb54100aaa2e199e89c72bf3c7a8e0e68f0d451e3c77b4299d07e4f6f8d1eba2723543851cd695d6378059860e9ff68bda0547c18190a7299f5a2916d5ae9d90e23a7fe523ed8d003d645c09c6d5fa00694149b461efbfe6f4e54bf4a82ca8afb1264ed8127279fc42652a53994709fc4a5db9ec353014e1d5d5333e970059059f37d398888ba355aa449a9f39134c01674af3a2ef1798a519289e90156f27a71f47dfa1e73ace95619881b476e4ac092140fdf459e4c51c99103f849bebf455be0d04e33098087b613e0d08f70262ebc782326f8b81db8e38e8c8afd3c0074fd2be47c5335924e9becdf37b09291086bcbf6cfc395220af63a7e1919706ccf3feb2efab76675a9eca529850c589429088874569ff09fc86d26fa538ca68fb4790a76c105f0098eb2bc86cbec9d5015b60b3e1857158ae2a30880e7875635707912c71ec23788e2de9265f623784b5037ca7ddb9131f1542b389129777751c4a1e72f7ddc407c56496e97e67b4bba57514db87e14c906410261d73f724d54b4ea4f3f72bfe19075997722d070b01013d5c27d65195edc3607a57916443bee4e1749527e8eb94acbccde84ef5bf37270763f06dff3886c17c0f2c53443b258c8b1442361b76c80a44508b9685771709a423e3eb1c9b77a991360c55b1fd51069c3e8b380b4829dcc1fea73fe0a251fe79bcbb93d9e8db2b10de3390cc44f1e965ddee444e85b5758c97997cc348b5e96b5061d12f77a6e63ccf07a0dc5c6e1b6971926d18203d89c5341d4a2e59097fa6dcc55109e34bae6872c449877046541b1e28604dd28ae0faa64e4b192c172500992e3e830a3133661085e3ffdd5ecb80578ca287d72cadaf19df8cda30686bab47638134457831627c7bd07739906e17ba585094c7d2769ba07fa382971b611553fcc588cca54296b3b09902b598a1f367dc1cfa4f12fe00d4d651584a4dbf4e32be4999d8ab7b91a209ece71257e6d82da2c87061b27303e1398ffc9b4521d6e8de3e7b4b8bb9e01983ba2d85c01ca8dc078c63983edd43e5c0ab8ec539526dd7323e2712e0dee5ea9d37454fca090dc19c5d7b14a7709cb96ff807b0e0fb0aa6dbe29e335ac20e9cc71e18bf3d0ba778655501c78022476adc0097debf49d2eba3f1e8a9fbcbb2adfccd2dee50595255148a945308256d26663f42a080cd00ca8b24a99ff33a449287dfd21ff91b13b378d9a4ea54c00db8a8e6b9791fff54179cf6a181d3b3800ebf0847433ba00c52b383e044ee635d2ad93aaa4c4aebdedb9bedd1ed760cb713aee818f5fe12f241c5d8e8f14ad33bcd0312d0877a9c1e9b358520095465a199e77dd8dd6687ddb13a8c1da19e00028b207191a2c7ccfba3b5941510d5c2a9216530a4d1d683d6cadffa3c9442e55162468ab53e96fd78d0b26912516b9f57ab7734ff3dba2ac7030f2b19bbcfad9cde2992e68c66c16cfe2f9b95f1d6238fb90cb4333d3d7c0f5cece759663d9f129a235c952fb8d13f9b5371e07961115853b08e0de8d54b786e13bf4a1276cdba69dddd6f8fecda160de8fe637f8e2903a0b722844489e69aff0ec9aa5f157fc1ee1f4b189809646b7584a8515bd0919f0569753317847960e684b516df1b98e79d58dd6150b2d27cc1a3bd773be346d6217450aae0905609f73be9b05cde60a2f56ec814301afebc208058d32a34b0e3c1a102f02f530ae3ab4dbd6c5cb7037f7116c1ae313901df41426ed195e3007c7e6b97bb3210ef7754044a5bf787617328d4f7d7c032fbe7c39068b6e1e6e99901fb49405dd09a6554edaca8355f6c643e0cdf8f3cfd085d855c98f3c537615fa6bb10a54e634eff1fc6affd5874ea04b949094f785f0454dd9b6832e5102db8965440e2554c61bd3717c71a1f56b4f728ff4f53474b3322ba9c4ad23ae15ca85791232d2988ea9ba26b64031ae01ad27398cee3753f949d76d19cfcf521241c890c27fa4593b0dcc0ca967fd17e280c6b160153f251675514d87d5f12aade46e45a76cbc1aa0537914c38108f61406d3c60c7012bbda120852be589a38723032ad540e80d4b2eb224fa353337ea32799ca86a7c002ea7228091ef4f400037123e896e04d9e1455482c532a3bff9403b55b905e3f61defbb1331d637c2043e852210ededc5e3354dbd9c895a01b522a6ac24cbd0bae9ef259aea0da60caaf1065babd5acf5b4cac988016a4a91c539ec70285cc37d0b6ef2a4a3ebc0d32b1e1b69f9fdeb260c25df34d7c7fc85ca618fff21098f7952b5326f902a2875beae507e6dfe8d0d62124621d5b60691d88e2ad1ea87af83faf5e8cb3e0155e93e6fd3ef27cbfc20e14ef17a6e2b033a9443be4fd59157b326c34c2042bb1fd0f2d67bccf923ea294dd9c578c4228fc5d0653814c1c9f6a89bb003209fbfa7aea874e1246ee50b9b0258903f5ec6349f1359011275fdd8e161b6a436dd5b8103d98947d311eb7200898f8da745b8ce6ad8f7d46b0beabec7ac6e0708303c6e9706df61afb653f6745c17e6f70ce2330632a733f3ea252e08b49f55ce067fa39eb298e457af14fb33b5dd9a6358566a6d002a721d2d4a16e5f7940c1bf6e3002d9241b85817d38ed45c82b2f6feffd358349e46e061c1be1e21e3f97f9d8ea9e36f63737b4871675003b81a100c486f77e222dc5d4ded2b7a15cf9792cac97b3df32834e5f28fc602d2fa05bf7b3b59dad343292cf877444b25362c8ce2911013584cea0280b7f69414d40a53f75cca6695f9ff7b0c4c6b356c608461c3a65d711278bcd947eee38f9337627e84a2da97c98ae889e3526a4b2fafcf61dc4bcb65c33fd21d4a70337c924e777edd4d3cff2bd5e45dd465edc377dea4661494cb79492fdc3ed1d7ac68cce40f534050bbdfe7741bc266b77fb4257cad02dc8695ca2935d21934c232793766c44ff339b79dc12c359cb22b2519dad86e3c52a7967a941258fb7b3214083b5c16d14e9a93096dcd97616dfbd9acb417a5f4dd36c1d786c9b057de4f8791436fa185f8f7906f06161f9847192c514f3952f42db2450a68e88e7832fae2e044df47a8fd055b4077efa85d32b60cc171c59ea99b3c0e84e8eebd231ad3ad5071047b0454ef16ea84d84c0b1c103149595743aa7e1fc28904e6785d698949dd47a2925a17ca3835ff3d5a9750f772ee758bf2a07fda9c0907ad7a1055df734b8a212a2d9cdf866fa9717fb7be92336a3fde7eba29ed2e2fd5a792dd71ce8f2bad4d577898945a9bde81349df8d8704818d004af12f7ff6444d8a88ab77242820cb5abfbd91125b9133a4848070db3a42febad919b844d811718ff4778342baea9688fa3e521027f62787d64e629f9c0763264470dbd31a9d8cf6d4dc5547035c4ab0ea2e7004cf48ecabdaa8cfc584c30a93da8059c864307fa6dbebd424ce22ed9acab4a881f5524eb05abb259e0ea7450eb4e8c0d32fd823047c030c18a595424cc9da97e8443133fdf1ee4d8f1cf446a7408830ec2764e0853848c7360450163674fe2ed87b4abe143c64a85035f9cef356d2393083b6e24234d2726fa45d87b3b7debd9a56f5c30ca72979a2aa881b6ae0ccebce2deac8384006fa536583e4a226606f443b429c522af29ed03fb9c21af2b1ee6157d148b5a8c7cec58037f8b4e8941ed8fb8ff2d528bdd11bd7221dc277847a476e8e8e54792c83a7a55e2975a8aeec88379570b76d3ad6607a38d5dce9438b09a5b9f4ea75f3c9282b6a47595a497c98d191df491d405351895a271adeb298cca663a50d3e26cbf658fb2f4f930e1bd2a576f3d872fd9d26c27ca9d05ff42e102b3678dd670edd6521c368b3239d92f0690bb29a1a5cc0a7e4e70fa2999c47b561b1cd387ad6e7c7a453ee5f07cf0136dd89c5da0aaada8d4af7e5457850237f7f0ad2a5976b12d75583ee48832727ee3802b168165f323f87c0b7714d6b9fa5e9e5e0953d54634eaabacfcbb02ebd59777b6e89ea010a0fe8faf71f4a075d97d58aa92228c2863ba4b9e2e8bc6e5572c14ba6f12bb73ffcacd8f723bce53ddf68756694da86b405d47934c09c447de04106a58acf634fba4ba24515184680cf85920f9e8f8923c81a4e0e4c66738935c68dcd3ec9037acdaab96a914a8ac972dc1e1c67f494647c7155b5e7d76fc5f35eda082a8daf01053856b609684c52f3e41706e750f54058105805a40fb205550753be4e2ccaad7a6c85eaad24fe71ac8ef602877670a3c3032f97f9d10aa017fe4e5ca7e0499b6c8aaee6c8df609866665c2fa1c5decfa9af3892affa21d218d2cdba2d61bc0a217e9b91a23043fa56c75c062d6b2278d8d4ca0d804ce554e4d71ce2d1838be48043f0621054e01ae5be5701a7d1b2370e5ffe306c1d79dfd9e1939ee587d113bc3473ad39baf69fd929a48ddbc49d27e35a348cae01798094d42b810ebd54295e8ef0e3148c8713abca0a3ee591cab6b43d30456b76878abc1222e439902d596381dc6800fe55d5e0060e42750698c9fb04a36e52266962c402cff34425c5b03c9f8f172d6c52b73382ed2f81561157", 0x2000, &(0x7f0000008a40)={0x0, &(0x7f0000006240)={0x18, 0x0, 0xf540, {0x6}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000008800)={0xa0, 0x0, 0x0, {{0x2, 0x1, 0x4, 0x70, 0x94, 0xec, {0x5, 0x8, 0x5, 0x28, 0xe, 0x5, 0xd6, 0x8, 0x4, 0xa000, 0x4, r2, r3, 0x8, 0xffff}}}}, 0x0, 0x0})

45.105646903s ago: executing program 6 (id=2255):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0xfffff000)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
mremap(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000006000/0x1000)=nil)
ioctl$OCFS2_IOC_INFO(0xffffffffffffffff, 0x80106f05, &(0x7f000000c980)={&(0x7f000000c7c0)=[0x0, 0x0, &(0x7f0000000280)=@clustersize={{0x4f32494e, 0x1, 0x10, 0x80000000}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x32})
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'ip6gretap0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="3b844100c5dc2f"], 0xdd12}], 0x1}, 0x20040890)

44.857725761s ago: executing program 6 (id=2258):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@grpquota}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x7)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x122dfb579e447c7a)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7ffffffffffffffb, 0x3, 0x0, 0x0, 0x17, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000007700000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220fffff2ff00000000000000000e00", [0x4]})
write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x2d, 0xfffffffd, 0x20000, 0x2, 0x0, 0x9, 0x7, 0x0, 0x0, 0x8, 0x10001}}, 0x50)
fchmodat(0xffffffffffffff9c, 0x0, 0xfffffffb)

42.675993789s ago: executing program 6 (id=2266):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x40240)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=<r1=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r1, 0x0}])
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x3, 0x0, 0x0, 0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000140)={0x3, 0x9dc5, 0x0, 0x0, 0xc})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

40.764225979s ago: executing program 6 (id=2273):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
r3 = open(0x0, 0x80342, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r3, &(0x7f00000003c0)={0xa0, 0xffffffffffffffda, 0x0, {{0x8, 0x3, 0x5, 0x8, 0x3, 0x1, {0x4, 0x17f, 0x20ff, 0x5, 0x89, 0xd615, 0xb, 0x80000000, 0xfffffffe, 0x8000, 0x40002, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x7}}}, 0xa0)
ioctl$XFS_IOC_FD_TO_HANDLE(r2, 0xc038586a, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

40.346286023s ago: executing program 44 (id=2273):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
r3 = open(0x0, 0x80342, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r3, &(0x7f00000003c0)={0xa0, 0xffffffffffffffda, 0x0, {{0x8, 0x3, 0x5, 0x8, 0x3, 0x1, {0x4, 0x17f, 0x20ff, 0x5, 0x89, 0xd615, 0xb, 0x80000000, 0xfffffffe, 0x8000, 0x40002, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x7}}}, 0xa0)
ioctl$XFS_IOC_FD_TO_HANDLE(r2, 0xc038586a, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.213127028s ago: executing program 0 (id=2463):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x1, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000880)=@svm={0x4, 0x1, 0xffffffc3, {0x1}, {"9be888fb2ea48443619a6098b98e9215684276db57270948ffe76cd33c04abb9d93305843f4fe73eb62395fbfc62f491f75ecdbfaa849776f3621a4ef1acb8e2ba6770810cc6a367e4aef82823ebff498453094a43eaff4b6e7902d075b9dd0af88b31f7d0ac3038ba45d98618bb8372440f585c8719b1f7662a797c182ccf4a07a9959714f85b8a47a0f43d8e5afed285e9ef83cefeaf88896513175b3c60fa56c605f127834b98248dcf7ef04e6bd42f04309dcfb8c49a6611dfe585cb8bb08fe42307a1385a1c6b71817d7486a8c2600a03739cd365d8403296a80b325f7c3cbb2b439831c5ac33263f65d5bbe2a3c83e16e3c524807d9dc73eaa4e7e5491a59e383a4b741e43c1e38e81e0e7dc56b4ef94561b5c5d125140658865ad8899b963b4dbdf492521b2f828662a02d76b4db66e130c5c8da5356b6c5bdc16e71f43d9de078789e1001724d7ab987d2b2610ffcda40365069af4ce1b19a51f231a16f5162429b8ddbbe96e57e0e227fdb6be3283566805a7495243a5f43e9b715d4703448f01003b8c7eb2101da7ccec6fe6c90efd7f68db039025dffee36bdc2a0c67fdc4baafa615d78094021e8ea5547ba4b237d46dd806374521ac988ddb873c03ced630d687f32898dbd63998073f40f7ab946dc9b1b677e3c5393fe0c641424040cc6b3393328cbd2fe04ed62a431ae69c6b4514256222929a20b53cda992920c6dd08276f605cac73563791366b7b2780826667f9f67fe0795f2657818bc4d0e177a8d2ce2ab245e26649711f663f266940a1e4e8c5e00663cdddc181f08ae0baf75936bab33a14e8bb3d006a6ac14c62243096c6e09d1f6f20b6d22ac70e98fafc4987a968345467d5a737348c5d8cd06d4c3201dda3564294e58ee0d7eac4b7c3a650435e6de83fa157322d69bc15c2ef1499772fef990001ca60afa7d7574b1ac323d0bfb1894e03eae3b4607e16b141afb9fa148fd9500abcfb999edfad9b83e404a5934b10cc39681c00209695605501e1cded1ea214f40209e20ee9d58ebf8dc953f8566c2153933eb24c2b31c30fcb1abb1d979fd48b1caed0800a20d7c3ee90ad49f0f1118b6e21100a9e5abe9695ccc1d6713b91f822c341c5509e2e22bbc0836568005deee6cf1ae196c7437e4a0dab0e5c49eeed98a8ed5b216b69027267901cec1f6b3888bf65492fa1c47f1bdab4577a78bf373991920f09fa86ad994ed987c42ca150089328dfb6a2ee1659a699faa899dccd836fd0eef01268b0b67154b3d6cbbc6c97bdfa2e8d58d8c41f34f579c9d9431cb83f5171429b1d4a79f5998f53c644997ef686bfa7a5fc4e7fcabec58ecda2f3230efecb55953bdbf98d75e483e7ba3331bab258d0630403888c4ef8d7f1050ad5da7a4823db2461562b6e4ba02ebfbcc1ef79c9d7f7d30e2869cce41e366b04bf7069bfb328f67dbe7230929d2ba2f319c2024c25bc57ab31c797e48f119ea9194aa84d0e6c30ef6c1dc0ea6e4d11cb912a0381bcfb339beb6c76fb482e3a9dcead115c21d794afb1de3f38cc8c293dc4c2ec0842bed6af1797c9b2ae8740217463598f6af67fcca68a3a1004eecff6c86ffd0e37897ded14934559683e8cc8a7891eedaf971a97e927d14c408b00253ea295101559520a949f3735b93a99992d18ae850e474f32fadae72f8db295801d22a912bda4c04de03fd537aec2e7fa6ba9bd9558a2a245d62832f219f6a34a2b579a5c582602880dfa6b183ac57ba0c112919c1c8826ab53ccebbbe017935d3c0343365de6ca38facd5a5ee5a0308a1c7097502123129731f9297e6d6c3a55e874d0e7d66569a637b986bf6cee365feeb360e2fac03f3cb0d65be3f55b4a07c5196a3ee26ec120d0390bdf8c834114d47438ec574abbc1653f65cd686982cedc81f93c8ee4e660ca6cfcd7d8a11846eb9543f6281a81c540c4e1baa4bf12ae42856ef7e9298c15996760ac4c95e6f2b909354eac65ac38ad98f8ad5ac62d7297c16bb5b5f31665a595362e952f7998ce2cb77b7f5cc57124bb2455257321599361dd26d3c76b0cae3262a84de9cf12af32b20d4452599bbac69a645013ef8d9488733847b9fbec7023db8cf6c42679fb468a6ec0d7b9fa61ae41e3f731125dbc401ff5f54c45df4845b49524334b9c8e7485d17a30432e945cad24293aaf80a3303ff61d729262efbeb84c10605d63e740267c12406233ac9d0aa627216719a00b3145fec4c8c8fece32d4fa6620e140628d1907cf184c3f85ab0d4c3f02044d3e10e42b58e32b32238303d36e423e4541ac658462a4d2faff99037a943208eee268b380c6b38cd8a870cb42692bf8ebd27c631a18f8325a51cff95d60781cbc8bf149e00197a5249440dc9464fc1fa91e8c8c4aa2c743e4cd02bbbe6c3d5bba354075522e735c3bd769ab9546e885b222ccd3a59f6ef547bf36507743b23f10bd693c8a3267ede0132fd8f018ba79ac82380b52dfa223bdbc63668c1b03c90f0c5be4c0cb6b593196677b7c915f2a0b414f6745274620c778d3672ba5506e46a0322991c7118203cb0b700b24a5583d3889e2996348bb95e2d7afef5a8bb5fd43984d7f9a4e5d9ec4d8cf21c7e37aab3d27b96ba91894b3b9af496758a2232476bf73e340c9e5a69d6a4c3dd65c739c9e5f33f6c38add54b090f03e2957b60f2c1811ce2b995e59b96c8739d982e568d0dc29f3bc7689e7bb9ecc164a2f45622ab5ea253be9313d39de523b7235ec54a9e23c05a166d60af1fcaa5e63407e18e5ac7172aa6c343fbca5a3d30457d39eb15d5af7176f383ef57b29be43896df4aa0cf55fba38d556f30bcb3769fdbb745f6acfe8c3dfffe58e6ef50562b07ce462372b22b7843859eb5292df25ea30c8c788da40863c901455eb8dee9eeaf28ce967222fb034f4522a202050fab700a1f8ad777beb63cb499e2f5c83fbb23ae1b170d09b9550b9de706fcd7316d387fb88b159243994b00be0a8cf0134259fbbcb331c05b18960da684fd37db3f53097a9473aa4276e5d4254c29386ed57ffa3dc957da688257a9b0dfda0519b8c3ef635a92b52315e45fb635f93a9a1f323f09a15daedbb8574581a8f9832362b6fa7f044bdb93d8728b6e9462a923e76822a658d0e94e9cc99fa8ef5cf19a0a185bfc54a30d3177d6734d9bf2038050d46b50764de20aaa447e1aec1be92e93b7440700d260d57ec922725ed682cb086b94766a94bd180680493266a03590182599a71ee82cdeafb68055ba611fe1d80a565083cda09b4e377677e0181d3d7249d1559bc0cc29da67bb3887b9763023ac8be0b3538a9e2d844df78761f743e745fbc19bdc3b03eb80d7641d6fbe976e0e394566c72249092c646735c2561615e31e00b3279444cd151d8adcf7a78cd223bd1cad3d902b5a972294ec4ceb82c4595382cbe2ee1ef44ba5c73bcecfadd508a818f8329c6a08ffd0ad433815a8c1b9e61185381840550382e0763f7f1d55a4fe5666427fe83232dc621368401eeb112218a9984d11fc621498a7f33f97057b0b2d8d7195b6d75d620a160f9fabaeb76169130579b97348c027f7ad708c12f9e9ef65a3362f6882acc067728db619cdb6329a3aeec385773f590d1c866997f9a3f46e2602c3a1e3a25abff7a1656f01f56c36334f178ed216de2a8bfc45c441847214e1bc6fb73fc6fbf54b30160beae2728db1dfb88e2bdd24e6e7c8225ba59c1f444df7a347611f9c8d4b520d4a6a8aa1c31adf86120a71c32004bc34c54eb1a482e61297841237cf9ce207430cdc4347f414fc46581f31059aa48ca6a672646a8fd5ac331a8222acb402f03ce654b1333e9a8625b509adeb2a435b5802cd769953459320e662ba17ddae0abe606f2f82da1094f6de1658189b5bc7158ee55efb6083f0df799612e472bd1ce86ae4ee65b03294bbab3713980340a9aeddedb102c6c1e13200b8ca69218ad0e3330d68fe2b41471e91f3f141230096651e4c740f1383897b9d15102eb60ea69071f3f608977b677aaa15314e4cb3780239da526baa184de96c0cecf2ea13aa800d1858855485c73b38e9a215d288163881a0515d073ac9e638d76e43c51c87e047e54caaf7612c9759d7c6da0d9d3d2a1790cb1e7f63a61dbd888261db3d322e8e96944d654f0fed0f3f5acf8913122aef88cd069b8ea319da9616c87791f863ec92442046bad997c3e1e6401c72aa6e3b2f9a27fa50d38f521970e3ad7059614b10ce29c0e78a5035f3fd970f752aece21d8bccc07a3bef8df0bb446576de9b7ed2682ade5e92e51b1f6d4eb3326ae1f1030dd6a85cacadab8bd456d018f96b68b40f363adf02464593a930a8909826883163df30ab2989517e5604a9731f818640552da7509575ddb1bdc811f595ac0b8d11837a3d324ed80c2f475dec5f26b99b33657123d1b1322c24e4a05a9fcd89f6f7be389aa52fcdd5aa1998503e300637e2fb87f60e4f5d78206b505b762fd9fbd9bad10a34de8b0c2276c1bf02ac2c0cfcf141be8b34ffd456acedc78306701308a93f21beb71cc63b401ab9292e15d20b4ab87b373145a7bafda03fb4440978b1885e3e6e2108d38e738b7e8ff4d8b5c16d42c9d6e599d3eca0e869b51eb00cb5410fd37f1e627dc38a7906c827c925658fd1bcb0940ebf0645e8e22d850de34cf7f08a91ad773dcc2151b37f4146a2363c612e8251b759670e9a2b70fc28df5d528bde0ff8b8ffab76eea35f0885a7c44defd591f79fb996f1507098ae76d53bc5a198200f0be09620752eddf090e9f2d1c61ee8ed75eba42297f79b3d146aae0a376265d279fc85567f713dd2dae2e522ff8fa94713bf16cd1a3ec55c7c8a46f67f0161ab546d96e669f6ebf813dff471264874dee3bc5a7f2a49b13c768e68a7198fa7f731ecd730b08857801ec8a86d3ef66ce790ceec0dc830f1bade773f128572517008a3fb800a38100c295623a8f97ad5c7f8cfad9c10b898978593c430c0e8e7947e1c35b7ee2a8843a5445a2a900fc07e5dbd4d4c9d8b31b7b0862bf10e84d69b2a15777de7d1460a2741e383b2da12559f6d7de8940c11aa70d0da308d44ade47b383d147ee38ccc0cf6f91e3a162e45ecb686aafc09903126017484b82bb52ff84afe0c783f0c0780def01a24348d4b2e693f5962d010cf039ec09b2e62cc94695a42744b8152f3f113a0e8e949a8bb76133d2df717a7c6043eb225de29090ac579c3b04039c04bacd1a7ee4714873f5d0235b8dbffa2f77525537ebe58875ceb1303a85b89606ad7b9f3e9daeb40da1366c1779b5055d1771686d0f7d4262acd3ae8846df66107e2b172b70893c1bee8391f4beb7057f9f80300f4a33e5950d41b467f4b1354c4a4829515ff5c2dd768d4b9138f6120f856bdfd895c4ec6ed4488fd6805c6b95789bbd0e47c35b61c32e51327bd9c155f82d8da41c2110b2b291dd1095723f0fa60323e1d0a643a37b857e9157e34023cc8c24808f1b92490c3b0410fb1b43159668b91463178bfc3eefe90d6ee95b419eacdd6f094b5e1f488fa9a810cd221577149db31c9b0c483edd058dcafcc8d8bc34e763cb6f93261bb119a1bd146103d7dc88ca1fb701098b46c6b2420d8e83710e8a749767723832ff322aae7b9f033d17807298d97460d389f359b9fe6b684d575b42b4c40cdbad6a8bd30f8d92320c45c497660a12b49e9d407f2b33352ed8229a7f1c86a3f162c7f1f7932c7787bd9fc84274d280d4d1d2e8a60b8fc5fcb431d39aea597435fb4301579abe6f13fb0ff2b2c8fb00"}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x14008010)

3.677857355s ago: executing program 0 (id=2469):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000340)={0x0, 0x0, 0x100, 0xfffffffe, 0x1e5}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r4, r5, r6, &(0x7f0000000280)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r2, 0x0, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0, 0x40002102, 0x1, {0x3}})
syz_ublk_add_dev(r3, r4, r5, r6, &(0x7f00000003c0)={0x2e, 0x5, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000200)=@any_dev={0x4, 0xd74, 0x0, 0x0, 0x1000, 0x68ba, 0x0, 0x0, 0x10}}}, 0x0)
sendmmsg$unix(r1, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000200)="c2", 0x1}], 0x1, 0x0, 0x0, 0x40044}}], 0x1, 0x4)

3.19470543s ago: executing program 0 (id=2471):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000025300)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054)

3.049711614s ago: executing program 9 (id=2473):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
syz_clone(0x800011, 0x0, 0x0, 0x0, 0x0, 0x0)
ftruncate(r0, 0xc17a)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)
mlock(&(0x7f000064c000/0x2000)=nil, 0x2000)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)

2.786779933s ago: executing program 8 (id=2483):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@remote, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=@newsa={0x19c, 0x16, 0x633, 0x0, 0x80000000, {{@in=@rand_addr=0x64010100, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x20}, {@in=@broadcast, 0x4d2, 0x32}, @in6=@loopback, {}, {0x5, 0xffffffffffffffff, 0x0, 0x5}, {0x4, 0x2}, 0x6, 0x2, 0x0, 0x4, 0x18, 0x19}, [@policy={0xac, 0x7, {{@in=@loopback, @in=@remote, 0x4e23, 0x9, 0x4e23, 0xe, 0xa, 0xc0, 0x20, 0x3a}, {0x1, 0x3, 0x1, 0xfa, 0x9, 0xd2f, 0x3c, 0x8000}, {0xfffffffffffff11c, 0x81, 0x9, 0x7}, 0x4, 0x6e6bb2, 0x1, 0x1, 0x0, 0x3}}]}, 0x19c}}, 0x0)

2.482977952s ago: executing program 8 (id=2476):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1860, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}]})
chdir(&(0x7f0000000000)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x41d00, 0x89)
io_setup(0x2e, &(0x7f0000000200)=<r1=>0x0)
lsetxattr$security_capability(&(0x7f0000000040)='./file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x3)
io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xf, r0, 0x0, 0x5f, 0x4000000}])

2.364959056s ago: executing program 9 (id=2477):
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
connect$llc(r0, &(0x7f0000000240)={0x1a, 0x20, 0x0, 0x9, 0x2, 0x0, @random='\x00\x00\x00\x00\x00\a'}, 0x10)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x10, 0x1}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.082300865s ago: executing program 8 (id=2478):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fffffff}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0xff, 0x4, 0x7ffffffb}]})
getresgid(0x0, 0x0, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
exit(0xffff)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)={0x90000014})
wait4(r1, 0x0, 0x8, 0x0)

1.615591919s ago: executing program 7 (id=2480):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f000018e000/0x3000)=nil, &(0x7f0000ceb000/0x3000)=nil, 0x3000, 0x1})

1.338573868s ago: executing program 7 (id=2481):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
write$binfmt_format(r0, &(0x7f0000000100)='0\x00', 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x78, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
write$qrtrtun(r0, &(0x7f0000000300)="ca", 0x1)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x2], 0x0, 0x0, 0x1}}, 0x40)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)

1.118185285s ago: executing program 9 (id=2482):
socket$kcm(0x21, 0x2, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
pipe(&(0x7f0000000080))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
creat(&(0x7f0000000080)='./file0\x00', 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r1], 0x15)

1.085429076s ago: executing program 7 (id=2484):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000180)={[{@journal_dev={'journal_dev', 0x3d, 0x5}}]}, 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
getdents64(r1, 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, &(0x7f0000000140)={@id={0x2, 0x0, @a}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, &(0x7f0000000040)={@id={0x2, 0x0, @a}})

1.025238478s ago: executing program 0 (id=2485):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, "7c80690ea8c8123e", "f92dafad9e3b473a1eaac151fe41ea97", "ee367a98", "74aff2072572aca8"}, 0x28)
writev(r0, &(0x7f0000000140)=[{&(0x7f00000026c0)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0xf3a, 0x0)

1.005966999s ago: executing program 8 (id=2493):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000100)='./bus\x00', 0x80421c, &(0x7f0000003240)=ANY=[], 0x6, 0x36c, &(0x7f00000023c0)="$eJzs3c9rK1UUwPGTNMlL8nhNFqIoSC++jW6GNroWg7wHQsBHXyO2gjBtJxoyJmUmVCNi25Vbce9KcFG6s+CioP0HunGnGxHcdSO4sAt1ZH4lk2SSpjE1vvb7gZKbe++Z3Jt7C2fSTub87c8/aNRsraa3JZlVkhARuRApSlJCieAx6ZUzErUvL939/cfnH69Xs36Felhee7mklFpc+u7DT3JBt5M7clZ89/y30q9nT589e/732vt1W9Vt1Wy1la42Wz+39U3TUNt1u6Ep9cg0dNtQ9aZtWH77N8FxzNbOTkfpze17+R3LsG2lNzuqYXRUu6XaVkfp7+n1ptI0Td3Lyzjpsa23RfVwdVUvTxm8NePB4JpYlqMviEhuqKV6OJcBAQCAuRrM/5NuSj9N/r8hi5XKg1Xldu7l/0cvnLbvvnW8GOT/J5m4/P+Vn/xj9eX/7ulEL/9v+ecHtcvz/y9lovzfN5wR3S5T5//FaxgMprOUGapK9D2zrLKeD35/PQfvHC17BfJ/AAAAAAAAAAAAAAAAAAAAAACeBBeOU3AcpxA+hj+9SwiC57iRsiPW/47b5q6+w/rfZI/XNyTrXbjnrrH52W51t+o/Bh1ORcQU4y9nkLs3wiuPlKso35t7QfzebnXBaynXpO7Gy4oUpOjtp0i84zx8o/JgRfmC+O5lSvlofEkK8lQ0/ltvd7rxpf744PUz8uL9SLwmBflhS1piyrYX2Xv9T1eUev3NykB8zusnIr/854sCAAAAAMCMaaor9vxd00a1+98yUq55HxMZsiwF+TP+/H459vw8VXguNe/ZAwAAAABwO9idjxu6JA3LK5hmXCEnI5viC7mrdE711aRFJLZzZqAmPe7IC5EZTjgMPSP+HUyuNNOYwlfhu3qVqPAfKdyBd5uCO6rIdOMJ5+/VJFLTTsc0E/vibYD9aFNSJghPDQ5+ya1QsZ3vjzzOQTCRbk34sVFmxPssj4aPkxyzE9JDNU5iug3wzBdf//Fv90+v8OpxsAM+urzzgWk4ezLJogwU3JcYbuL2OAAAAMAN1Ev6w5rXos3RG4lEb5bDX+4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJihmXxR2SWFec8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+L/4JwAA//94DPMO")
close(0x3)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f000029a000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a3, 0xc000, 0x8, 0xc1})
write$FUSE_INIT(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

859.894193ms ago: executing program 9 (id=2486):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r4, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x5, 0x6, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008840)

855.735813ms ago: executing program 7 (id=2487):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c8)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000083c0)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x3fffffffffffe, {0x0, 0x200000000, 0x1, 0x4, 0x6, 0x0, {0x0, 0x10001, 0x200000000000, 0xd, 0x0, 0x100, 0x10000, 0x2, 0x80000000, 0x0, 0xd, r2, 0x0, 0x7, 0xa0}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1, {0x7, 0x26, 0x8, 0xfffffffff323ca46, 0x0, 0xfffc, 0x6, 0x5d3186cc, 0x0, 0x0, 0x1, 0x10001}}, 0x50)
creat(&(0x7f00000001c0)='./file0/file0\x00', 0x108)
read$FUSE(r0, &(0x7f0000002100)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000000040)={0x10, 0xffffffffffffffda, r3}, 0x10)

776.820916ms ago: executing program 8 (id=2488):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x0, &(0x7f0000000000)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102384, 0x18ff0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

739.350737ms ago: executing program 0 (id=2489):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x4080000)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file4\x00', &(0x7f0000000380)={0x8a001, 0x0, 0x12}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file4\x00', 0x0, 0x0)

647.40732ms ago: executing program 7 (id=2490):
mount(0x0, 0x0, 0x0, 0x20008, &(0x7f0000000440)='\x14st\v\x88O\xc2\x9d\xf8\x12\xd6\x15\xe0\xe2\xbd-!\xef\x83b5\xb3\x00\x00\x00\x00\x80\x00\x00\x01\xf8\"\xf71\xe4\xd8K\x83\x96\x85\xa4\x81\xf7\xce\x9d\x06\xc8\xdb\xd1,A\xc6q\xfd\r\xc9?\xadt\xaa\x8b\xc1\'\xdbH\x9en\x8b\x82\x9f\xeb\xbc\xae \fP\xfa\x17\x1e\xbd\xe7nn\x18u@@>\xd6\xafnjSG\xff\x9a\x9ee\xb2\xbbM\xb4\x1b\xe2\x060CW\x85\x9d\x9a\xf6d\x89\x9dl\xe4\xda\x9d\xb7\x85\xaeK}\x19\xf8\x19A\x15\xdb\xd7H\x8f \xa5\xe9B\xc4.\xb3\xe0\xab\x1dE\x05\xaf\x99\xac\xc7\xa3\xa9:&\xe3\xba\x90\x8e\x975\xf2\x17}!R\n\x01}Z\xba]\x83\x1eB\x9d\t\xcdM-\xa3\xff\xa4\xc0\xa5\n\xfd\xbd\xb5\xc0\xd2\xa3\xcd]\xb2\x91\xd2\xe1\x8ak\xe3\x15\xc8[\x00\xc2\x16d\x1f\x92H\x86\xd1\x04\x9e\xc8\x98\x97\xabz4\xb1\xda~;\x95@\x8d\xe69\xe5\xdf%h')
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'gre0\x00', <r2=>0x0})
bind$packet(r1, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x43}}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000280)=0xe9, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001852900002f0600ac141430e0000001808a8972bd0b72e41082b1a3d206"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x44040)
setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

543.479993ms ago: executing program 9 (id=2491):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000980)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, &(0x7f00000006c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1], 0x18, 0x800}, 0xc084)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r3, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
close_range(r0, 0xffffffffffffffff, 0x200000000000000)

423.923987ms ago: executing program 8 (id=2492):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x4000, 0x4)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
bind$xdp(r0, &(0x7f0000000400)={0x2c, 0x2, r2, 0x16}, 0x10)

368.673469ms ago: executing program 7 (id=2494):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000080), &(0x7f0000000240)=r2}, 0x20)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000040)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

227.931533ms ago: executing program 9 (id=2495):
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r0, 0x0, 0xee01)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
setuid(0xee01)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14e174135c0b87af)

0s ago: executing program 0 (id=2496):
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="6b0ee0b3d4"])
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd69010000001406fffe800000000000000000000039fe8000000000000000000000000000aa4e224e24000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="51c2"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e90000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x47, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})

kernel console output (not intermixed with test programs):

oo short (expected 29220, got 36)
[  338.800383][ T6976] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  338.824087][ T6976] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  338.834359][ T6976] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  338.849594][ T6976] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  338.886928][ T6976] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  338.915720][ T6976] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  338.943725][ T6976] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.970926][ T6976] usb 1-1: config 0 descriptor??
[  339.208579][ T6976] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  339.412929][ T5821] usb 1-1: USB disconnect, device number 8
[  339.429030][ T5821] usblp0: removed
[  339.711500][T11216] netlink: 'syz.3.1081': attribute type 1 has an invalid length.
[  339.781440][T11216] bond1: entered promiscuous mode
[  339.809244][T11216] 8021q: adding VLAN 0 to HW filter on device bond1
[  339.954928][T11216] 8021q: adding VLAN 0 to HW filter on device bond1
[  339.987362][T11216] bond1: (slave vti0): The slave device specified does not support setting the MAC address
[  340.020922][T11216] bond1: (slave vti0): Setting fail_over_mac to active for active-backup mode
[  340.095918][T11216] bond1: (slave vti0): making interface the new active one
[  340.120343][T11216] vti0: entered promiscuous mode
[  340.159476][T11216] vti0: left promiscuous mode
[  340.259012][T11231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1084'.
[  342.073320][T11288] loop3: detected capacity change from 0 to 64
[  342.159834][T11286] fuse: root generation should be zero
[  342.276576][T11288] hfs: request for non-existent node 131072 in B*Tree
[  342.309111][T11288] hfs: request for non-existent node 131072 in B*Tree
[  342.334903][T11300] hfs: request for non-existent node 131072 in B*Tree
[  342.366301][T11300] hfs: request for non-existent node 131072 in B*Tree
[  342.413766][T11288] hfs: request for non-existent node 131072 in B*Tree
[  342.421886][T11288] hfs: request for non-existent node 131072 in B*Tree
[  342.435769][T11288] hfs: request for non-existent node 131072 in B*Tree
[  342.444217][T11288] hfs: request for non-existent node 131072 in B*Tree
[  342.463164][T11288] hfs: request for non-existent node 131072 in B*Tree
[  342.476224][T11288] hfs: request for non-existent node 131072 in B*Tree
[  344.776785][T11375] netlink: 'syz.8.1120': attribute type 1 has an invalid length.
[  344.902611][T11375] bond3: entered promiscuous mode
[  344.930694][T11375] bond3: entered allmulticast mode
[  344.961545][T11375] 8021q: adding VLAN 0 to HW filter on device bond3
[  344.995286][T11378] macvlan2: entered promiscuous mode
[  345.019510][T11378] macvlan2: entered allmulticast mode
[  345.028017][T11378] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  345.242719][T11384] loop3: detected capacity change from 0 to 1024
[  345.294652][T11384] EXT4-fs: Ignoring removed orlov option
[  345.336212][T11384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.203029][ T9637] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.419961][T11423] mmap: syz.8.1131 (11423) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  346.457177][   T27] audit: type=1326 audit(1782226779.210:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.8.1131" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4a83b9ce59 code=0x0
[  347.737557][T11467] loop0: detected capacity change from 0 to 1024
[  347.775672][T11467] EXT4-fs: Ignoring removed orlov option
[  347.860333][T11467] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.711051][T11462] loop3: detected capacity change from 0 to 40427
[  348.744068][T11462] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  348.779391][T11462] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  348.834323][T11471] loop5: detected capacity change from 0 to 32768
[  348.866015][T11462] F2FS-fs (loop3): Found nat_bits in checkpoint
[  348.887228][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.909750][T11471] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  348.976562][T11462] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  348.992760][T11462] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  349.183393][T11471] XFS (loop5): Ending clean mount
[  349.205574][T11471] XFS (loop5): Quotacheck needed: Please wait.
[  349.349511][T11471] XFS (loop5): Quotacheck: Done.
[  349.764065][ T9637] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  349.784171][ T8907] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  349.800954][ T9637] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  349.841838][ T9637] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  349.857266][ T9637] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  349.869432][ T9637] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  349.891771][ T9637] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  349.899470][ T9637] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  351.106910][T11558] loop5: detected capacity change from 0 to 512
[  351.153657][T11558] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  351.202636][T11558] EXT4-fs (loop5): 1 truncate cleaned up
[  351.209765][T11558] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.339075][T11528] loop0: detected capacity change from 0 to 40427
[  351.370075][T11558] EXT4-fs error (device loop5): xattr_find_entry:337: inode #12: comm syz.5.1161: corrupted xattr entries
[  351.429412][T11528] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288)
[  351.465975][T11528] F2FS-fs (loop0): invalid crc value
[  351.487806][T11528] F2FS-fs (loop0): invalid crc value
[  351.507309][T11528] F2FS-fs (loop0): Failed to get valid F2FS checkpoint
[  351.549653][T11558] EXT4-fs (loop5): Remounting filesystem read-only
[  351.765968][ T8907] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.156432][T11604] loop5: detected capacity change from 0 to 32768
[  354.217625][T11604] XFS (loop5): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  354.445786][T11604] XFS (loop5): Ending clean mount
[  354.713698][ T8907] XFS (loop5): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  356.143196][T11685] loop0: detected capacity change from 0 to 256
[  356.230328][T11685] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  356.659544][ T5919] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.976827][ T5919] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.172601][ T5919] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.478472][ T5919] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.891135][ T5919] tipc: Left network mode
[  358.233711][ T5784] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  358.244912][ T5784] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  358.254400][ T5784] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  358.262821][ T5784] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  358.272212][ T5784] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  358.280410][ T5784] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  358.757036][T11737] loop0: detected capacity change from 0 to 1024
[  358.785730][T11737] EXT4-fs: Ignoring removed orlov option
[  358.835094][ T6973] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  358.864242][T11737] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.019439][ T6973] usb 6-1: Using ep0 maxpacket: 32
[  359.028117][ T6973] usb 6-1: config 0 has no interfaces?
[  359.053140][ T6973] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  359.077438][T11737] EXT4-fs error (device loop0): ext4_validate_block_bitmap:421: comm syz.0.1198: bg 0: bad block bitmap checksum
[  359.100942][T11737] EXT4-fs warning (device loop0): ext4_dirblock_csum_set:427: inode #2: comm syz.0.1198: No space for directory leaf checksum. Please run e2fsck -D.
[  359.103341][ T6973] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.125850][T11737] EXT4-fs error (device loop0): ext4_validate_inode_bitmap:106: comm syz.0.1198: Corrupt inode bitmap - block_group = 0, inode_bitmap = 4
[  359.160673][ T5784] Bluetooth: hci2: unexpected event for opcode 0x2040
[  359.224469][T11737] EXT4-fs error (device loop0) in ext4_free_inode:363: Filesystem failed CRC
[  359.236445][ T6973] usb 6-1: config 0 descriptor??
[  359.308794][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.488344][T11733] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  359.539716][T11733] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  359.581471][ T5821] usb 6-1: USB disconnect, device number 13
[  359.694269][T11727] chnl_net:caif_netlink_parms(): no params data found
[  360.152851][T11727] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.164788][T11727] bridge0: port 1(bridge_slave_0) entered disabled state
[  360.174266][T11727] bridge_slave_0: entered allmulticast mode
[  360.202124][T11727] bridge_slave_0: entered promiscuous mode
[  360.295203][T11727] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.359510][ T5784] Bluetooth: hci1: command tx timeout
[  360.367066][T11727] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.391061][T11727] bridge_slave_1: entered allmulticast mode
[  360.441069][T11727] bridge_slave_1: entered promiscuous mode
[  360.603818][ T5919] hsr_slave_0: left promiscuous mode
[  360.631419][ T5919] hsr_slave_1: left promiscuous mode
[  360.658135][ T5919] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  360.688105][ T5919] batman_adv: batadv0: Removing interface: batadv_slave_0
[  360.697976][ T5919] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  360.719448][ T5919] batman_adv: batadv0: Removing interface: batadv_slave_1
[  360.746889][ T5919] bridge_slave_1: left allmulticast mode
[  360.766958][ T5919] bridge_slave_1: left promiscuous mode
[  360.807608][ T5919] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.879666][ T5919] bridge_slave_0: left allmulticast mode
[  360.925624][ T5919] bridge_slave_0: left promiscuous mode
[  360.935974][ T5919] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.061938][T11788] loop0: detected capacity change from 0 to 164
[  361.088145][T11788] ISOFS: unable to read i-node block
[  361.108496][ T5919] veth1_macvtap: left promiscuous mode
[  361.111027][T11788] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  361.132191][ T5919] veth0_macvtap: left promiscuous mode
[  361.151531][ T5919] veth1_vlan: left promiscuous mode
[  361.156916][ T5919] veth0_vlan: left promiscuous mode
[  361.279636][T11788] loop0: detected capacity change from 164 to 1
[  361.416739][T11788] ISOFS: unable to read i-node block
[  361.858084][ T5919] bond1 (unregistering): Released all slaves
[  362.439574][ T5784] Bluetooth: hci1: command tx timeout
[  362.571600][ T5919] team0 (unregistering): Port device team_slave_1 removed
[  362.653360][ T5919] team0 (unregistering): Port device team_slave_0 removed
[  362.724492][ T5919] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  362.811930][ T5919] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  363.371263][ T5919] bond0 (unregistering): Released all slaves
[  363.531274][T11727] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  363.555801][T11807] netlink: 'syz.0.1208': attribute type 4 has an invalid length.
[  363.635592][T11808] netlink: 'syz.0.1208': attribute type 4 has an invalid length.
[  363.696413][T11727] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  363.792386][T11727] team0: Port device team_slave_0 added
[  363.835708][T11727] team0: Port device team_slave_1 added
[  363.890233][T11816] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1211'.
[  364.165957][T11727] batman_adv: batadv0: Adding interface: batadv_slave_0
[  364.183362][T11727] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  364.240416][T11727] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  364.255078][T11727] batman_adv: batadv0: Adding interface: batadv_slave_1
[  364.266258][T11727] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  364.299383][T11727] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  364.439369][ T6973] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  364.495997][T11727] hsr_slave_0: entered promiscuous mode
[  364.518214][T11727] hsr_slave_1: entered promiscuous mode
[  364.524667][ T5784] Bluetooth: hci1: command tx timeout
[  364.531938][T11727] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  364.551287][T11727] Cannot create hsr debugfs directory
[  364.639385][ T6973] usb 6-1: Using ep0 maxpacket: 16
[  364.649060][ T6973] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40
[  364.668249][ T6973] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.695335][T11837] loop0: detected capacity change from 0 to 512
[  364.703431][ T6973] usb 6-1: Product: syz
[  364.707633][ T6973] usb 6-1: Manufacturer: syz
[  364.719578][ T6973] usb 6-1: SerialNumber: syz
[  364.726809][T11837] EXT4-fs: Ignoring removed orlov option
[  364.771414][T11837] EXT4-fs: Ignoring removed mblk_io_submit option
[  364.835132][T11837] EXT4-fs error (device loop0): ext4_iget_extra_inode:4739: inode #15: comm syz.0.1216: corrupted in-inode xattr: e_value size too large
[  364.909480][T11837] EXT4-fs error (device loop0): ext4_orphan_get:1409: comm syz.0.1216: couldn't read orphan inode 15 (err -117)
[  364.923761][T11837] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  364.969845][T11844] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1218'.
[  365.030354][T11837] EXT4-fs error (device loop0): ext4_map_blocks:610: inode #2: block 12: comm syz.0.1216: lblock 3 mapped to illegal pblock 12 (length 1)
[  365.156621][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.323590][ T5784] Bluetooth: hci0: command 0x0406 tx timeout
[  365.551762][T11850] netlink: 'syz.8.1219': attribute type 12 has an invalid length.
[  365.574050][T11850] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1219'.
[  365.640082][T11850] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  365.648953][T11850] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  365.658356][T11850] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  365.667539][T11850] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  365.683984][T11850] netlink: 'syz.8.1219': attribute type 12 has an invalid length.
[  365.694786][T11850] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1219'.
[  365.953842][    T9] IPVS: starting estimator thread 0...
[  366.060090][T11872] IPVS: using max 18 ests per chain, 43200 per kthread
[  366.385056][ T6973] snd-usb-audio: probe of 6-1:1.0 failed with error -71
[  366.408444][ T6973] usb 6-1: USB disconnect, device number 14
[  366.599560][ T5783] Bluetooth: hci1: command tx timeout
[  366.695311][T11727] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  366.727891][T11727] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  366.768349][T11727] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  366.794474][T11727] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  366.955475][T11727] 8021q: adding VLAN 0 to HW filter on device bond0
[  367.009630][T11727] 8021q: adding VLAN 0 to HW filter on device team0
[  367.038716][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.046014][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  367.136259][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  367.143495][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  367.845016][T11727] 8021q: adding VLAN 0 to HW filter on device batadv0
[  367.942200][T11727] veth0_vlan: entered promiscuous mode
[  367.977722][T11727] veth1_vlan: entered promiscuous mode
[  368.060325][T11727] veth0_macvtap: entered promiscuous mode
[  368.079127][T11727] veth1_macvtap: entered promiscuous mode
[  368.144183][T11727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.175361][T11727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.201229][T11727] batman_adv: batadv0: Interface activated: batadv_slave_0
[  368.231425][T11727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.252323][T11727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.264130][T11727] batman_adv: batadv0: Interface activated: batadv_slave_1
[  368.303043][T11909] loop5: detected capacity change from 0 to 40427
[  368.324133][T11909] F2FS-fs (loop5): Fix alignment : done, start(4096) end(16896) block(12288)
[  368.336457][T11727] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  368.347415][T11909] F2FS-fs (loop5): invalid crc value
[  368.350788][T11727] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  368.365740][T11909] F2FS-fs (loop5): invalid crc value
[  368.378967][T11727] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  368.380732][T11909] F2FS-fs (loop5): Failed to get valid F2FS checkpoint
[  368.397186][T11727] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  368.626830][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.659114][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  368.677095][T11935] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1236'.
[  368.748403][ T5900] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.810435][ T5900] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  368.935151][T11940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1238'.
[  369.294746][T11948] loop1: detected capacity change from 0 to 16
[  369.314485][T11948] erofs: Unknown parameter '01777777777777777777777|V$Gé;%–¶gROzâ°IA¬fn¤ï¥sT±eÆM
[  369.314485][T11948] ù–g\õâò'
[  369.335541][T11946] loop2: detected capacity change from 0 to 7
[  369.386901][T11946]  loop2:
[  369.406226][T11946] loop2: partition table partially beyond EOD, truncated
[  370.191225][T11959] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  370.200192][T11959] overlayfs: missing 'lowerdir'
[  370.634471][T11968] tipc: Started in network mode
[  370.652195][T11968] tipc: Node identity f6b9719773, cluster identity 4711
[  370.684769][T11968] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  370.924430][T11968] syzkaller0: entered promiscuous mode
[  370.951325][T11968] syzkaller0: entered allmulticast mode
[  370.970927][T11968] tipc: Resetting bearer <eth:syzkaller0>
[  371.042536][T11967] tipc: Resetting bearer <eth:syzkaller0>
[  375.187609][T11967] tipc: Disabling bearer <eth:syzkaller0>
[  375.199523][T12006] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1255'.
[  375.209519][ T7822] tipc: Node number set to 2243522967
[  376.428194][T12089] gretap1: entered allmulticast mode
[  376.467862][T12089] team0: Port device gretap1 added
[  376.538706][T12089] bridge0: port 3(team0) entered blocking state
[  376.562147][T12089] bridge0: port 3(team0) entered disabled state
[  376.613210][T12089] team0: entered allmulticast mode
[  376.638177][T12089] team_slave_0: entered allmulticast mode
[  376.652064][T12089] team_slave_1: entered allmulticast mode
[  376.677267][T12089] team0: entered promiscuous mode
[  376.688258][T12089] team_slave_0: entered promiscuous mode
[  376.727447][T12089] team_slave_1: entered promiscuous mode
[  376.771170][T12089] gretap1: entered promiscuous mode
[  377.266425][T12113] gretap2: entered allmulticast mode
[  377.337887][T12113] team0: Port device gretap2 added
[  377.357001][T12118] bridge0: port 3(team0) entered blocking state
[  377.386239][T12118] bridge0: port 3(team0) entered disabled state
[  377.395667][T12118] team0: entered allmulticast mode
[  377.401790][T12118] team_slave_0: entered allmulticast mode
[  377.407685][T12118] team_slave_1: entered allmulticast mode
[  377.436375][T12118] team0: entered promiscuous mode
[  377.464944][T12118] team_slave_0: entered promiscuous mode
[  377.486723][T12118] team_slave_1: entered promiscuous mode
[  377.514645][T12118] gretap2: entered promiscuous mode
[  377.691683][T12128] loop0: detected capacity change from 0 to 512
[  377.711585][T12128] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  377.788099][T12128] EXT4-fs (loop0): 1 truncate cleaned up
[  377.802720][T12128] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.072614][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.603956][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  378.610603][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  378.877015][T12166] netlink: 'syz.0.1286': attribute type 1 has an invalid length.
[  379.003478][T12166] 8021q: adding VLAN 0 to HW filter on device bond1
[  379.058380][T12169] bond1: entered promiscuous mode
[  379.163421][T12166] bond1: (slave dummy0): making interface the new active one
[  379.201522][T12166] dummy0: entered promiscuous mode
[  379.236391][T12166] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  379.308111][T12165] bond1: left promiscuous mode
[  379.340568][T12165] dummy0: left promiscuous mode
[  379.528698][T12179] gretap1: entered allmulticast mode
[  379.611123][T12179] team0: Port device gretap1 added
[  379.651538][T12183] bridge0: port 3(team0) entered blocking state
[  379.679811][T12183] bridge0: port 3(team0) entered disabled state
[  379.700116][T12183] team0: entered allmulticast mode
[  379.705307][T12183] team_slave_1: entered allmulticast mode
[  379.764407][T12183] team0: entered promiscuous mode
[  379.792925][T12183] team_slave_1: entered promiscuous mode
[  379.814774][T12183] gretap1: entered promiscuous mode
[  379.838335][T12183] bridge0: port 3(team0) entered blocking state
[  379.845231][T12183] bridge0: port 3(team0) entered forwarding state
[  380.725255][T12190] loop1: detected capacity change from 0 to 32768
[  380.783895][T12190] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  380.879095][T12190] XFS (loop1): Ending clean mount
[  381.090570][T12223] loop0: detected capacity change from 0 to 512
[  381.132796][T12223] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  381.184998][T12223] EXT4-fs (loop0): 1 truncate cleaned up
[  381.248946][T12223] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.302449][T11727] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  381.500673][T12235] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1299'.
[  381.976284][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.819703][ T7822] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  383.009841][ T7822] usb 1-1: Using ep0 maxpacket: 32
[  383.027763][ T7822] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  383.053302][ T7822] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  383.104562][ T7822] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  383.128784][ T7822] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  383.187802][ T7822] usb 1-1: config 0 interface 0 has no altsetting 0
[  383.212546][ T7822] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  383.227735][ T7822] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  383.259769][ T7822] usb 1-1: Product: syz
[  383.264060][ T7822] usb 1-1: Manufacturer: syz
[  383.268693][ T7822] usb 1-1: SerialNumber: syz
[  383.281638][T12296] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1315'.
[  383.302607][ T7822] usb 1-1: config 0 descriptor??
[  383.331342][ T7822] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  383.373214][ T7822] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  383.419119][T12300] ipip1: entered promiscuous mode
[  383.435630][T12300] ipip1: entered allmulticast mode
[  383.593136][ T7822] usb 1-1: USB disconnect, device number 9
[  383.599064][    C1] ldusb 1-1:0.0: usb_submit_urb failed (-19)
[  383.622248][ T7822] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  383.888599][T12319] ldusb: No device or device unplugged -19
[  383.925282][T12319] ldusb: No device or device unplugged -19
[  383.942197][T12319] ldusb: No device or device unplugged -19
[  383.954307][T12319] ldusb: No device or device unplugged -19
[  384.252621][T12304] loop5: detected capacity change from 0 to 40427
[  384.272722][T12304] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  384.318017][T12304] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  384.381242][T12304] F2FS-fs (loop5): Found nat_bits in checkpoint
[  384.582685][T12304] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  384.603754][T12304] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  384.793532][   T27] audit: type=1804 audit(1782226817.550:45): pid=12304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1318" name="/newroot/165/file0/bus" dev="loop5" ino=10 res=1 errno=0
[  385.196942][T12360] loop0: detected capacity change from 0 to 512
[  385.215181][T12360] EXT4-fs: Ignoring removed oldalloc option
[  385.290390][T12360] EXT4-fs (loop0): Test dummy encryption mode enabled
[  385.440961][T12360] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.477969][T12341] loop1: detected capacity change from 0 to 32768
[  385.620685][T12360] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  385.975796][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.959720][ T7822] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  387.054067][T12412] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1338'.
[  387.152556][ T7822] usb 2-1: config 0 interface 0 altsetting 255 endpoint 0x4 has an invalid bInterval 0, changing to 4
[  387.193137][ T7822] usb 2-1: config 0 interface 0 has no altsetting 0
[  387.228146][ T7822] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  387.245850][ T7822] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  387.268638][ T7822] usb 2-1: Product: syz
[  387.275288][ T7822] usb 2-1: Manufacturer: syz
[  387.283874][ T7822] usb 2-1: SerialNumber: syz
[  387.295181][ T7822] usb 2-1: config 0 descriptor??
[  387.302913][T12397] loop0: detected capacity change from 0 to 32768
[  387.317210][ T7822] usb 2-1: selecting invalid altsetting 0
[  387.352837][T12397] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  387.425363][T12397] XFS (loop0): Ending clean mount
[  387.643595][ T5156] usb 2-1: USB disconnect, device number 4
[  387.643606][    C1] usb 2-1: Unable to submit urb #2: -19 at snd_usb_queue_pending_output_urbs
[  387.644200][    C1] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  387.818398][ T9550] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  388.002707][T12441] xt_hashlimit: size too large, truncated to 1048576
[  388.049420][ T7822] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  388.249766][ T7822] usb 6-1: Using ep0 maxpacket: 32
[  388.258695][ T7822] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  388.289402][ T7822] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  388.310765][ T7822] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  388.329605][ T7822] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.348610][ T7822] usb 6-1: config 0 descriptor??
[  388.372360][ T7822] hub 6-1:0.0: USB hub found
[  388.596853][ T7822] hub 6-1:0.0: 1 port detected
[  388.859409][ T5156] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  389.085494][ T5156] usb 2-1: config 0 has no interfaces?
[  389.099350][ T5156] usb 2-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  389.108459][ T5156] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.137396][ T5156] usb 2-1: config 0 descriptor??
[  389.240268][ T7822] hub 6-1:0.0: activate --> -90
[  389.451224][ T5156] usb 2-1: USB disconnect, device number 5
[  389.646739][   T28] usb 6-1: USB disconnect, device number 15
[  389.652988][ T7822] usb 6-1-port1: config error
[  390.360696][T12488] loop5: detected capacity change from 0 to 256
[  390.438049][T12488] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001fe89, chksum : 0xbd11d127, utbl_chksum : 0xe619d30d)
[  390.747409][T12495] loop1: detected capacity change from 0 to 512
[  390.781889][T12495] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  390.830587][T12495] EXT4-fs (loop1): 1 truncate cleaned up
[  390.851108][T12495] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  391.378849][T11727] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.791558][T12556] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  393.435341][T12579] bond1: entered allmulticast mode
[  393.561822][T12579] ipip0: entered promiscuous mode
[  393.566994][T12579] ipip0: entered allmulticast mode
[  393.572964][T12579] bond1: (slave ipip0): The slave device specified does not support setting the MAC address
[  393.587142][T12579] bond1: (slave ipip0): Error -95 calling set_mac_address
[  393.808177][   T27] audit: type=1326 audit(2000000007.250:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12593 comm="syz.5.1379" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f718a39ce59 code=0x0
[  395.026259][T12632] loop0: detected capacity change from 0 to 512
[  395.088333][T12632] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1388'.
[  395.375510][T12618] loop1: detected capacity change from 0 to 32768
[  395.387502][T12618] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1383 (12618)
[  395.416294][T12618] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  395.443938][T12618] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  395.471824][T12618] BTRFS info (device loop1): using free space tree
[  395.617399][T12618] BTRFS info (device loop1): enabling ssd optimizations
[  395.640290][T12618] BTRFS info (device loop1): auto enabling async discard
[  395.807823][T11727] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  396.050386][ T5783] Bluetooth: hci3: command 0x0406 tx timeout
[  396.780242][ T5841] IPVS: starting estimator thread 0...
[  396.899578][T12688] IPVS: using max 19 ests per chain, 45600 per kthread
[  399.498765][T12753] loop5: detected capacity change from 0 to 64
[  400.102198][T12773] bridge0: entered allmulticast mode
[  400.893757][T12801] netlink: 228 bytes leftover after parsing attributes in process `syz.0.1428'.
[  403.133257][T12862] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.140911][T12862] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.162339][T12862] bridge0: entered allmulticast mode
[  403.224097][T12866] bridge_slave_1: left allmulticast mode
[  403.249503][T12866] bridge_slave_1: left promiscuous mode
[  403.280177][T12866] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.348782][T12866] bridge_slave_0: left allmulticast mode
[  403.399587][T12866] bridge_slave_0: left promiscuous mode
[  403.405415][T12866] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.939396][   T27] audit: type=1800 audit(2000000529.374:47): pid=12874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1434" name="file0" dev="overlay" ino=1094 res=0 errno=0
[  404.238263][T12887] overlayfs: failed to clone upperpath
[  404.280639][T12887] overlayfs: failed to clone lowerpath
[  404.536312][T12899] loop5: detected capacity change from 0 to 512
[  404.576136][T12899] EXT4-fs: Ignoring removed nobh option
[  404.623681][T12899] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  404.751740][T12899] EXT4-fs (loop5): 1 truncate cleaned up
[  404.805808][T12899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  405.066684][ T8907] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.348602][T12930] loop1: detected capacity change from 0 to 40427
[  406.410180][T12930] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  406.417983][T12930] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  406.515204][T12930] F2FS-fs (loop1): Found nat_bits in checkpoint
[  406.758084][T12930] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  406.786022][T12930] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  407.002046][   T27] audit: type=1804 audit(2000000788.449:48): pid=12930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1448" name="/newroot/50/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  407.093288][T12964] loop0: detected capacity change from 0 to 32768
[  407.129717][T12964] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop0 scanned by syz.0.1458 (12964)
[  407.186525][T12930] F2FS-fs (loop1): Stopped filesystem due to reason: 0
[  407.212346][T12964] BTRFS info (device loop0): first mount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b
[  407.235941][T12964] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  407.258611][T12964] BTRFS info (device loop0): using free space tree
[  407.461090][T12964] BTRFS info (device loop0): enabling ssd optimizations
[  407.468124][T12964] BTRFS info (device loop0): auto enabling async discard
[  407.691367][T12964] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[  407.864090][ T9550] BTRFS info (device loop0): last unmount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b
[  408.232723][T12430] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 10 /dev/loop0 scanned by udevd (12430)
[  409.414989][T13071] netlink: 'syz.8.1478': attribute type 4 has an invalid length.
[  409.725945][T13058] loop5: detected capacity change from 0 to 32768
[  409.751387][T13058] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1475 (13058)
[  409.834478][T13058] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  409.877616][T13058] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  409.916607][T13058] BTRFS info (device loop5): force clearing of disk cache
[  409.960406][T13058] BTRFS info (device loop5): metadata ratio 0
[  409.978387][T13058] BTRFS info (device loop5): enabling ssd optimizations
[  409.999679][T13058] BTRFS info (device loop5): using spread ssd allocation scheme
[  410.007474][T13058] BTRFS info (device loop5): using free space tree
[  410.058707][T13068] loop0: detected capacity change from 0 to 128
[  410.268084][T13058] BTRFS info (device loop5): auto enabling async discard
[  410.310363][T13058] BTRFS info (device loop5): rebuilding free space tree
[  410.657954][   T49] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  410.965627][ T8907] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  411.847202][T13146] loop0: detected capacity change from 0 to 1024
[  411.980901][T13146] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  412.573185][T13146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.784019][T13157] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1491'.
[  412.809577][T13157] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  412.817528][T13157] IPv6: NLM_F_CREATE should be set when creating new route
[  412.825685][T13157] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  412.832978][T13157] IPv6: NLM_F_CREATE should be set when creating new route
[  412.845096][   T27] audit: type=1800 audit(2000000794.299:49): pid=13146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1489" name="file1" dev="loop0" ino=15 res=0 errno=0
[  412.968208][T13146] EXT4-fs error (device loop0): xattr_find_entry:337: inode #15: comm syz.0.1489: corrupted xattr entries
[  413.183306][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.292825][T13170] netlink: 168 bytes leftover after parsing attributes in process `syz.5.1495'.
[  413.374396][T13176] netlink: 'syz.0.1496': attribute type 1 has an invalid length.
[  413.561616][T13176] 8021q: adding VLAN 0 to HW filter on device bond2
[  413.579141][   T27] audit: type=1326 audit(2000000795.029:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13185 comm="syz.5.1499" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f718a39ce59 code=0x0
[  413.642198][T13178] vlan2: entered allmulticast mode
[  413.689705][T13178] veth0_to_bond: entered allmulticast mode
[  413.722497][T13178] bond2: (slave vlan2): making interface the new active one
[  413.737593][T13178] bond2: (slave vlan2): Enslaving as an active interface with an up link
[  417.605123][T13243] loop1: detected capacity change from 0 to 128
[  417.965425][T13243] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  418.014805][T13243] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  418.233860][T13243] fscrypt: loop1: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  418.251110][T13256] fscrypt: loop1: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  418.376550][T11727] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  418.576612][T13263] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1520'.
[  419.039780][T13254] loop0: detected capacity change from 0 to 32768
[  419.175039][T13254] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  419.213041][T13254] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  419.306625][T13254] XFS (loop0): Ending clean mount
[  419.347131][T13254] XFS (loop0): Quotacheck needed: Please wait.
[  419.489803][T13254] XFS (loop0): Quotacheck: Done.
[  419.916442][ T9550] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  422.478364][T13397] netlink: 164 bytes leftover after parsing attributes in process `syz.5.1551'.
[  422.671403][T13402] loop5: detected capacity change from 0 to 2048
[  422.761902][T13402] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  422.962644][T13417] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  422.980449][T13417] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  422.992990][T13417] EXT4-fs (loop5): This should not happen!! Data will be lost
[  422.992990][T13417] 
[  423.003162][T13417] EXT4-fs (loop5): Total free blocks count 0
[  423.010575][T13417] EXT4-fs (loop5): Free/Dirty block details
[  423.017783][T13417] EXT4-fs (loop5): free_blocks=2415919104
[  423.025855][T13417] EXT4-fs (loop5): dirty_blocks=64
[  423.032156][T13417] EXT4-fs (loop5): Block reservation details
[  423.038354][T13417] EXT4-fs (loop5): i_reserved_data_blocks=4
[  423.657403][ T5919] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  424.071920][T13437] loop0: detected capacity change from 0 to 4096
[  424.104491][T13443] loop1: detected capacity change from 0 to 128
[  424.124343][T13443] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[  424.138438][T13444] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  424.152692][T13437] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  424.226212][   T27] audit: type=1800 audit(2000000805.679:51): pid=13443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1565" name="bus" dev="loop1" ino=1048662 res=0 errno=0
[  424.262871][T13437] NILFS (loop0): mounting fs with errors
[  424.319645][ T5822] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  424.333020][T13437] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 159744
[  424.354965][T13437] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15)
[  424.395698][T13437] NILFS (loop0): error -5 truncating bmap (ino=15)
[  424.496303][   T27] audit: type=1800 audit(2000000805.949:52): pid=13449 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1563" name="file1" dev="loop0" ino=16 res=0 errno=0
[  424.535911][ T5822] usb 6-1: Using ep0 maxpacket: 8
[  424.558533][ T5822] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  424.598887][ T5822] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  424.627604][ T5822] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  424.648047][ T5822] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  424.681463][ T5822] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  424.707004][ T5822] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.960226][T13441] loop2: detected capacity change from 0 to 7
[  425.005085][T13441]  loop2: [POWERTEC] p1 p2 p3
[  425.025841][T13441] loop2: p1 size 17891328 extends beyond EOD, truncated
[  425.073930][T13441] loop2: p2 start 4097 is beyond EOD, truncated
[  425.082560][T13441] loop2: p3 start 268435456 is beyond EOD, truncated
[  425.115136][ T5822] usb 6-1: usb_control_msg returned -71
[  425.138248][ T5822] usbtmc 6-1:16.0: can't read capabilities
[  425.166330][ T5822] usb 6-1: USB disconnect, device number 16
[  425.216594][T12430] udevd[12430]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  425.477198][   T27] audit: type=1326 audit(2000000806.929:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.1.1570" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc78359ce59 code=0x0
[  426.146327][T13492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1573'.
[  426.193975][T13497] loop5: detected capacity change from 0 to 1024
[  426.210441][T13497] EXT4-fs: inline encryption not supported
[  426.259483][T13497] EXT4-fs: Ignoring removed bh option
[  426.298960][T13497] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  426.394102][T13497] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.657730][ T8907] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.181844][ T5900] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.518997][ T5900] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.751450][T13529] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1586'.
[  427.832158][ T5900] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  428.010507][ T5900] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  428.234436][ T5783] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  428.247845][ T5783] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  428.260740][ T5783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  428.285980][ T5783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  428.300939][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  428.308395][ T5783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  429.420560][T13546] chnl_net:caif_netlink_parms(): no params data found
[  429.958847][T13546] bridge0: port 1(bridge_slave_0) entered blocking state
[  429.979849][T13546] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.997443][T13546] bridge_slave_0: entered allmulticast mode
[  430.010844][T13546] bridge_slave_0: entered promiscuous mode
[  430.036535][T13592] loop5: detected capacity change from 0 to 2048
[  430.192528][T13546] bridge0: port 2(bridge_slave_1) entered blocking state
[  430.207279][T13546] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.235656][T13546] bridge_slave_1: entered allmulticast mode
[  430.243642][T13598] overlayfs: failed to clone upperpath
[  430.259680][T13546] bridge_slave_1: entered promiscuous mode
[  430.354903][T13546] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  430.457677][ T5783] Bluetooth: hci1: command tx timeout
[  430.472822][T13546] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  430.568603][ T5900] hsr_slave_0: left promiscuous mode
[  430.584511][ T5900] hsr_slave_1: left promiscuous mode
[  430.593468][ T5900] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  430.606024][ T5900] batman_adv: batadv0: Removing interface: batadv_slave_0
[  430.617680][ T5900] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  430.635884][ T5900] batman_adv: batadv0: Removing interface: batadv_slave_1
[  430.725400][ T5900] veth1_macvtap: left promiscuous mode
[  430.755798][ T5900] veth0_macvtap: left promiscuous mode
[  430.784679][ T5900] veth1_vlan: left promiscuous mode
[  430.804883][ T5900] veth0_vlan: left promiscuous mode
[  431.211532][ T5900] bond1 (unregistering): Released all slaves
[  432.024562][T13620] loop0: detected capacity change from 0 to 40427
[  432.032559][T13620] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  432.069369][T13620] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  432.112735][T13620] F2FS-fs (loop0): Found nat_bits in checkpoint
[  432.235684][T13620] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  432.263811][T13620] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  432.436505][   T27] audit: type=1804 audit(2000000813.879:54): pid=13620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1604" name="/newroot/187/file0/bus" dev="loop0" ino=10 res=1 errno=0
[  432.528359][ T5783] Bluetooth: hci1: command tx timeout
[  432.864706][T13653] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000
[  433.177882][ T5900] team0 (unregistering): Port device team_slave_1 removed
[  433.250705][ T5900] team0 (unregistering): Port device team_slave_0 removed
[  433.334653][ T5900] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  433.436254][ T5900] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  433.849432][ T6976] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  433.982567][ T5900] bond0 (unregistering): Released all slaves
[  434.029560][ T6976] usb 1-1: Using ep0 maxpacket: 16
[  434.041358][ T6976] usb 1-1: config 0 has an invalid interface number: 34 but max is 0
[  434.076791][ T6976] usb 1-1: config 0 has no interface number 0
[  434.088159][ T6976] usb 1-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023
[  434.099041][ T6976] usb 1-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80
[  434.114285][ T6976] usb 1-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[  434.134370][T13546] team0: Port device team_slave_0 added
[  434.140995][ T6976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.156251][T13546] team0: Port device team_slave_1 added
[  434.162439][ T6976] usb 1-1: Product: syz
[  434.166639][ T6976] usb 1-1: Manufacturer: syz
[  434.181222][ T6976] usb 1-1: SerialNumber: syz
[  434.203633][ T6976] usb 1-1: config 0 descriptor??
[  434.223903][T13664] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  434.270441][T13664] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  434.302015][T13546] batman_adv: batadv0: Adding interface: batadv_slave_0
[  434.309097][T13546] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  434.335051][    C0] vkms_vblank_simulate: vblank timer overrun
[  434.356856][T13546] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  434.435340][T13668] netlink: 'syz.8.1614': attribute type 1 has an invalid length.
[  434.550184][T13668] 8021q: adding VLAN 0 to HW filter on device bond4
[  434.558364][T13546] batman_adv: batadv0: Adding interface: batadv_slave_1
[  434.566134][T13546] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  434.599425][ T5783] Bluetooth: hci1: command tx timeout
[  434.618023][T13546] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  434.642016][T13664] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  434.662446][T13664] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  434.725978][T13546] hsr_slave_0: entered promiscuous mode
[  434.748593][T13546] hsr_slave_1: entered promiscuous mode
[  434.775612][T13546] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  434.783638][T13546] Cannot create hsr debugfs directory
[  434.810606][T13668] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  434.819999][T13668] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  434.849581][T13668] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  434.874289][T13668] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  434.892742][T13668] bond4: (slave geneve2): making interface the new active one
[  434.898481][ T6976] asix 1-1:0.34 (unnamed net_device) (uninitialized): invalid hw address, using random
[  434.920757][T13668] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  435.134758][T13684] overlayfs: failed to verify origin (245/file1, ino=1415, err=-116)
[  435.148731][T13684] overlayfs: failed to look up (file2) for ino (-116)
[  436.176354][T13546] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  436.194427][T13546] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  436.212996][T13546] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  436.226751][T13546] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  436.326182][ T6976] asix 1-1:0.34 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  436.347383][ T6976] asix 1-1:0.34 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  436.378603][ T6976] asix: probe of 1-1:0.34 failed with error -71
[  436.398194][T13546] 8021q: adding VLAN 0 to HW filter on device bond0
[  436.418523][ T6976] usb 1-1: USB disconnect, device number 10
[  436.471546][T13546] 8021q: adding VLAN 0 to HW filter on device team0
[  436.485461][ T5913] bridge0: port 1(bridge_slave_0) entered blocking state
[  436.492650][ T5913] bridge0: port 1(bridge_slave_0) entered forwarding state
[  436.510545][ T5900] bridge0: port 2(bridge_slave_1) entered blocking state
[  436.517708][ T5900] bridge0: port 2(bridge_slave_1) entered forwarding state
[  436.686440][ T5783] Bluetooth: hci1: command tx timeout
[  436.822668][T13546] 8021q: adding VLAN 0 to HW filter on device batadv0
[  437.155849][T13546] veth0_vlan: entered promiscuous mode
[  437.178869][T13546] veth1_vlan: entered promiscuous mode
[  437.224543][T13546] veth0_macvtap: entered promiscuous mode
[  437.236509][T13546] veth1_macvtap: entered promiscuous mode
[  437.261470][T13546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  437.272461][T13546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  437.283541][T13546] batman_adv: batadv0: Interface activated: batadv_slave_0
[  437.294063][T13546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  437.312921][T13546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  437.325280][T13546] batman_adv: batadv0: Interface activated: batadv_slave_1
[  437.357960][T13546] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  437.375028][T13546] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  437.384943][T13546] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  437.394037][T13546] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  437.536753][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  437.557359][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  437.589563][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  437.599181][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  438.321804][T13775] netlink: 'syz.5.1623': attribute type 10 has an invalid length.
[  438.380664][T13775] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  438.413809][T13775] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  438.456208][T13775] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  438.500058][T13775] team0: Failed to send options change via netlink (err -105)
[  438.540552][T13775] team0: Port device netdevsim0 added
[  439.231460][T13762] loop7: detected capacity change from 0 to 40427
[  439.266124][T13762] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  439.304941][T13762] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  439.387960][T13762] F2FS-fs (loop7): Found nat_bits in checkpoint
[  439.862515][T13762] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  439.962826][T13762] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  440.057204][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  440.068866][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  440.411113][   T27] audit: type=1804 audit(2000000821.849:55): pid=13762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1618" name="/newroot/1/file0/bus" dev="loop7" ino=10 res=1 errno=0
[  440.621821][T13825] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1637'.
[  440.893939][T13833] xt_bpf: check failed: parse error
[  441.749991][T13850] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1644'.
[  444.373557][T13927] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1664'.
[  445.251708][T13934] loop0: detected capacity change from 0 to 32768
[  445.287371][T13934] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1667 (13934)
[  445.350157][T13934] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  445.397122][T13934] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  445.424460][T13934] BTRFS info (device loop0): turning on sync discard
[  445.461378][T13934] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[  445.490509][T13934] BTRFS info (device loop0): use lzo compression, level 0
[  445.518116][T13934] BTRFS info (device loop0): turning on async discard
[  445.561403][T13934] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  445.602954][T13934] BTRFS info (device loop0): trying to use backup root at mount time
[  445.642025][T13934] BTRFS info (device loop0): enabling auto defrag
[  445.648521][T13934] BTRFS info (device loop0): using free space tree
[  445.835984][ T5913] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  445.892026][T13934] BTRFS error (device loop0): failed to load root extent
[  445.917526][T13934] BTRFS warning (device loop0): try to load backup roots slot 1
[  445.937013][ T5908] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  445.979911][T13934] BTRFS warning (device loop0): couldn't read tree root
[  446.004908][T13934] BTRFS warning (device loop0): try to load backup roots slot 2
[  446.023776][   T59] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  446.075108][T13934] BTRFS warning (device loop0): couldn't read tree root
[  446.114053][T13934] BTRFS warning (device loop0): try to load backup roots slot 3
[  446.199398][T13934] BTRFS info (device loop0): enabling ssd optimizations
[  446.246817][T13934] BTRFS info (device loop0): rebuilding free space tree
[  446.301791][T13934] BTRFS info (device loop0): checking UUID tree
[  446.400392][   T27] audit: type=1800 audit(2000000827.839:56): pid=13934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1667" name="file1" dev="loop0" ino=257 res=0 errno=0
[  446.910856][   T27] audit: type=1800 audit(2000000828.369:57): pid=13995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1667" name="file1" dev="loop0" ino=257 res=0 errno=0
[  447.136189][ T9550] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  447.553492][T14019] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1684'.
[  448.575372][T14049] fuse: Bad value for 'fd'
[  448.661134][T14053] vivid-001: disconnect
[  448.684283][T14051] vivid-001: reconnect
[  449.947634][T14085] loop5: detected capacity change from 0 to 512
[  451.074708][T14115] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1710'.
[  453.930065][T14167] fuse: Bad value for 'fd'
[  456.440786][T14218] netlink: 52 bytes leftover after parsing attributes in process `syz.8.1734'.
[  456.775811][T14226] loop5: detected capacity change from 0 to 512
[  456.813544][T14226] EXT4-fs: Ignoring removed bh option
[  456.843170][T14226] EXT4-fs: Ignoring removed mblk_io_submit option
[  456.880196][T14226] EXT4-fs: Ignoring removed bh option
[  456.898960][T14226] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  456.982701][T14226] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  457.020840][T14226] ext4 filesystem being mounted at /275/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  457.076498][ T8907] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.095211][T14295] overlayfs: failed to clone upperpath
[  459.262387][T14300] netlink: 'syz.8.1755': attribute type 1 has an invalid length.
[  459.304022][T14300] 8021q: adding VLAN 0 to HW filter on device bond5
[  459.379757][T14300] bond5: (slave geneve3): making interface the new active one
[  459.389822][T14300] bond5: (slave geneve3): Enslaving as an active interface with an up link
[  460.298631][T14338] loop0: detected capacity change from 0 to 1024
[  460.353003][T14338] ext4: Unknown parameter 'nouser_xattr'
[  461.437610][T14370] netlink: 1036 bytes leftover after parsing attributes in process `syz.7.1774'.
[  462.787322][T14420] loop5: detected capacity change from 0 to 512
[  462.805165][T14420] EXT4-fs: Ignoring removed nobh option
[  462.878045][T14420] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002]
[  462.955553][T14420] System zones: 1-12
[  462.988125][T14420] EXT4-fs error (device loop5): ext4_iget_extra_inode:4739: inode #15: comm syz.5.1787: corrupted in-inode xattr: e_value size too large
[  463.100625][T14420] EXT4-fs error (device loop5): ext4_orphan_get:1409: comm syz.5.1787: couldn't read orphan inode 15 (err -117)
[  463.194197][T14420] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  463.489803][T14420] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  464.175345][ T8907] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  464.409653][  T787] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  464.609869][  T787] usb 1-1: Using ep0 maxpacket: 32
[  464.617393][  T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  464.634670][  T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  464.645570][  T787] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  464.655347][  T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.674601][  T787] usb 1-1: config 0 descriptor??
[  465.114179][  T787] ft260 0003:0403:6030.000B: unknown main item tag 0x0
[  465.150367][  T787] ft260 0003:0403:6030.000B: unknown main item tag 0x0
[  465.307229][  T787] ft260 0003:0403:6030.000B: chip code: 0000 0000
[  465.346508][T14482] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  465.507918][  T787] ft260 0003:0403:6030.000B: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.0-1/input0
[  465.730887][  T787] ft260 0003:0403:6030.000B: failed to retrieve status: -32, no wakeup
[  465.893436][T14496] loop5: detected capacity change from 0 to 8192
[  465.952573][T14496] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  465.979985][T14442] i2c i2c-1: adapter quirk: 2nd comb msg must be read (addr 0x0007, size 0, write)
[  466.004646][ T5156] usb 1-1: USB disconnect, device number 11
[  467.629577][T14542] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1807'.
[  468.718685][T14575] loop0: detected capacity change from 0 to 4096
[  468.732953][T14575] overlayfs: failed to get inode (-116)
[  468.756173][T14575] overlayfs: failed to get inode (-116)
[  468.765657][T14575] overlayfs: failed to get inode (-116)
[  468.792994][T14575] overlayfs: failed to get inode (-116)
[  468.831232][T14575] overlayfs: failed to get inode (-116)
[  468.855498][T14575] overlayfs: failed to get inode (-116)
[  468.880007][T14575] overlayfs: failed to get inode (-116)
[  469.136951][T14583] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  469.144551][T14583] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  469.190448][T14583] hsr0: entered promiscuous mode
[  469.210726][T14583] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1816'.
[  470.795320][T14640] syz_tun: entered allmulticast mode
[  470.826209][T14639] syz_tun: left allmulticast mode
[  470.850501][T14638] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1831'.
[  470.993984][T14646] netlink: 'syz.8.1834': attribute type 1 has an invalid length.
[  471.062747][T14646] 8021q: adding VLAN 0 to HW filter on device bond6
[  473.075101][T14710] hsr0: entered promiscuous mode
[  473.111961][T14710] gretap1: entered allmulticast mode
[  473.159692][T14712] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  473.476551][T14726] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1854'.
[  473.800641][T14734] ref_ctr increment failed for inode: 0x13e offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff888078e54280
[  473.929943][T14742] fuse: Bad value for 'fd'
[  474.626581][   T27] audit: type=1800 audit(2000000856.079:58): pid=14738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1857" name="/" dev="fuse" ino=4 res=0 errno=0
[  474.679813][T14774] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  474.870834][T14782] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1870'.
[  474.903482][T14782] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1870'.
[  475.934520][T14807] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  476.794496][T14840] lo speed is unknown, defaulting to 1000
[  476.801311][T14840] lo speed is unknown, defaulting to 1000
[  476.812894][T14840] lo speed is unknown, defaulting to 1000
[  476.827426][T14840] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  476.847749][T14840] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  476.910896][T14840] lo speed is unknown, defaulting to 1000
[  476.918852][T14840] lo speed is unknown, defaulting to 1000
[  476.927267][T14840] lo speed is unknown, defaulting to 1000
[  476.934431][T14840] lo speed is unknown, defaulting to 1000
[  476.942403][T14840] lo speed is unknown, defaulting to 1000
[  477.169149][T14854] loop0: detected capacity change from 0 to 128
[  477.243939][T14854] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  477.287900][T14854] ext4 filesystem being mounted at /242/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  477.573639][ T9550] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  477.719090][T14871] loop0: detected capacity change from 0 to 512
[  477.757231][T14871] EXT4-fs (loop0): orphan cleanup on readonly fs
[  477.825735][T14871] EXT4-fs (loop0): 1 orphan inode deleted
[  477.835069][T14871] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  478.013667][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.833466][   T27] audit: type=1326 audit(2000000861.289:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  479.917415][   T27] audit: type=1326 audit(2000000861.289:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  479.973173][   T27] audit: type=1326 audit(2000000861.289:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  480.020296][T14957] overlayfs: failed to clone upperpath
[  480.038659][   T27] audit: type=1326 audit(2000000861.289:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  480.099391][   T27] audit: type=1326 audit(2000000861.289:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  480.166490][   T27] audit: type=1326 audit(2000000861.289:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  480.261915][   T27] audit: type=1326 audit(2000000861.289:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  480.311979][T14963] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1920'.
[  480.338960][   T27] audit: type=1326 audit(2000000861.289:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  480.425086][   T27] audit: type=1326 audit(2000000861.289:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  480.509374][   T27] audit: type=1326 audit(2000000861.289:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.7.1915" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  480.985068][T14952] loop0: detected capacity change from 0 to 32768
[  481.094856][T14952] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  481.299061][T14952] XFS (loop0): Ending clean mount
[  481.606689][ T9550] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  481.658215][T15000] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1925'.
[  481.677450][T15000] syzkaller1: entered promiscuous mode
[  481.683135][T15000] syzkaller1: entered allmulticast mode
[  482.336688][T15025] loop5: detected capacity change from 0 to 256
[  485.122002][ T5784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  485.138794][ T5784] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  485.171339][ T5784] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  485.184070][ T5784] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  485.197433][ T5784] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  485.207701][ T5784] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  485.488964][T15109] netlink: 'syz.0.1952': attribute type 4 has an invalid length.
[  485.616733][T15094] chnl_net:caif_netlink_parms(): no params data found
[  485.718125][T15094] bridge0: port 1(bridge_slave_0) entered blocking state
[  485.728753][T15094] bridge0: port 1(bridge_slave_0) entered disabled state
[  485.738977][T15094] bridge_slave_0: entered allmulticast mode
[  485.751982][T15094] bridge_slave_0: entered promiscuous mode
[  485.767396][T15094] bridge0: port 2(bridge_slave_1) entered blocking state
[  485.776709][T15094] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.790896][T15094] bridge_slave_1: entered allmulticast mode
[  485.798684][T15094] bridge_slave_1: entered promiscuous mode
[  485.840798][T15094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  485.854538][T15094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  485.917097][T15094] team0: Port device team_slave_0 added
[  485.934475][T15094] team0: Port device team_slave_1 added
[  486.016312][T15094] batman_adv: batadv0: Adding interface: batadv_slave_0
[  486.032428][T15094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  486.071717][T15094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  486.085438][T15094] batman_adv: batadv0: Adding interface: batadv_slave_1
[  486.096927][T15094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  486.129654][T15094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  486.298436][T15094] hsr_slave_0: entered promiscuous mode
[  486.307004][T15094] hsr_slave_1: entered promiscuous mode
[  486.324130][T15094] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  486.349979][T15094] Cannot create hsr debugfs directory
[  487.048159][   T27] kauditd_printk_skb: 47 callbacks suppressed
[  487.048253][   T27] audit: type=1326 audit(2000000868.499:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  487.113483][   T27] audit: type=1326 audit(2000000868.569:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  487.151072][   T27] audit: type=1326 audit(2000000868.569:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  487.193774][   T27] audit: type=1326 audit(2000000868.569:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  487.226209][   T27] audit: type=1326 audit(2000000868.569:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  487.281661][   T27] audit: type=1326 audit(2000000868.569:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  487.316252][   T27] audit: type=1326 audit(2000000868.569:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  487.320934][ T5783] Bluetooth: hci0: command tx timeout
[  487.347918][   T27] audit: type=1326 audit(2000000868.569:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  487.376967][   T27] audit: type=1326 audit(2000000868.569:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  487.402433][   T27] audit: type=1326 audit(2000000868.569:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.7.1962" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fc60f59ce59 code=0x7ffc0000
[  488.157799][T15094] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  488.172858][T15094] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  488.213007][T15094] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  488.239449][T15094] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  488.306620][T15184] overlayfs: failed to clone upperpath
[  488.484111][T15094] 8021q: adding VLAN 0 to HW filter on device bond0
[  488.541430][T15094] 8021q: adding VLAN 0 to HW filter on device team0
[  488.586265][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.593499][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.624996][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.632306][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.688864][T15188] netlink: 'syz.8.1970': attribute type 1 has an invalid length.
[  488.747359][T15188] 8021q: adding VLAN 0 to HW filter on device bond7
[  488.785617][T15189] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1970'.
[  489.396589][T15094] 8021q: adding VLAN 0 to HW filter on device batadv0
[  489.403535][ T5783] Bluetooth: hci0: command tx timeout
[  489.751956][T15216] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  490.193005][T15094] veth0_vlan: entered promiscuous mode
[  490.225792][T15094] veth1_vlan: entered promiscuous mode
[  490.338378][T15094] veth0_macvtap: entered promiscuous mode
[  490.360535][T15233] overlayfs: failed to clone upperpath
[  490.369082][T15094] veth1_macvtap: entered promiscuous mode
[  490.437030][T15094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  490.469221][T15094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.479209][T15094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  490.515495][T15094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.543924][T15094] batman_adv: batadv0: Interface activated: batadv_slave_0
[  490.601146][T15094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  490.649339][T15094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.699547][T15094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  490.739454][T15094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.770913][T15094] batman_adv: batadv0: Interface activated: batadv_slave_1
[  490.805422][T15094] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  490.831603][T15094] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  490.867208][T15094] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  490.889345][T15094] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  491.200421][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  491.216449][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.278295][T15237] loop0: detected capacity change from 0 to 40427
[  491.315359][T15237] F2FS-fs (loop0): invalid crc value
[  491.343547][T15237] F2FS-fs (loop0): Found nat_bits in checkpoint
[  491.380548][   T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  491.388414][   T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.491407][ T5783] Bluetooth: hci0: command tx timeout
[  491.598411][T15237] F2FS-fs (loop0): Start checkpoint disabled!
[  491.740661][T15237] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  491.865905][T15237] syz.0.1983: attempt to access beyond end of device
[  491.865905][T15237] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  492.265298][   T49] kworker/u4:3: attempt to access beyond end of device
[  492.265298][   T49] loop0: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  492.309210][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  492.330367][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  492.358167][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  493.569832][ T5783] Bluetooth: hci0: command tx timeout
[  494.524067][T15345] loop6: detected capacity change from 0 to 164
[  494.574888][T15341] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  495.050092][T15355] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -6351, delta: 1
[  495.079702][T15355] ref_ctr increment failed for inode: 0x5e5 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880785a8000
[  496.369153][T15371] loop6: detected capacity change from 0 to 40427
[  496.387130][T15371] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x7ffff
[  496.396397][T15371] F2FS-fs (loop6): Image doesn't support compression
[  496.443193][T15371] F2FS-fs (loop6): Image doesn't support compression
[  496.467123][T15371] F2FS-fs (loop6): invalid crc value
[  496.500148][T15371] F2FS-fs (loop6): Found nat_bits in checkpoint
[  496.520602][T15402] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2028'.
[  496.662320][T15402] batman_adv: batadv0: Removing interface: batadv_slave_1
[  496.698802][T15371] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  496.858081][T15094] syz-executor: attempt to access beyond end of device
[  496.858081][T15094] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  496.921333][T15094] F2FS-fs (loop6): Remounting filesystem read-only
[  498.218503][T15447] 0xfffffffffffffffd-0x00000001ffff : ""
[  498.243642][T15447] mtd: partition "" is out of reach -- disabled
[  498.338531][T15447] ftl_cs: FTL header not found.
[  500.797344][T15517] ref_ctr_offset mismatch. inode: 0xc03 offset: 0x0 ref_ctr_offset(old): 0x2000000000c0 ref_ctr_offset(new): 0x1000000008
[  501.010866][T15524] loop0: detected capacity change from 0 to 512
[  501.037335][T15524] EXT4-fs (loop0): Test dummy encryption mode enabled
[  501.095017][T15524] EXT4-fs error (device loop0): ext4_orphan_get:1404: inode #15: comm syz.0.2057: inode has both inline data and extents flags
[  501.205946][T15524] EXT4-fs error (device loop0): ext4_orphan_get:1409: comm syz.0.2057: couldn't read orphan inode 15 (err -117)
[  501.248006][T15524] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.471408][T15543] lo: entered promiscuous mode
[  501.491540][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  501.499889][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  501.516483][T15543] batadv_slave_0: entered promiscuous mode
[  501.549978][T15543] syz_tun: entered promiscuous mode
[  501.582396][T15542] syz_tun: left promiscuous mode
[  501.587866][T15542] batadv_slave_0: left promiscuous mode
[  501.619664][T15542] lo: left promiscuous mode
[  501.702408][T15524] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  502.178074][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.279098][T15573] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2073'.
[  502.637704][T15562] bridge0: port 2(bridge_slave_1) entered disabled state
[  502.645483][T15562] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.249757][T15605] overlayfs: failed to clone upperpath
[  503.542465][T15562] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  503.610144][T15562] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  504.167671][T15562] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  504.176779][T15562] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  504.186112][T15562] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  504.195599][T15562] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  504.320370][T15610] netlink: 64 bytes leftover after parsing attributes in process `syz.8.2088'.
[  505.171778][T15627] loop6: detected capacity change from 0 to 32768
[  505.234494][   T27] kauditd_printk_skb: 24 callbacks suppressed
[  505.234510][   T27] audit: type=1326 audit(2000000886.689:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15640 comm="syz.0.2095" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef9b9ce59 code=0x7fc00000
[  505.270509][T15627] XFS (loop6): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  505.307989][T15627] XFS (loop6): Ending clean mount
[  505.565093][T15094] XFS (loop6): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  505.880708][   T27] audit: type=1326 audit(2000000887.329:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15640 comm="syz.0.2095" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2ef9b3e1d9 code=0x7fc00000
[  505.918567][   T27] audit: type=1326 audit(2000000887.329:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15640 comm="syz.0.2095" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f2ef9b3e29d code=0x7fc00000
[  506.078218][T15676] loop0: detected capacity change from 0 to 1024
[  506.106574][T15676] EXT4-fs: Ignoring removed bh option
[  506.149427][T15676] EXT4-fs (loop0): stripe (17) is not aligned with cluster size (16), stripe is disabled
[  506.186592][T15676] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  506.466102][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.283979][T15717] netlink: 16186 bytes leftover after parsing attributes in process `syz.8.2108'.
[  507.319591][T15716] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2109'.
[  507.418928][T15719] 0x0000000000d5-0x000800008590 : ""
[  507.437632][T15719] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x1ff2b
[  507.486209][T15719] ftl_cs: FTL header corrupt!
[  507.701019][T15733] overlayfs: failed to clone upperpath
[  507.776469][T15730] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  508.424507][   T27] audit: type=1326 audit(2000000889.879:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15759 comm="syz.0.2121" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2ef9b9ce59 code=0x0
[  509.400731][T15795] syz_tun: entered allmulticast mode
[  511.355541][T15856] bond3: entered allmulticast mode
[  511.379156][T15856] 8021q: adding VLAN 0 to HW filter on device bond3
[  511.542180][T15861] bond_slave_0: entered promiscuous mode
[  511.548557][T15861] bond_slave_1: entered promiscuous mode
[  511.569479][T15861] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  511.610745][T15861] bond3: (slave macvlan2): making interface the new active one
[  511.646905][T15861] macvlan2: entered allmulticast mode
[  511.660770][T15861] bond0: entered allmulticast mode
[  511.679438][T15861] bond_slave_0: entered allmulticast mode
[  511.690865][T15861] bond_slave_1: entered allmulticast mode
[  511.711379][T15861] bond3: (slave macvlan2): Enslaving as an active interface with an up link
[  512.063078][T15884] loop6: detected capacity change from 0 to 256
[  512.128060][T15884] exfat: Deprecated parameter 'utf8'
[  512.229797][T15884] exfat: Deprecated parameter 'namecase'
[  512.309523][T15884] exfat: Deprecated parameter 'namecase'
[  512.330323][T15884] exfat: Deprecated parameter 'utf8'
[  512.501489][T15884] exFAT-fs (loop6): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  513.456142][T15922] loop6: detected capacity change from 0 to 512
[  513.536746][T15927] netlink: 64 bytes leftover after parsing attributes in process `syz.7.2172'.
[  513.597349][T15922] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.2169: invalid indirect mapped block 4294967295 (level 1)
[  513.692488][T15922] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.2169: invalid indirect mapped block 4294967295 (level 1)
[  513.722092][T15922] EXT4-fs (loop6): 2 truncates cleaned up
[  513.730645][T15922] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  513.825132][T15922] EXT4-fs error (device loop6): ext4_validate_block_bitmap:430: comm syz.6.2169: bg 0: block 5: invalid block bitmap
[  514.052168][T15094] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  515.866348][T15994] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2187'.
[  516.736306][T16021] loop6: detected capacity change from 0 to 256
[  516.767108][T16021] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  516.829428][T16021] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  516.970897][T16021] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c91aa, utbl_chksum : 0xe619d30d)
[  517.060556][T16025] tipc: Started in network mode
[  517.079371][T16025] tipc: Node identity 080211000001, cluster identity 4711
[  517.086687][T16025] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  518.079474][ T5156] tipc: Node number set to 134418688
[  518.950766][T16062] loop0: detected capacity change from 0 to 32768
[  519.008236][T16062] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.2204 (16062)
[  519.099654][T16062] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  519.129054][T16062] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  519.166022][T16062] BTRFS info (device loop0): force clearing of disk cache
[  519.199512][T16062] BTRFS info (device loop0): enabling auto defrag
[  519.227373][T16062] BTRFS info (device loop0): max_inline at 0
[  519.247494][T16062] BTRFS info (device loop0): enabling disk space caching
[  519.267836][T16062] BTRFS info (device loop0): disk space caching is enabled
[  519.409308][T16062] BTRFS info (device loop0): enabling ssd optimizations
[  519.418651][T16062] BTRFS info (device loop0): rebuilding free space tree
[  519.448202][T16062] BTRFS info (device loop0): disabling free space tree
[  519.466319][T16062] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  519.499451][T16062] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  519.905035][ T9550] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  520.617579][T16153] af_packet: tpacket_rcv: packet too big, clamped from 42 to 4294967286. macoff=82
[  525.630392][T16304] loop6: detected capacity change from 0 to 512
[  525.677574][ T5156] libceph: connect (1)[c::]:6789 error -101
[  525.733880][T16304] EXT4-fs error (device loop6): ext4_orphan_get:1404: inode #15: comm syz.6.2258: inode has both inline data and extents flags
[  525.786969][ T5156] libceph: mon0 (1)[c::]:6789 connect error
[  525.829916][T16304] EXT4-fs error (device loop6): ext4_orphan_get:1409: comm syz.6.2258: couldn't read orphan inode 15 (err -117)
[  525.861129][T16301] ceph: No mds server is up or the cluster is laggy
[  525.882055][T16304] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.910918][T16321] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2261'.
[  525.962937][T16321] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2261'.
[  526.071104][T16304] loop6: detected capacity change from 512 to 0
[  526.102613][T16324] syz.6.2258: attempt to access beyond end of device
[  526.102613][T16324] loop6: rw=524288, sector=12, nr_sectors = 2 limit=0
[  526.120454][T16323] bridge4: port 1(vlan5) entered blocking state
[  526.154173][T16323] bridge4: port 1(vlan5) entered disabled state
[  526.169649][T16323] vlan5: entered allmulticast mode
[  526.171094][T16324] syz.6.2258: attempt to access beyond end of device
[  526.171094][T16324] loop6: rw=524288, sector=14, nr_sectors = 2 limit=0
[  526.184442][T16323] erspan0: entered allmulticast mode
[  526.207715][T16323] vlan5: entered promiscuous mode
[  526.224206][T16323] erspan0: entered promiscuous mode
[  526.243225][T16324] syz.6.2258: attempt to access beyond end of device
[  526.243225][T16324] loop6: rw=524288, sector=16, nr_sectors = 2 limit=0
[  526.289457][T16324] syz.6.2258: attempt to access beyond end of device
[  526.289457][T16324] loop6: rw=524288, sector=20, nr_sectors = 2 limit=0
[  526.326398][T16324] syz.6.2258: attempt to access beyond end of device
[  526.326398][T16324] loop6: rw=524288, sector=22, nr_sectors = 2 limit=0
[  526.362318][T16324] syz.6.2258: attempt to access beyond end of device
[  526.362318][T16324] loop6: rw=524288, sector=24, nr_sectors = 2 limit=0
[  526.407265][T16324] syz.6.2258: attempt to access beyond end of device
[  526.407265][T16324] loop6: rw=524288, sector=26, nr_sectors = 2 limit=0
[  526.449313][T16324] syz.6.2258: attempt to access beyond end of device
[  526.449313][T16324] loop6: rw=12288, sector=18, nr_sectors = 2 limit=0
[  526.523754][    C1] I/O error, dev loop6, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  526.549784][T16324] EXT4-fs error (device loop6): ext4_get_inode_loc:4634: inode #18: block 9: comm syz.6.2258: unable to read itable block
[  526.583746][T16324] syz.6.2258: attempt to access beyond end of device
[  526.583746][T16324] loop6: rw=14337, sector=2, nr_sectors = 2 limit=0
[  526.612609][T16277] syz.7.2252: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz7,mems_allowed=0-1
[  526.637969][T16324] Buffer I/O error on dev loop6, logical block 1, lost sync page write
[  526.649182][T16324] EXT4-fs (loop6): I/O error while writing superblock
[  526.663101][T16324] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5939: IO failure
[  526.675589][T16324] syz.6.2258: attempt to access beyond end of device
[  526.675589][T16324] loop6: rw=14337, sector=2, nr_sectors = 2 limit=0
[  526.684929][T16277] CPU: 0 PID: 16277 Comm: syz.7.2252 Not tainted syzkaller #0
[  526.696744][T16277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  526.706820][T16277] Call Trace:
[  526.710176][T16277]  <TASK>
[  526.713179][T16277]  dump_stack_lvl+0x18c/0x250
[  526.717989][T16277]  ? show_regs_print_info+0x20/0x20
[  526.723245][T16277]  ? load_image+0x420/0x420
[  526.727775][T16277]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  526.734248][T16277]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  526.740765][T16277]  warn_alloc+0x246/0x340
[  526.745127][T16277]  ? zone_watermark_ok_safe+0x230/0x230
[  526.750695][T16277]  ? _raw_spin_unlock+0x28/0x40
[  526.755615][T16277]  ? netlink_rcv_skb+0x235/0x4c0
[  526.760622][T16277]  __vmalloc_node_range+0x661/0x1320
[  526.765923][T16277]  ? __asan_memset+0x22/0x40
[  526.770590][T16277]  ? free_vm_area+0x50/0x50
[  526.775115][T16277]  ? rcu_is_watching+0x15/0xb0
[  526.779907][T16277]  ? kvmalloc_node+0x70/0x180
[  526.784616][T16277]  ? trace_kmalloc+0x1f/0xa0
[  526.789243][T16277]  kvmalloc_node+0x13f/0x180
[  526.793867][T16277]  ? hash_netport4_resize+0x24e/0x1a10
[  526.799432][T16277]  hash_netport4_resize+0x24e/0x1a10
[  526.804746][T16277]  ? hash_netport4_uadt+0xce0/0xf70
[  526.809991][T16277]  ? hash_netport4_uadt+0xf70/0xf70
[  526.815220][T16277]  ? lockdep_hardirqs_on+0x98/0x150
[  526.820442][T16277]  ? _local_bh_enable+0xa0/0xa0
[  526.825339][T16277]  call_ad+0x42a/0xb30
[  526.829470][T16277]  ? ip_set_ad+0x9c0/0x9c0
[  526.833938][T16277]  ? __nla_parse+0x40/0x50
[  526.838399][T16277]  ip_set_ad+0x81a/0x9c0
[  526.842682][T16277]  ? ip_set_dump_done+0x1e0/0x1e0
[  526.847725][T16277]  ? rcu_is_watching+0x15/0xb0
[  526.852552][T16277]  nfnetlink_rcv_msg+0xcaf/0x1290
[  526.857665][T16277]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  526.863818][T16277]  ? nfnetlink_rcv_msg+0x228/0x1290
[  526.869067][T16277]  ? nfnetlink_unbind+0x160/0x160
[  526.874142][T16277]  ? __dev_queue_xmit+0x198c/0x3630
[  526.879449][T16277]  ? __netlink_deliver_tap+0x579/0x7f0
[  526.884931][T16277]  ? netlink_deliver_tap+0x19c/0x1b0
[  526.890236][T16277]  ? netlink_unicast+0x77b/0x930
[  526.895618][T16277]  ? netlink_sendmsg+0x8d0/0xbf0
[  526.900564][T16277]  ? ____sys_sendmsg+0x61b/0x980
[  526.905570][T16277]  ? ___sys_sendmsg+0x2a6/0x360
[  526.910440][T16277]  ? __se_sys_sendmsg+0x1d0/0x2c0
[  526.915478][T16277]  ? do_syscall_64+0x55/0xb0
[  526.920096][T16277]  netlink_rcv_skb+0x235/0x4c0
[  526.924885][T16277]  ? nfnetlink_unbind+0x160/0x160
[  526.929937][T16277]  ? netlink_ack+0x1160/0x1160
[  526.934862][T16277]  ? apparmor_capable+0x137/0x1a0
[  526.939939][T16277]  ? bpf_lsm_capable+0x9/0x10
[  526.944652][T16277]  ? security_capable+0x89/0xb0
[  526.949537][T16277]  nfnetlink_rcv+0x2c9/0x2490
[  526.954235][T16277]  ? __local_bh_enable_ip+0x13a/0x1c0
[  526.959625][T16277]  ? lockdep_hardirqs_on+0x98/0x150
[  526.964847][T16277]  ? __local_bh_enable_ip+0x13a/0x1c0
[  526.970227][T16277]  ? _local_bh_enable+0xa0/0xa0
[  526.975096][T16277]  ? __dev_queue_xmit+0x275/0x3630
[  526.980235][T16277]  ? __dev_queue_xmit+0x1bc2/0x3630
[  526.985461][T16277]  ? nfnetlink_net_exit_batch+0xa0/0xa0
[  526.991057][T16277]  ? __dev_queue_xmit+0x275/0x3630
[  526.996307][T16277]  ? ref_tracker_free+0x686/0x830
[  527.001358][T16277]  ? refcount_inc+0x70/0x70
[  527.005882][T16277]  ? __asan_memcpy+0x40/0x70
[  527.010488][T16277]  ? __skb_clone+0x5c/0x6c0
[  527.015012][T16277]  ? __skb_clone+0x446/0x6c0
[  527.019627][T16277]  ? netlink_deliver_tap+0x2e/0x1b0
[  527.024843][T16277]  ? __lock_acquire+0x7d80/0x7d80
[  527.029912][T16277]  ? netlink_deliver_tap+0x2e/0x1b0
[  527.035127][T16277]  netlink_unicast+0x7b1/0x930
[  527.039915][T16277]  netlink_sendmsg+0x8d0/0xbf0
[  527.044731][T16277]  ? netlink_getsockopt+0x590/0x590
[  527.049944][T16277]  ? aa_sock_msg_perm+0x94/0x150
[  527.054919][T16277]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  527.060236][T16277]  ? security_socket_sendmsg+0x80/0xa0
[  527.065711][T16277]  ? netlink_getsockopt+0x590/0x590
[  527.071024][T16277]  ____sys_sendmsg+0x61b/0x980
[  527.075835][T16277]  ? __asan_memset+0x22/0x40
[  527.080447][T16277]  ? __sys_sendmsg_sock+0x30/0x30
[  527.085497][T16277]  ? __import_iovec+0x5f2/0x850
[  527.090408][T16277]  ? import_iovec+0x73/0xa0
[  527.094934][T16277]  ___sys_sendmsg+0x2a6/0x360
[  527.099641][T16277]  ? __sys_sendmsg+0x2b0/0x2b0
[  527.104452][T16277]  __se_sys_sendmsg+0x1d0/0x2c0
[  527.109330][T16277]  ? __x64_sys_sendmsg+0x80/0x80
[  527.114293][T16277]  ? lockdep_hardirqs_on+0x98/0x150
[  527.119513][T16277]  do_syscall_64+0x55/0xb0
[  527.123941][T16277]  ? clear_bhb_loop+0x40/0x90
[  527.128628][T16277]  ? clear_bhb_loop+0x40/0x90
[  527.133314][T16277]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  527.139242][T16277] RIP: 0033:0x7fc60f59ce59
[  527.143727][T16277] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  527.163379][T16277] RSP: 002b:00007fc610515028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  527.171848][T16277] RAX: ffffffffffffffda RBX: 00007fc60f815fa0 RCX: 00007fc60f59ce59
[  527.179840][T16277] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000005
[  527.187825][T16277] RBP: 00007fc60f632e6f R08: 0000000000000000 R09: 0000000000000000
[  527.195896][T16277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  527.203872][T16277] R13: 00007fc60f816038 R14: 00007fc60f815fa0 R15: 00007ffcc6200f18
[  527.211862][T16277]  </TASK>
[  527.264869][T16324] Buffer I/O error on dev loop6, logical block 1, lost sync page write
[  527.270168][T16277] Mem-Info:
[  527.276319][T16277] active_anon:57726 inactive_anon:0 isolated_anon:0
[  527.276319][T16277]  active_file:17702 inactive_file:40207 isolated_file:0
[  527.276319][T16277]  unevictable:0 dirty:64 writeback:0
[  527.276319][T16277]  slab_reclaimable:11938 slab_unreclaimable:103415
[  527.276319][T16277]  mapped:29995 shmem:50843 pagetables:774
[  527.276319][T16277]  sec_pagetables:0 bounce:0
[  527.276319][T16277]  kernel_misc_reclaimable:0
[  527.276319][T16277]  free:1267448 free_pcp:12554 free_cma:0
[  527.276581][T16324] EXT4-fs (loop6): I/O error while writing superblock
[  527.329870][T16324] EXT4-fs error (device loop6): ext4_dirty_inode:6143: inode #18: comm syz.6.2258: mark_inode_dirty error
[  527.355508][T16324] Buffer I/O error on dev loop6, logical block 1, lost sync page write
[  527.368076][T16277] Node 0 active_anon:229568kB inactive_anon:0kB active_file:70804kB inactive_file:160628kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119976kB dirty:256kB writeback:0kB shmem:201836kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12196kB pagetables:3196kB sec_pagetables:0kB all_unreclaimable? no
[  527.401372][T16277] Node 1 active_anon:1536kB inactive_anon:0kB active_file:4kB inactive_file:200kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  527.435963][T16324] EXT4-fs (loop6): I/O error while writing superblock
[  527.439677][T16277] Node 0 
[  527.443407][ T5156] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  527.461746][T16277] DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  527.497055][T16277] lowmem_reserve[]: 0 2521 2522 2522 2522
[  527.504123][T16277] Node 0 DMA32 free:1153956kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:229628kB inactive_anon:0kB active_file:70804kB inactive_file:159804kB unevictable:0kB writepending:256kB present:3129332kB managed:2586936kB mlocked:0kB bounce:0kB free_pcp:32344kB local_pcp:21028kB free_cma:0kB
[  527.549303][T16277] lowmem_reserve[]: 0 0 0 0 0
[  527.554201][T16277] Node 0 Normal free:8kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  527.612098][T16277] lowmem_reserve[]: 0 0 0 0 0
[  527.618256][T15094] EXT4-fs warning (device loop6): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[  527.629185][T16277] Node 1 Normal free:3900468kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:1536kB inactive_anon:0kB active_file:4kB inactive_file:200kB unevictable:0kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:17920kB local_pcp:9632kB free_cma:0kB
[  527.692623][ T5156] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  527.701892][ T5156] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  527.711422][T16277] lowmem_reserve[]: 0 0 0 0 0
[  527.717438][T16277] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  527.741167][ T5156] usb 1-1: config 0 descriptor??
[  527.760677][ T5156] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  527.766985][T16277] Node 0 DMA32: 555*4kB (UME) 244*8kB (UME) 311*16kB (UME) 499*32kB (UME) 150*64kB (UME) 84*128kB (UME) 40*256kB (UM) 54*512kB (UME) 38*1024kB (UM) 4*2048kB (UM) 250*4096kB (M) = 1154460kB
[  527.788006][T16277] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  527.794674][ T3500] EXT4-fs error (device loop6): __ext4_get_inode_loc_noinmem:4619: inode #2: block 5: comm kworker/u4:10: unable to read itable block
[  527.802358][T16277] Node 1 Normal: 243*4kB (UME) 71*8kB (UME) 37*16kB (UME) 93*32kB (UME) 33*64kB (UME) 10*128kB (UME) 1*256kB (M) 1*512kB (U) 2*1024kB (UE) 1*2048kB (E) 949*4096kB (M) = 3900468kB
[  527.835163][T16277] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  527.844954][T16277] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  527.854380][T16277] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  527.864076][T16277] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  527.873652][T16277] 108735 total pagecache pages
[  527.878458][T16277] 0 pages in swap cache
[  527.882973][T16277] Free swap  = 124652kB
[  527.887255][T16277] Total swap = 124996kB
[  527.891238][ T3500] Buffer I/O error on dev loop6, logical block 1, lost sync page write
[  527.892881][T16277] 2097051 pages RAM
[  527.903696][T16277] 0 pages HighMem/MovableOnly
[  527.908416][T16277] 416931 pages reserved
[  527.912719][T16277] 0 pages cma reserved
[  527.943028][ T3500] EXT4-fs (loop6): I/O error while writing superblock
[  527.972057][ T3500] EXT4-fs error (device loop6): __ext4_get_inode_loc_noinmem:4619: inode #18: block 9: comm kworker/u4:10: unable to read itable block
[  527.998760][ T3500] Buffer I/O error on dev loop6, logical block 1, lost sync page write
[  528.017796][ T3500] EXT4-fs (loop6): I/O error while writing superblock
[  528.029137][T15094] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.050387][T15094] Buffer I/O error on dev loop6, logical block 1, lost sync page write
[  528.088761][T15094] EXT4-fs (loop6): I/O error while writing superblock
[  529.179489][ T5156] usb 1-1: USB disconnect, device number 13
[  530.788763][ T5784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  530.816082][ T5784] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  530.831748][ T5784] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  530.842072][ T5784] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  530.874791][ T5784] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  530.884938][ T5784] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  531.250715][ T3500] hsr_slave_0: left promiscuous mode
[  531.261954][ T3500] hsr_slave_1: left promiscuous mode
[  531.297938][ T3500] batman_adv: batadv0: Removing interface: batadv_slave_0
[  531.324034][ T3500] batman_adv: batadv0: Removing interface: batadv_slave_1
[  531.344519][ T3500] bridge_slave_1: left allmulticast mode
[  531.360418][ T3500] bridge_slave_1: left promiscuous mode
[  531.366395][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.386090][ T3500] bridge_slave_0: left allmulticast mode
[  531.392535][ T3500] bridge_slave_0: left promiscuous mode
[  531.398422][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.171143][ T5783] Bluetooth: hci2: unexpected event for opcode 0x2042
[  532.621500][ T3500] team0 (unregistering): Port device team_slave_1 removed
[  532.689022][ T3500] team0 (unregistering): Port device team_slave_0 removed
[  532.748556][ T3500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  532.810443][ T3500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  533.005848][ T5783] Bluetooth: hci0: command tx timeout
[  533.295063][ T3500] bond0 (unregistering): Released all slaves
[  533.459374][T16435] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  533.962022][T16400] chnl_net:caif_netlink_parms(): no params data found
[  534.172228][T16453] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  534.632191][T16400] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.651731][T16400] bridge0: port 1(bridge_slave_0) entered disabled state
[  534.658996][T16400] bridge_slave_0: entered allmulticast mode
[  534.681201][T16400] bridge_slave_0: entered promiscuous mode
[  534.709181][T16400] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.737730][T16400] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.747942][T16400] bridge_slave_1: entered allmulticast mode
[  534.781162][T16400] bridge_slave_1: entered promiscuous mode
[  534.885189][T16400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  534.930736][T16472] loop0: detected capacity change from 0 to 512
[  534.931224][T16400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  534.982805][T16472] EXT4-fs: Ignoring removed i_version option
[  534.988878][T16472] EXT4-fs: Ignoring removed nobh option
[  535.031401][T16472] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  535.082809][ T5783] Bluetooth: hci0: command tx timeout
[  535.112486][T16400] team0: Port device team_slave_0 added
[  535.125704][T16472] EXT4-fs (loop0): 1 truncate cleaned up
[  535.141049][T16472] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  535.174239][T16400] team0: Port device team_slave_1 added
[  535.304124][T16477] overlayfs: failed to clone upperpath
[  535.345280][T16400] batman_adv: batadv0: Adding interface: batadv_slave_0
[  535.363161][T16400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  535.383438][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.390217][T16400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  535.416629][T16400] batman_adv: batadv0: Adding interface: batadv_slave_1
[  535.433916][T16400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  535.509314][T16400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  535.705828][T16400] hsr_slave_0: entered promiscuous mode
[  535.713061][T16482] xt_hashlimit: size too large, truncated to 1048576
[  535.750419][T16400] hsr_slave_1: entered promiscuous mode
[  535.761332][T16400] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  535.768953][T16400] Cannot create hsr debugfs directory
[  536.059499][ T6426] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  536.206240][ T5783] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  536.216185][ T5783] Bluetooth: hci2: Injecting HCI hardware error event
[  536.226608][ T5783] Bluetooth: hci2: hardware error 0x00
[  536.265498][ T6426] usb 1-1: unable to get BOS descriptor or descriptor too short
[  536.281300][ T6426] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  536.299309][ T6426] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[  536.337978][ T6426] usb 1-1: string descriptor 0 read error: -22
[  536.355807][ T6426] usb 1-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40
[  536.376020][ T6426] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  537.159292][ T5784] Bluetooth: hci0: command tx timeout
[  538.359607][ T5783] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  539.244924][ T5783] Bluetooth: hci0: command tx timeout
[  539.441480][T16400] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  539.474440][T16400] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  539.535222][T16400] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  539.592685][T16400] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  539.977194][T16400] 8021q: adding VLAN 0 to HW filter on device bond0
[  540.080450][T16400] 8021q: adding VLAN 0 to HW filter on device team0
[  540.127259][ T5900] bridge0: port 1(bridge_slave_0) entered blocking state
[  540.134466][ T5900] bridge0: port 1(bridge_slave_0) entered forwarding state
[  540.187102][ T5900] bridge0: port 2(bridge_slave_1) entered blocking state
[  540.194385][ T5900] bridge0: port 2(bridge_slave_1) entered forwarding state
[  540.971774][T16400] 8021q: adding VLAN 0 to HW filter on device batadv0
[  541.277118][   T23] usb 1-1: USB disconnect, device number 14
[  541.668335][T16570] loop0: detected capacity change from 0 to 256
[  541.962688][T16400] veth0_vlan: entered promiscuous mode
[  542.014895][T16400] veth1_vlan: entered promiscuous mode
[  542.207696][T16400] veth0_macvtap: entered promiscuous mode
[  542.254031][T16400] veth1_macvtap: entered promiscuous mode
[  542.342099][T16582] overlayfs: failed to clone upperpath
[  542.347665][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  542.379538][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  542.424144][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  542.468262][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  542.511012][T16400] batman_adv: batadv0: Interface activated: batadv_slave_0
[  542.558376][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  542.605730][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  542.643502][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  542.696857][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  542.765335][T16400] batman_adv: batadv0: Interface activated: batadv_slave_1
[  542.814886][T16400] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  542.873250][T16400] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  542.894180][T16400] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  542.921840][T16400] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  543.189704][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  543.249391][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  543.345211][T16600] loop0: detected capacity change from 0 to 512
[  543.410656][T16600] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  543.432501][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  543.450926][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  543.487362][T16600] EXT4-fs (loop0): 1 truncate cleaned up
[  543.525341][T16600] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  543.703343][T16600] EXT4-fs error (device loop0): __ext4_get_inode_loc:4496: comm syz.0.2326: Invalid inode table block 3858276425 in block_group 0
[  543.964500][ T9550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  544.889760][    T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  545.100729][    T9] usb 1-1: config 0 interface 0 altsetting 11 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  545.129572][    T9] usb 1-1: config 0 interface 0 altsetting 11 endpoint 0x81 has invalid wMaxPacketSize 0
[  545.183216][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[  545.201152][    T9] usb 1-1: New USB device found, idVendor=056a, idProduct=0144, bcdDevice= 0.00
[  545.224954][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.262327][    T9] usb 1-1: config 0 descriptor??
[  545.469835][T16653] netlink: 64 bytes leftover after parsing attributes in process `syz.8.2341'.
[  545.505233][T16630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  545.539977][T16630] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  547.323334][   T23] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  547.524600][   T23] usb 10-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  547.545435][    T9] usbhid 1-1:0.0: can't add hid device: -71
[  547.580009][    T9] usbhid: probe of 1-1:0.0 failed with error -71
[  547.589597][   T23] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.614438][   T23] usb 10-1: Product: syz
[  547.628328][   T23] usb 10-1: Manufacturer: syz
[  547.638892][    T9] usb 1-1: USB disconnect, device number 15
[  547.644550][   T23] usb 10-1: SerialNumber: syz
[  547.888291][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  547.936114][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  549.188994][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71
[  549.239687][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -71
[  549.289356][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -71
[  549.324944][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -71
[  549.356238][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -71
[  549.388802][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001020. ret = -71
[  549.409415][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -71
[  549.453682][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -71
[  549.490260][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  549.519793][   T23] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  549.608348][   T23] lan78xx: probe of 10-1:1.0 failed with error -71
[  549.654172][   T23] usb 10-1: USB disconnect, device number 2
[  549.937023][T16755] bridge0: port 4(syz_tun) entered blocking state
[  549.954151][T16755] bridge0: port 4(syz_tun) entered disabled state
[  549.969603][T16755] syz_tun: entered allmulticast mode
[  549.985908][T16755] syz_tun: entered promiscuous mode
[  550.739372][ T6991] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  550.939400][ T6991] usb 1-1: Using ep0 maxpacket: 32
[  550.956324][ T6991] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  550.986329][ T6991] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  551.015056][ T6991] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  551.042526][ T6991] usb 1-1: Product: syz
[  551.058280][ T6991] usb 1-1: Manufacturer: syz
[  551.068195][ T6991] usb 1-1: SerialNumber: syz
[  551.081040][ T6991] usb 1-1: config 0 descriptor??
[  551.100012][T16782] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  551.633012][ T5822] usb 1-1: USB disconnect, device number 16
[  552.580289][T16848] netlink: 'syz.0.2385': attribute type 10 has an invalid length.
[  552.856753][T16848] team0: Device veth1_vlan failed to register rx_handler
[  554.759670][ T5784] Bluetooth: hci1: command 0x0406 tx timeout
[  555.070969][T16918] bridge0: port 2(bridge_slave_1) entered disabled state
[  555.078758][T16918] bridge0: port 1(bridge_slave_0) entered disabled state
[  555.110077][T16918] bridge0: entered allmulticast mode
[  555.176206][T16919] bridge_slave_1: left allmulticast mode
[  555.221493][T16919] bridge_slave_1: left promiscuous mode
[  555.227373][T16919] bridge0: port 2(bridge_slave_1) entered disabled state
[  555.271595][T16919] bridge_slave_0: left allmulticast mode
[  555.292063][T16919] bridge_slave_0: left promiscuous mode
[  555.309856][T16919] bridge0: port 1(bridge_slave_0) entered disabled state
[  555.666962][T16929] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2409'.
[  555.822566][T16932] xt_hashlimit: size too large, truncated to 1048576
[  557.622565][T16968] xt_hashlimit: size too large, truncated to 1048576
[  559.073315][T17008] loop0: detected capacity change from 0 to 2048
[  559.145441][T17008] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  559.194004][T17010] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  560.089151][T17021] overlayfs: failed to clone upperpath
[  560.114748][T17021] overlayfs: failed to clone lowerpath
[  560.854492][T17043] netlink: 284 bytes leftover after parsing attributes in process `syz.7.2430'.
[  561.008726][T17047] loop0: detected capacity change from 0 to 1024
[  561.320182][T17053] overlayfs: failed to clone upperpath
[  561.588288][T17059] netlink: 'syz.7.2434': attribute type 1 has an invalid length.
[  561.720739][T17059] 8021q: adding VLAN 0 to HW filter on device bond1
[  561.823414][T17061] netlink: 'syz.0.2435': attribute type 4 has an invalid length.
[  561.881591][T17065] vlan3: entered allmulticast mode
[  561.907212][T17065] veth0_to_bond: entered allmulticast mode
[  561.946318][T17065] bond1: (slave vlan3): making interface the new active one
[  562.011547][T17065] bond1: (slave vlan3): Enslaving as an active interface with an up link
[  562.303955][T17079] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2439'.
[  562.393515][T17079] ip6erspan0: entered promiscuous mode
[  562.641005][T17093] netlink: 'syz.9.2441': attribute type 1 has an invalid length.
[  562.766728][T17093] ip6gretap1: entered promiscuous mode
[  562.811204][T17093] ip6gretap1: entered allmulticast mode
[  562.852217][T17093] bond1: (slave ip6gretap1): making interface the new active one
[  562.882410][T17093] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  562.928695][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  562.936159][T17093] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  562.938754][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  562.964587][T17093] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  563.202081][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  563.511614][T17120] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2446'.
[  563.617215][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  563.849973][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  564.072752][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  564.471263][T17144] overlayfs: failed to clone upperpath
[  564.511693][   T27] audit: type=1326 audit(2000000945.959:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17146 comm="syz.0.2454" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2ef9b9ce59 code=0x0
[  564.662090][T17125] loop9: detected capacity change from 0 to 32768
[  564.687413][T17125] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop9 scanned by syz.9.2448 (17125)
[  564.822332][T17125] BTRFS info (device loop9): first mount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b
[  564.848719][T17125] BTRFS info (device loop9): using xxhash64 (xxhash64-generic) checksum algorithm
[  564.885792][T17125] BTRFS info (device loop9): using free space tree
[  564.908557][T17156] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2456'.
[  564.955729][T17157] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  564.963085][T17157] IPv6: NLM_F_CREATE should be set when creating new route
[  565.062025][T17125] BTRFS info (device loop9): enabling ssd optimizations
[  565.089513][T17158] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  565.096923][T17158] IPv6: NLM_F_CREATE should be set when creating new route
[  565.101640][T17125] BTRFS info (device loop9): auto enabling async discard
[  565.545495][T17125] BTRFS info (device loop9): setting incompat feature flag for COMPRESS_LZO (0x8)
[  565.628034][T17190] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2459'.
[  565.970993][T16400] BTRFS info (device loop9): last unmount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b
[  566.300270][   T11] batman_adv: batadv0: Interface deactivated: gretap1
[  567.036361][   T11] batman_adv: batadv0: Removing interface: gretap1
[  567.725453][T17252] netlink: 164 bytes leftover after parsing attributes in process `syz.8.2483'.
[  567.884408][   T11] hsr_slave_0: left promiscuous mode
[  567.907056][   T11] hsr_slave_1: left promiscuous mode
[  567.956946][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  567.994449][T17258] overlayfs: failed to clone upperpath
[  568.011059][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  568.055282][   T11] bridge_slave_1: left allmulticast mode
[  568.071230][   T11] bridge_slave_1: left promiscuous mode
[  568.085591][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  568.124328][   T11] bridge_slave_0: left allmulticast mode
[  568.162037][   T11] bridge_slave_0: left promiscuous mode
[  568.191505][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  569.150956][   T11] bond2 (unregistering): (slave bridge1): Releasing backup interface
[  569.183065][   T11] bridge1 (unregistering): left promiscuous mode
[  570.093318][   T11] bond2 (unregistering): Released all slaves
[  570.451481][T16041] ------------[ cut here ]------------
[  570.452312][ T5900] ------------[ cut here ]------------
[  570.457659][T16041] WARNING: CPU: 1 PID: 16041 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  570.463587][ T5900] WARNING: CPU: 0 PID: 5900 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  570.463630][ T5900] Modules linked in:
[  570.463654][ T5900] CPU: 0 PID: 5900 Comm: kworker/u4:11 Not tainted syzkaller #0
[  570.463674][ T5900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  570.463688][ T5900] Workqueue: phy37 ieee80211_csa_finalize_work
[  570.463804][ T5900] RIP: 0010:ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  570.463836][ T5900] Code: 48 89 df e8 a4 8d d8 f7 e9 d6 fc ff ff e8 4a 19 80 f7 eb 24 e8 43 19 80 f7 c7 04 24 f4 ff ff ff e9 cc f5 ff ff e8 32 19 80 f7 <0f> 0b 0f 0b e9 b7 f5 ff ff e8 24 19 80 f7 48 8b 7c 24 08 4c 8b 74
[  570.463855][ T5900] RSP: 0018:ffffc9000499f9c0 EFLAGS: 00010293
[  570.463874][ T5900] RAX: ffffffff8a06c812 RBX: 0000000000000001 RCX: ffff88802b1fbc00
[  570.463890][ T5900] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  570.463902][ T5900] RBP: dffffc0000000000 R08: ffff88804b5a562f R09: 1ffff110096b4ac5
[  570.463918][ T5900] R10: dffffc0000000000 R11: ffffed10096b4ac6 R12: 0000000000000001
[  570.463933][ T5900] R13: ffff88804b5a6659 R14: ffff888065a2ad48 R15: ffff888025614b00
[  570.463948][ T5900] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  570.463966][ T5900] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  570.463982][ T5900] CR2: 00007f2efa94da08 CR3: 000000007df17000 CR4: 00000000003506f0
[  570.464000][ T5900] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000400
[  570.464014][ T5900] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  570.464028][ T5900] Call Trace:
[  570.464036][ T5900]  <TASK>
[  570.464058][ T5900]  ieee80211_link_use_reserved_context+0x37b/0x5c0
[  570.464094][ T5900]  ieee80211_csa_finalize+0x571/0xeb0
[  570.464125][ T5900]  ? mutex_lock_nested+0x20/0x20
[  570.464153][ T5900]  ? lockdep_hardirqs_on_prepare+0x44c/0x7d0
[  570.464179][ T5900]  ? ieee80211_csa_finalize_work+0x140/0x140
[  570.464210][ T5900]  ? read_lock_is_recursive+0x20/0x20
[  570.464249][ T5900]  ieee80211_csa_finalize_work+0xf6/0x140
[  570.464278][ T5900]  ? process_scheduled_works+0x975/0x1600
[  570.464307][ T5900]  process_scheduled_works+0xa60/0x1600
[  570.464370][ T5900]  ? worker_attach_to_pool+0x370/0x370
[  570.475407][T16041] Modules linked in:
[  570.486729][ T5900]  ? assign_work+0x3cc/0x5d0
[  570.490397][T16041] CPU: 1 PID: 16041 Comm: kworker/u4:8 Not tainted syzkaller #0
[  570.490418][T16041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  570.490431][T16041] Workqueue: phy38 ieee80211_csa_finalize_work
[  570.490466][T16041] RIP: 0010:ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  570.498102][ T5900]  worker_thread+0xa5e/0xfe0
[  570.509098][T16041] Code: 48 89 df e8 a4 8d d8 f7 e9 d6 fc ff ff e8 4a 19 80 f7 eb 24 e8 43 19 80 f7 c7 04 24 f4 ff ff ff e9 cc f5 ff ff e8 32 19 80 f7 <0f> 0b 0f 0b e9 b7 f5 ff ff e8 24 19 80 f7 48 8b 7c 24 08 4c 8b 74
[  570.514829][ T5900]  kthread+0x2fa/0x390
[  570.522234][T16041] RSP: 0018:ffffc900051479c0 EFLAGS: 00010293
[  570.542105][ T5900]  ? pr_cont_work+0x550/0x550
[  570.547726][T16041] 
[  570.547735][T16041] RAX: ffffffff8a06c812 RBX: 0000000000000001 RCX: ffff888031a2da00
[  570.556115][ T5900]  ? kthread_blkcg+0xd0/0xd0
[  570.556143][ T5900]  ret_from_fork+0x48/0x80
[  570.556194][ T5900]  ? kthread_blkcg+0xd0/0xd0
[  570.556223][ T5900]  ret_from_fork_asm+0x11/0x20
[  570.556277][ T5900]  </TASK>
[  570.556289][ T5900] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  570.556299][ T5900] CPU: 0 PID: 5900 Comm: kworker/u4:11 Not tainted syzkaller #0
[  570.556318][ T5900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  570.556347][ T5900] Workqueue: phy37 ieee80211_csa_finalize_work
[  570.556380][ T5900] Call Trace:
[  570.556387][ T5900]  <TASK>
[  570.556395][ T5900]  dump_stack_lvl+0x18c/0x250
[  570.556423][ T5900]  ? show_regs_print_info+0x20/0x20
[  570.556448][ T5900]  ? load_image+0x420/0x420
[  570.556492][ T5900]  panic+0x2ca/0x720
[  570.556533][ T5900]  ? bpf_jit_dump+0xd0/0xd0
[  570.556570][ T5900]  ? ret_from_fork_asm+0x11/0x20
[  570.556599][ T5900]  __warn+0x2e0/0x470
[  570.556629][    C1] ------------[ cut here ]------------
[  570.556641][ T5900]  ? ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  570.556636][    C1] WARNING: CPU: 1 PID: 16041 at net/mac80211/tx.c:5033 __ieee80211_beacon_get+0x1141/0x1520
[  570.556680][    C1] Modules linked in:
[  570.556674][ T5900]  ? ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  570.556685][    C1] 
[  570.556691][    C1] CPU: 1 PID: 16041 Comm: kworker/u4:8 Not tainted syzkaller #0
[  570.556709][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  570.556728][    C1] Workqueue: phy38 ieee80211_csa_finalize_work
[  570.556703][ T5900]  report_bug+0x2be/0x4f0
[  570.556771][    C1] 
[  570.556778][ T5900]  ? ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  570.556776][    C1] RIP: 0010:__ieee80211_beacon_get+0x1141/0x1520
[  570.556809][    C1] Code: f7 4c 89 ef e8 b0 a4 c2 f7 45 31 ed 4c 8b bc 24 a0 00 00 00 e9 7f fe ff ff e8 7b c6 84 f7 0f 0b e9 61 f8 ff ff e8 6f c6 84 f7 <0f> 0b e9 85 fb ff ff e8 63 c6 84 f7 48 c7 c7 40 50 64 8e 4c 89 e6
[  570.556808][ T5900]  ? ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  570.556826][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  570.556843][    C1] RAX: ffffffff8a021ee1 RBX: dffffc0000000000 RCX: ffff888031a2da00
[  570.556837][ T5900]  ? ieee80211_vif_use_reserved_switch+0x1110/0x2900
[  570.556858][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  570.556869][    C1] RBP: 0000000000000000 R08: ffff888031a2da00 R09: 0000000000000003
[  570.556867][ T5900]  handle_bug+0xcf/0x120
[  570.556882][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88804b5ae440
[  570.556895][    C1] R13: ffff88805d109c24 R14: ffff88804b5ae930 R15: ffff88805d109c00
[  570.556891][ T5900]  exc_invalid_op+0x1a/0x50
[  570.556910][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  570.556916][ T5900]  asm_exc_invalid_op+0x1a/0x20
[  570.556926][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  570.556940][    C1] CR2: 00007f2ef9b85fc0 CR3: 000000006680e000 CR4: 00000000003506e0
[  570.556945][ T5900] RIP: 0010:ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  570.556957][    C1] DR0: 0000000000000101 DR1: 0000000000000007 DR2: 000000000000000f
[  570.556969][    C1] DR3: 0000000000000006 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  570.556975][ T5900] Code: 48 89 df e8 a4 8d d8 f7 e9 d6 fc ff ff e8 4a 19 80 f7 eb 24 e8 43 19 80 f7 c7 04 24 f4 ff ff ff e9 cc f5 ff ff e8 32 19 80 f7 <0f> 0b 0f 0b e9 b7 f5 ff ff e8 24 19 80 f7 48 8b 7c 24 08 4c 8b 74
[  570.556981][    C1] Call Trace:
[  570.556988][    C1]  <IRQ>
[  570.556991][ T5900] RSP: 0018:ffffc9000499f9c0 EFLAGS: 00010293
[  570.556996][    C1]  ? __ieee80211_beacon_get+0x36/0x1520
[  570.557008][ T5900] RAX: ffffffff8a06c812 RBX: 0000000000000001 RCX: ffff88802b1fbc00
[  570.557023][ T5900] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  570.557035][ T5900] RBP: dffffc0000000000 R08: ffff88804b5a562f R09: 1ffff110096b4ac5
[  570.557038][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  570.557049][ T5900] R10: dffffc0000000000 R11: ffffed10096b4ac6 R12: 0000000000000001
[  570.557063][ T5900] R13: ffff88804b5a6659 R14: ffff888065a2ad48 R15: ffff888025614b00
[  570.557073][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  570.557087][ T5900]  ? ieee80211_vif_use_reserved_switch+0xd02/0x2900
[  570.557142][ T5900]  ieee80211_link_use_reserved_context+0x37b/0x5c0
[  570.557115][    C1]  mac80211_hwsim_beacon_tx+0x3bd/0x770
[  570.557198][    C1]  __iterate_interfaces+0x225/0x4c0
[  570.557195][ T5900]  ieee80211_csa_finalize+0x571/0xeb0
[  570.557232][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  570.557247][ T5900]  ? mutex_lock_nested+0x20/0x20
[  570.557263][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  570.557278][ T5900]  ? lockdep_hardirqs_on_prepare+0x44c/0x7d0
[  570.557292][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  570.557305][ T5900]  ? ieee80211_csa_finalize_work+0x140/0x140
[  570.557323][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  570.557341][ T5900]  ? read_lock_is_recursive+0x20/0x20
[  570.557356][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  570.557377][ T5900]  ieee80211_csa_finalize_work+0xf6/0x140
[  570.557383][    C1]  ? hw_scan_work+0xf10/0xf10
[  570.557410][    C1]  __hrtimer_run_queues+0x525/0xc10
[  570.557410][ T5900]  ? process_scheduled_works+0x975/0x1600
[  570.557442][ T5900]  process_scheduled_works+0xa60/0x1600
[  570.557455][    C1]  ? hrtimer_interrupt+0x980/0x980
[  570.557477][    C1]  ? read_tsc+0x9/0x20
[  570.557503][ T5900]  ? worker_attach_to_pool+0x370/0x370
[  570.557511][    C1]  hrtimer_run_softirq+0x177/0x290
[  570.557541][    C1]  handle_softirqs+0x27d/0x820
[  570.557540][ T5900]  ? assign_work+0x3cc/0x5d0
[  570.557562][    C1]  ? read_tsc+0x9/0x20
[  570.557575][ T5900]  worker_thread+0xa5e/0xfe0
[  570.557583][    C1]  ? ktime_get+0x24b/0x280
[  570.557612][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  570.557635][ T5900]  kthread+0x2fa/0x390
[  570.557638][    C1]  ? do_softirq+0x1a0/0x1a0
[  570.557655][ T5900]  ? pr_cont_work+0x550/0x550
[  570.557665][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  570.557683][ T5900]  ? kthread_blkcg+0xd0/0xd0
[  570.557697][    C1]  __irq_exit_rcu+0xd3/0x190
[  570.557706][ T5900]  ret_from_fork+0x48/0x80
[  570.557726][    C1]  ? irq_exit_rcu+0x20/0x20
[  570.557731][ T5900]  ? kthread_blkcg+0xd0/0xd0
[  570.557753][ T5900]  ret_from_fork_asm+0x11/0x20
[  570.557757][    C1]  irq_exit_rcu+0x9/0x20
[  570.557778][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  570.557800][ T5900]  </TASK>
[  570.557810][    C1]  </IRQ>
[  570.557816][    C1]  <TASK>
[  570.558370][ T5900] Kernel Offset: disabled