last executing test programs:

5m55.440973439s ago: executing program 2 (id=25):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmmsg$inet6(r0, &(0x7f0000019680)=[{{&(0x7f0000000100)={0xa, 0x0, 0x0, @loopback={0x0, 0xac141414}}, 0x1c, 0x0}}], 0x1, 0x20004855)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000480)=0x7, 0x4)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

5m55.40072218s ago: executing program 2 (id=26):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x1a, 0x3, &(0x7f0000000a40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x18}, 0x94)

5m55.332278961s ago: executing program 2 (id=28):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r0, 0x29, 0x2, 0x0, 0x0)

5m55.331929483s ago: executing program 2 (id=29):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x1, 0x6c1, &(0x7f00000003c0)="$eJzs3U9sHFcdB/DvbJx1NqDEbdM0IKRajVRBIxI7q5IgITUghHKIUFQuvVqJ01hx0spxkVshsgEKEidOqAcORcgcekIIIZUTopyRkLhw8j0SNw45AItmdna9tjeO3cRZt/18pPF7s2/ee7/5Zf7srh1NgM+si6/lYCdFLp66tFKur622F9dW2zf79SSTSRrJRK9I0UqKj5IL6S35QvliPVzxoHlevvdhMfHeB+3e2kS9VNs3tuu3xcgtO8mhwcqBJNO96n92POyW8aqlGufK+ng7MDnitWIQd5mwk/3Ewbh1t+isNzYe2n3n5y2wb93p3Te3mEoOp3d3re5s9dXh4VeG8Tg6VN/22tTZ+1gAAABgr438LD/s6P3cz0qOPJlwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NOh6D0zsFU/N7/RK1/NdIr+8/+bQ8/Ub4453Ef07rWqePXouAMBAAAAAAAAgEfy/P3cz0qO9Ne7RfU7/xeqlWPVz8/lrdzOfJZyOiuZy3KWs5TZJFNDAzVX5paXl2a39vxlyp7dbvdO3fPsoGf/rwfKnmc3xtXZHOiovzTYshEAAAAAAAAAfGb9KBfXf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7QZEc6BXVcqxfn0pjIsmhJM1ierB5c6zBPgZ/HncAAAAAsPdadXmk+F+v0i2qz/zHq8/9h/JWbmU5C1nOYuZztfouoPepv/H3TntxbbV9s1y2DvzNf+0qjmrE9L57GD3zTLXFs4MeF/OdfC+nMp3LWcpCvp+5LGc+0/l2VZtLkan624uptdVW+rFujffChrXLm2N7fqhexneiiqSVa1moYjudK81+6I16uxNDs/2xmWya8W6ZneKV2g5zdLUuyz36RV3uD1PVnh8cZGSmzn2ZjaeG874197s8TjbPNJvG4DuoY2ur7SLp1KubZ/pYOT9cl2Wuf7q3Od/lV2kbM9H5ebnWP/qOb5/z5Cv/+Mvl641bN65fu31q/xxGH9PmY6I9lInndpSJxTITnUfIxKFHif/xadbZ6F1Fd3e1fKHqeyQL+W7eyNXM51xmMpvzmcnXczbtnB3K67Pb57U61xq7O9dOfrmulPeknw3dm56YyQc1lHl9aiivw1e6qapt+JX1LD29gywVzYzO0j9HhjLxxbpSzvHjoTvO+G3IxGSqa3M/ume2z8Sv/9tNcnvx1o2l63Nv7nC+F+uyPG3f3Xht/s1j2aHdq3e3PF6eLv+x0rttDB8dZdsz/bYNR85s1XZs0LbxPtdspjqfe20PO1PLkY7fHTVSr+25kbO0q7YTQ20b3uXkjSwO3oUAsI8dfulws3Wv9bfW+62ftK63Lh361uT5yS81c/CvE3868LvGbxvfKF7K+/lhjow7UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4/fY7N+YWF+eX9mEljcc84N2RTf1U9F5p7o99/6RWJrc7on6fZJvuzXHE3EqyL1KXiScw12RGNF0avNJKGoN4ktzYJw+4A/bCmeWbb565/fY7X124Off6/Ovzt86eP/fKufbXZu+cubawOD/T+znuKIG9sP42YNyRAAAAAAAAAAAAADv1JP57w4hpi84Y9hUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ZLr4Wg52UmR25vRMub622l4sl359fcuJJI0kxQ+S4qPkQnpLpoaGK4bHLrrr9ZfvffirF9/7oL0+1kR/+8amfn/4d7e7y73o1Eumkxyoy6RZN7ce0G1yR+NdKcvPrzfsXjHYwzJhJ/uJg3H7fwAAAP//VngE7g==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
syz_mount_image$msdos(&(0x7f0000000340), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0x0, 0x0, &(0x7f0000000000))

5m55.187999356s ago: executing program 2 (id=31):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f00000000c0)={'wlan1\x00', @random="c24f7b36aec9"})

5m54.620313207s ago: executing program 2 (id=38):
getpriority(0x0, 0x18)

5m54.549703091s ago: executing program 32 (id=38):
getpriority(0x0, 0x18)

4m15.764294796s ago: executing program 1 (id=1610):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000000)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
semctl$SEM_INFO(0x0, 0x0, 0x13, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_MCE_KILL(0x21, 0x1, 0x2)

4m15.764197616s ago: executing program 1 (id=1611):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000140)=@fragment={0xb6, 0x0, 0x92, 0x0, 0x0, 0x1b, 0x65}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x200440c0, &(0x7f0000000040)={0xa, 0x4e24, 0xffffff7c, @empty, 0x6}, 0x1c)

4m15.704637892s ago: executing program 1 (id=1612):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_FIB_RESULT={0x8}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc8}}, 0x20004000)

4m15.704453292s ago: executing program 1 (id=1613):
syz_mount_image$ext4(&(0x7f0000000640)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x525, &(0x7f0000000100)="$eJzs3c9vG1kdAPCv3fxw03SThT0sCNiyLBRU1U7c3Wi1B1guSGi1WqRlTwh1o8SNothxFDulCZFIJW5ckajECf4EDkgckHrizg1uXIoEUoGKqkFCyGjscZo4dhM1cdzGn4808ps3k/l+n6V5L37+8QIYWlciYicixiLi04iYSusz6Rbvt7bkvCePthd2H20vZKLR+PifI+mZ2wvt89supdfMRXyU7I93iVvb3FqZL5dL6+l+oV5ZK9Q2t64vV+aXSkul1WJxbnZu5t0b7xRPra1vVH7z8DvLH3zy+9998cEfd77x4yTnb7UOjSVtO7VA+7Sel9GY3FeXPHMf9CPYAFxI2zM26ER4LtmI+ExEvJmW9+QGlxMA0F+NxlQ0pvbv95Y5xjkAwIsvec0/GZlsPn39PxnZbD7fnMPLvRYT2XK1Vr92q7qxuhjNOazpGM3eWi6XZtK5wukYzST7s83y0/1ix/6NiHg1In4+frG5n1+olhcH9U8PAAy5Sx3j/+Px1vh/DN4hAICXmZEcAIbP4fF/dCB5AABnx+t/ABg++8b/bt/VBQDOoVzHd/8BgPPvyPn/1+MnPzybVACAM+L9fwAYKt/78MNka+ymv3+9eHtzY6V6+/piqbaSr2ws5Beq62v5pWp1qfmbPZWjrleuVtdm346NO4V6qVYv1Da3blaqG6v1m83f9b5Z8sUCABi8V9+4/+dMROy8d7G5RXstBx8IgHPPbQ7D68KgEwAGZmTQCQADYz4eyBxxvOdHhO71/puLJ8gH6L+rn+sx/9/tf4O7e6X/Nc4uRaBPzP/D8DrZ/L/ZA3iZmf+H4dVoZKznDwBD5hiv4H1EEM65537/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYZHPLZPPpWuCTkc3m8xGXI2I6RjO3lsulmYh4JSL+ND46nuzPDjppAOCEsn/PpOt/XZ16a7Lz6FjmP+PNx4j40S8//sWd+Xp9fTap/9deff1eWl/sGmC8/20AAPYZ6axoj9Ptcby9vu+TR9sL7e0sE3z47dbioknc3XRrp95KPhejETHx78yBxmROaWHinbsR8Xpn+7N7x6fTlU874yexL/ctfjRbOHkgfvZA/GzzWOsxeS4+ewq5wLC5n/Q/73e7/7JxpfmY3n+Zg51pLn52uHN9Du3+b7fR2f+17vePLueafU23/u/KcWO8/Yfv9jx290Lj8yMRu4f63/aK0LlmqVv8t7pd8KfffLzRUfWXL3zpzV7xG7+KuBrPit8qFeqVtUJtc+v6cmV+qbRUWi0W52bnZt698U6x0JyjLrRnqg/7x3vXXund/oiJHvFzR7T/q70u2uHX//30B19+Rvyvf6Vb/Gy89oz4yZj4tWPGn5/4bc/lu5P4iz3aP3Ig/tiBv0vqrh0z/oO/bi0e81QA4AzUNrdW5svl0rrCSQu5fl350gvSQIUehb99cuCeGng+p1IYWJcEnJGnN/2gMwEAAAAAAAAAAAAAAHqpfT/9yb8+fhlu0G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/Pp/AAAA///RQMtW")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x1, &(0x7f0000000280)="394c11960344487a54ec1fb2791c0e33688ffdda3ebff2392039ff3057bbe8ba5bd90d814ad7db39c3d2bcb22c120c64ecd4ed29369febcd3b609a66d493aa889b1feb0f73130101b750e0b7261ef82e5fbc43b79ffe23d10f420646ef4900181c9e7282e73f5337f7bd358f5eb4e9c24fdf7501a7643232a6d83eea44cbdcf861dd19b4cfebc4dc2bbe")

4m15.57688099s ago: executing program 1 (id=1614):
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000100)=0xc)

4m15.405021444s ago: executing program 1 (id=1615):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000420033"], 0x14}, 0x1, 0x0, 0x0, 0x4015}, 0x24040004)
recvmmsg(r0, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000280)=""/193, 0xc1}, {&(0x7f0000000000)=""/194, 0xc2}, {&(0x7f00000005c0)=""/4101, 0x1005}, {&(0x7f00000001c0)=""/92, 0x5c}], 0x4}, 0x1}], 0x4f, 0x2, 0x0)

4m15.358107812s ago: executing program 33 (id=1615):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000420033"], 0x14}, 0x1, 0x0, 0x0, 0x4015}, 0x24040004)
recvmmsg(r0, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000280)=""/193, 0xc1}, {&(0x7f0000000000)=""/194, 0xc2}, {&(0x7f00000005c0)=""/4101, 0x1005}, {&(0x7f00000001c0)=""/92, 0x5c}], 0x4}, 0x1}], 0x4f, 0x2, 0x0)

2m22.051659478s ago: executing program 0 (id=3467):
rt_sigtimedwait(&(0x7f0000000000), 0x0, &(0x7f00000000c0), 0x8)

2m21.974951826s ago: executing program 0 (id=3468):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffa]}, 0x8)
mount$9p_fd(0x0, &(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000180), 0x41, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

2m21.901384034s ago: executing program 0 (id=3469):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001240)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000200)={0x34, r0, 0x1, 0x71bd25, 0x3, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc0}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xe2}]}]}]}, 0x34}}, 0x4)

2m19.545034319s ago: executing program 0 (id=3474):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000000c0)={[{@grpjquota, 0x4a}, {@debug}, {@jqfmt_vfsold}, {@noquota}, {@bsdgroups}, {@usrjquota, 0x22}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3DtvHEUcAPD/rh+JSYxNeOYBMQSExcOOnWdBAwIpDRIIhEJpbCcKcRIUGymJLGwQCiXKJwBKJD4BFTQIqEC0IFqEFCE3CRRo0d7tOWff+fyIz0dyv5909uzu7M7Mzoy9M6O9ANrWQP4jidgZEb9GRF95c2mEgfKvmwuz438vzI4nkWVv/JWU4t1YmB2vRK2ct6PYGEwj0o+T2Fsn3enLV86OTU1NXiy2h2fOvTc8ffnK82fOjZ2ePD15fvT48cOHeo4dHT2yKeXszfO654ML+3afePvaq+Mnr73zw1d5frPi+PaaM/rXmUJHzZ6BGFh6L6s8tc6r/9/1VoWTzhZmhHXJW21eXV2l/t8XHXGr8vrilY9amjmgqbIsy7bV7F38XzafVUuS8gnAXSLRpaFNVf7R31jIR6qz49Xj+XZw/cUojYDyct8sPuUjnZHmY/j+8tioWR6IiJPz/3yWf2LZfAoAQDN8kz//PFd+7qh8ykfSeKgq3r3F2lB/RNwXEbsi4v7i+eXBiFLchyPikSVXn1s1/YFl27XPPz/3bLhwa5A//71QrG0tff5LK1H6O4qt3lL5u5JTZ6YmDxb3ZDC6tuXbI7WXXpxW+/blXz5dKf2Bque//JOnX3kWLPLxZ+eyCbqJsZmx2y13xfUPS1N6c7XlTxZXAvKRwe6I2LOB6+f37MwzX+6re7ByixuWv4FNWGfKvoh4ulz/87Gs/LnuIlR/fXLk2NHRI8PbY2ry4HClVdT68aerrxXBmqHE6vXfXHn937PY/su/y0cWVy77k+r12un1p3H1t09WHNNstP13J2+Wwt3FvktjMzMXRyK6k/na/aO3zr001rMkfl7+wQP1+/+uiH8/L87bGxF5I340Ih6LiP1F3h+PiCci4kCD8n//0pPv1qv7tZW/ufLyT9T9+7dS/a8/0HH2u69XSn9t9X+4FBos9kyMzdQu1y+z1gzezr0DAACAO8X+iNgZSTpUTMftjDQdGorYsTiDMj3z7KkL75+fKL8j0B9daWWmq69qPnSkmBvOt/OzRqu28+OHSvPGWZZlPaXtofELU72tLTq0vR0r9P/cH7WvtAB3m3Wto630RhtwR9r4Onq2qfkAtp73taF96f/Qvtbc/5v5JhzQEvX6/1zEzRZkBdhi9fr/Wy3IB7D1jP+hfen/0L5q+3/aknwAW+p23utvFNh1okGcpLM5ia4cSKPxtwD0R6zvgr+nEZuTw45NLWnPGup0e2xGWpGuGqezwRcxvF57w/PoW9Qk0q1tfo0D2yJilda72NjmKoErzc5Yq/8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbI7/AgAA//+7BdPO")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x101)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)

2m19.535778005s ago: executing program 0 (id=3477):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000004f80)=@delchain={0x3d0, 0x65, 0x2, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0x6}}, [@filter_kind_options=@f_bpf={{0x8}, {0x39c, 0x2, [@TCA_BPF_CLASSID={0x8, 0x3, {0x2, 0xe}}, @TCA_BPF_ACT={0x34c, 0x1, [@m_ife={0x68, 0x1e, 0x0, 0x0, {{0x8}, {0x40, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @broadcast}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_TYPE={0x6, 0x5, 0x40}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x2, 0x62c8540, 0x2, 0xfffffff6, 0x1}, 0x1}}, @TCA_IFE_METALST={0x4}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_csum={0xb0, 0x8, 0x0, 0x0, {{0x9}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xd1, 0x2, 0x10000000, 0x8, 0x5}, 0x42}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x5d6, 0x2, 0xa, 0x8, 0xfffff801}, 0x3c}}]}, {0x49, 0x6, "137af140d6d8a8be802548ae1d5e86f79bca6fd0dd1ee4c76a10ec0495b71c76d133ecd8abb23769993b639e438984be1f22013e1a66f23167de5d5f72446dfa3280cd236e"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x54, 0x10, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_TYPE={0x6, 0x5, 0x58}, @TCA_IFE_SMAC={0xa, 0x4, @random="bba47ef16730"}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_SMAC={0xa, 0x4, @remote}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_bpf={0xec, 0x19, 0x0, 0x0, {{0x8}, {0x10, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0xb5, 0x6, "af96d12c094db401c9d766b8a05b3ec5e7209e9d22e2f80838ba8028d034a85c7504210ffe31b5e82d6240168b9ab80d05bf711666588ae112db9524ac349830ea3fe73f536588a8f1a8f3e20ff7ba0f45c0b28c9def6583cf38607dd43c82376faccfb76f022c246bf04758e6fd9159cb46792db37b16b7ce68cd0eecc71338da1cc1854db17e1333529478d5ef74f029dd4a0c164605a528e01ce049372950524d8f00374d49385cdeabea3ec672f94f"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_tunnel_key={0x84, 0x3, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x138b}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @loopback}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e24}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @rand_addr=0x64010102}]}, {0x25, 0x6, "3729e2df5b09bf0d8bb058ee22ceeac8374adc6abfbaf5dcf7606d27fab707e586"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_skbedit={0x6c, 0xa, 0x0, 0x0, {{0xc}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x1}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x10, 0x10}}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x9, 0x10}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xfffffff4}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6}]}, {0x15, 0x6, "1984779184d7118487b01be809ef3b1c53"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0xa, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x7fffffff}]}, 0x3d0}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

2m19.265587766s ago: executing program 0 (id=3485):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000001b00)=@newtaction={0x14, 0x76, 0x1, 0x0, 0x0, {0x0, 0x0, 0x300}}, 0x14}}, 0x0)

2m19.161403492s ago: executing program 34 (id=3485):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000001b00)=@newtaction={0x14, 0x76, 0x1, 0x0, 0x0, {0x0, 0x0, 0x300}}, 0x14}}, 0x0)

1m37.458135491s ago: executing program 4 (id=4205):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00004bd000/0x3000)=nil, 0x3000}})

1m37.291484827s ago: executing program 4 (id=4208):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000500)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f00000005c0)=[{0x18, 0x29, 0x4, ','}], 0x18}}], 0x1, 0x20000844)

1m37.291254627s ago: executing program 4 (id=4209):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000240)={{0x2, 0x0, @empty}, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, 0x2, {0x2, 0x4e24, @multicast1=0xe000cc02}})

1m37.23078474s ago: executing program 4 (id=4210):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f0000000400)={[{@quota}, {@bsdgroups}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x7}}], [{@fowner_lt={'fowner<', 0xee00}}, {@smackfsdef}]}, 0x2, 0x46f, &(0x7f0000000a00)="$eJzs3MtvVNUfAPDvvdPC78erFfEBolaJsfHR0oLKwo1GExcYTXSBuqptIYRCDa2JECLVGNyYGBJdq0sT/wJ3boy6MjFxpXtDQpQN6Krm3rkXZoaZPugwUzufT3LhnDln5pwz5557z71nbgPoWUPZP0nEtoj4LSIGqtH6DEPV/65dOTf595Vzk0ksLr72Z5Lnu3rl3GSZtXzf1iIynEakHyVFIfXmzpw9MTEzM326iI/On3xndO7M2SePn5w4Nn1s+tT4oUMHD4w98/T4U21pZ9auq3ven927+6U3Lr48eeTi2z9+k9V3W5Fe245bsunml4ayhv+1mGtMeyT+v6bi1pvtNeGkr4sVYVUqEZF1V38+/geiEjc6byBe/LCrlQNuq+zctLl18sIisIEl0e0aAN1Rnuiz699y69DUY124/Fz1Aihr97Viq6b0RVrk6W+4vi0stKP8oYg4svDPF9kW7bgPAQCwjE8mPz8cTzSb/6Vxd02+HcUaymBE3BEROyPizojYFRF3ReR574mIe1dZfuPS0M3zn/TSLTVshbL537PF2lb9/K+c/cVgpYhtz9vfnxw9PjO9v/hOhqN/cxYfW6KM71745dNWabXzv2zLyi/ngkU9LvU13KCbmpifyCelbXD5g4g9fc3an1xfCUgiYndE7FndR+8oA8cf+3pvq0zLt38JbVhnWvwq4tFq/y9EQ/tLydLrk6P/i5np/aPlXnGzn36+8Gqr8tfU/jbI+n9L/f5fpHx5pggMvlW7XjsXq165vPD7xy2vaW51/9+UvJ4fj8pl1/cm5udPj0VsSg7n8brXx2+8t4yX+bP2D+9rPv53Fu/J+v++iMh24vsj4oGIeLCo+0MR8XBE7Fui/T883zptPfT/VNPj3/X9fzCp6//VByonvv+2Vfkr6/+DeWi4eCU//i1jpRVcy3cHAAAA/xVp/hv4JB25Hk7TkZHqb/h3xZZ0ZnZu/vGjs++emqr+Vn4w+tPyTtdAzf3QsaRcDq/Gx4t7xWX6geK+8WeVyOMjk7MzU11uO/S6rS3Gf+aPSrdrB9x2zdbRxps80AZsPI3jP62Pnn+lk5UBOsrz2tC7lhn/aafqAXSe8z/0rmbj/3xD3FoAbEzO/9C7jH/oXcY/9K6G8V+JX7tVE6CD1vJcv0AvByLtUFmVWPPnrPzvQdzuwJvroxorCHT7yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAe/wYAAP//JgPv9g==")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
link(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./bus\x00')

1m37.160293152s ago: executing program 4 (id=4212):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001000010400000000", @ANYRES32=0x0, @ANYBLOB="0000000001"], 0x20}}, 0x4000040)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="0e030e00c4e8120006001e0089", 0xd, 0x28000000, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000080)={&(0x7f00000000c0)=""/112, 0x70})

1m36.545256071s ago: executing program 4 (id=4228):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x64, 0x2, 0x6, 0x1, 0x0, 0x0, {0x2}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffaf}}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0)

1m36.429743848s ago: executing program 35 (id=4228):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x64, 0x2, 0x6, 0x1, 0x0, 0x0, {0x2}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffaf}}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0)

14.330196123s ago: executing program 6 (id=5646):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000028000000bca30000000000003403000040feffff720af1ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000e61144400000000001d430000000000007a0a00fe0000001f61141c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b6"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)

14.281327402s ago: executing program 6 (id=5649):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})

14.207311989s ago: executing program 6 (id=5651):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, &(0x7f0000000180)={0x20, 0x6, 0x6, "4751b4426b96"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000bc0)={0x84, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

12.524949301s ago: executing program 6 (id=5692):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0/../file0\x00', 0x202200, 0x0)
r2 = open_tree(r1, &(0x7f00000001c0)='./file0/file0\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

12.457889041s ago: executing program 6 (id=5694):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendfile(r2, r1, 0x0, 0x17)

12.179521514s ago: executing program 6 (id=5704):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x0, 0x100f, 0x9, 0x3, 0x9, 0x5}})

12.090460214s ago: executing program 36 (id=5704):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x0, 0x100f, 0x9, 0x3, 0x9, 0x5}})

2.84843921s ago: executing program 7 (id=5857):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000640)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r1 = accept4$alg(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f00000048c0)=[{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002980)="f34e7d68731d45bea01b73b1e724074c0b301730c4a37217f48c98ef5db4d0aa33ca74058c4e2bb489d6389aa59880157324161caa6e4acd9184338d4b89af26e346bef6e48cd2eb40243224c2a45bc9e8b9a3e587604f976c6ffc1f17b615fc882055f3dacf254d641b12bb1d119e603022d2e87a3c96e33d63f3ef58271c6ce51317c5923d92a0f3191d5709627055cb151327ac8129bfdeaa96eb1007db56f0960798a4d56867b03e68a486383329a7f1a5927cd7d04b72038116a21195d58300d7a01eb19c25884076129a76ebb091e58e1b1c0729c5515d4691939b278557017811476f61", 0xe7}, {&(0x7f0000002a80)="aa8aa1a0cc7884808e7f05b66f1e344f36702d5b1b03a91be5c39837df5e06e5bcdab0d6875097b84a8775a46750", 0x2e}, {&(0x7f0000002b00)="88b67c19788d992be3f312755c84e1c28ed845607466a36cd313e988f7dd4c8a6415ed9bfb025918cad8d549f48cde8c83ab04532416c0", 0x37}, {&(0x7f0000000340)="f48f0e8ae8c17438fb05a9cb8d63af2c7ca5442a", 0x14}], 0x4, 0x0, 0x0, 0x20040001}], 0x1, 0x10)

2.848168118s ago: executing program 7 (id=5858):
r0 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r0, &(0x7f0000003e40)=[{&(0x7f0000002b40)=""/25, 0x19}], 0x1)

2.762736158s ago: executing program 7 (id=5860):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="0a000000090000000800000002"], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x3, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0x26}]}, &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r0}, 0x20)
recvmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000800)=""/140, 0x8c}], 0x1}, 0x100f2)

1.901536405s ago: executing program 7 (id=5869):
syz_mount_image$jfs(&(0x7f0000000200), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="646973636172642c71756f74612c6572726f72733d72656d6f756e742d726f2c696f636861727365743d6d61637475726b6973682c6572726f72733d72656d6f756e742d726f2c71756f74612c696f636861727365743d6d616363726f617469616e006e6f646973636172642c75737271756f74b23194d8726f72733d72656d6f756e742d726f2c726573697a653d3078666666666666666666666666666666652c6572726f726e75652c726573697a652c646973636172642c61707072616973652c7375626a5f757365723d21952c7375626a5f726f6c653d726573697a652c0000000000000000d398e30e7cdc23a1553be48fabf3f19f3ca197da8932a8e170520258e19420036141172352466ff223e87948b103"], 0x1, 0x62cd, &(0x7f00000042c0)="$eJzs3c1vHGcdB/DfvvqltDU9VKVCyE3KSylN4qSEQIC2Bzhw6QHlihK5bhWRAkoCSiuLOPKFAyf+AhASR4Q4Ig78AT1w5QYXTkSykUA9MWjt54nHm93Yru2dtZ/PR3JmfvPMrp/xd2dfMjP7BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ3/vu95daEXH9Z2nBQsSnohPRjpgb1IsRMbe4kNfvRsQLsdUczz+I6M1EDG6/9c+zEa9HxEfPRGxsri4PFl/cZz++84e//fYHT73919/3zv/3j3fHr3fv3i//86f7h9liAAAAKE9VVVUrfcx/MX2+bzfdKQBgIvLrf5Xk5ae+/tU/3/7zNPVHrVar1eoJ1HXVaPfrRUSs1W8zeM/gcDwAnDBr8XHTXaBB8i9aNyKearoTwFRrNd0BjsXG5upyK+Xbqr8eLG6353NBduW/1np0fce46V6GzzGZ1ONrPTrx3Jj+zE2oD9Mk598ezv/6dns/rXfc+U/KuPz725c+FSfn3xnOf8jpyb89Mv9S5fy7B8q/I38AAAAAAJhi+f//Fxo+/jtz+E3Zlycd/12cUB8AAAAAAAAA4Kgdavy/+h0d6fh/navj1jP+HwAAABzc4LP6wK+f2Vk27rvYBsuvtSKeHlofKEy6WGa+6X4AAAAAAAAAAAAAQEm62+fwXmtF9CLi6fn5qqoGP3XD9UEd9vYnXenbDyVr+kkeAAC2ffTM0LX8rYjZiLiWvuuvNz8/X1Wzc/PVfDU3k9/P9mdmq7na59o8HSyb6e/jDXG3Xw3ubLZ2u7q9Pi/v1T58f4Pf1a86++jYEemlv+aY5obCBoBk+9VowyvSKVNVz4578wG72P9PoYVYaPpxxfRr+mEKAAAAHL+qqqpW+jrvF9Mx/3bTnQIAJiK//g8fFzhU3R7THnE0969Wq9VqtfoT1XXVaPfrRUSs1W8zeM9gOH4AOGHW4uOmu0CD5F+0bkS80HQngKnWaroDHIuNzdXlVsq3VX89SOO753NBduW/1tq6Xb79qOlehs8xmdTjaz068dyY/jw/oT5Mk5x/ezj/69vt/bTecec/KePy729dMleenH9nOP8hpyf/9sj8S5Xz7x4o/478AQAAAABgiuX//18o+vivKxgAAAAAAAAAONk2NleX83Wv+fj/Z0es5/rP0ynn3zpo/nNpXv4nWs6/PZT/l4bW69TmH761s///e3N1+Xd3//WZPN1v/jN5ppUeWa30iGil39Tqpulhtu5x671Of/Cbeq12p5tOc6p678bNuBUrcWHXuu3099hpX9rVPuhpb1f7xV3t3cfaL+1q76XvHajmcvu5WI4fx614Z6t90Dazx/bP7tFe7dGe8+94/i9Szr9b+xnkP5/aW0PTgYcP2o/t9/XpqN/z5s3P/eLC8W/Ontaj82jb6gbbd6aB/mz9TZ7qx0/vrNw+d+/G3bu3lyJNdi29GGlyxHL+va2fmZ3n/7Pb7fl5v76/PnzQP3D+02I9umPzP1ubH2zvKxPuWxNy/v30k/N/J7WP3v9Pav5Xz/7j0+P3/1cb6BEAAAAAAAAAAAAAAAA8SVVVW5eIvhkRl9P1P01dmwkATFZ+/a+SvFytLrqOhenqTzF1Z8r6o1afvrquGu2NehERf6nfph0RPx91ZwDANPtfRPy96U7QGPkXLH/f32D6ctOdASbqzgcf/vDGrVsrt+803RMAAAAAAAAA4JPK438u1sZ/fjkiFobW2zX+61uxeNjxP7t55tEAo0c80PcY6+1+p10bbvyl2Bqf+9y48b/PxOPjf+cxcTv17Rijt0d7f4/2mT3aZ0cu3Ulr5IUeNTn/l2rjnQ/yf3Fo+PXTMf7rk8d/Hh7zvgQ5/zO1x/Mg/y8OrVfPv/rN1OW/tt8V16O9K//zd9//yfk7H3z42s33b7y38t7Kjy4tLV24dPnylStXzr9789bKhe1/j6fXUyDnn8e+dh5oWXL+OXP5lyXn//lUy78sOf8vpFr+Zcn55/d78i9Lzj9/9pF/WXL+r6Ra/mXJ+X851fIvy8bm6swg/1dTLf+y5P3/K6mWf1ly/q+lWv5lyfmfS7X8y5LzP5/qfeTv6+FPkZx/PsJl/y9Lzn8p1fIvS87/YqrlX5ac/6VUy78sOf/XUy3/suT8v5pq+Zcl53851fIvS87/a6mWf1ly/ldSLf+y5Py/nmr5lyXn/41Uy78sOf+rqZZ/WXL+30y1/MuS8/9WquVflpz/t1Mt/7Lk/N9ItfzLsvP9/2bMmDGTZ5p+ZgIAAAAAAAAAAAAAhk3idOKmtxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgp79xoj11neAfzM3rx2EmIgBCc1sHGMMc4mu77EF1oXE64NUAokNPSC7XrXZsE3vHYJFMmmgRIJo6KKivRDW0CojVRVWBUfaEVpPlS9fCrtB/qloq2E1KgKKKAitRXNVnPO+747Mzs7M+sdr2fP+f0k+9mZOWfOO2feOTvP7v7nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS6542zn6llWVb/l/+3OcturX+9cWJzft3rbvYIAQAAgNX6v/z/529PVxzpYaWGZf72lf/w9YWFhYXsseHfHf3CwkK6YSLLRjdkWX5bdO3f319rXCZ4IhuvDTVcHuqy+eEut490uX20y+1jXW7f0OX28S63L9kBS2wsfh6T39n2/MvNxS7N7shG89u2t1nridqGoaH4s5xcLV9nYfRkNpedzmaz6abli2Vr+fLfvKe+rbdlcVtDDdvaWp8hP/zEiTiGWtjH25u2tXif0fffkE386IefOPFHF5+7q13tuhua7q8Y585t9XF+KlxTjLWWbUj7JI5zqGGcW9s8J8NN46zl69W/bh3n8z2Oc3hxmGuq9Tkfz4byr7+d76eRxh/rpf20NVz33/dmWXZlcdityyzZVjaUbWq6Zmjx+RkvZmT9PupT6SXZyIrm6T09zNN6ndnePE9bXxPx+b8nrDeyzBgan6bvf3JsyfO+0nka1R/1cq+V1jnY79fKoMzBOC++nT/oJ9vOwe3h8X9ix/JzsO3caTMH0+NumIPbus3BobHhfMzpSajl6yzOwd1Nyw/nW6rl9dkdnefg1MUz56fmP/bx++fOHD81e2r27N7du6f37t9/8ODBqZNzp2eni/+vc28Pvk3ZUHoNbAv7Lr4GXtOybONUXfhy/16H4x1eh5tblu3363Ck9cHV1uYFuXROF6+NR+o7ffzqULbMayx/fnat/nWYHnfD63Ck4XXY9ntKm9fhSHoHtvzrsH6/53f19p5lpOFfuzHcqO8FmxvmYOv7kdY52O/3I4MyB8fDvPiXXct/L9gaxvvk5ErfjwwvmYPp4YZjT/2a9H5//GBe2s3Lu+s33DKWXZqfvfDA48cvXrywOwtlTby0Ya60ztdNDY8pWzJfh1Y8X4/MvfLJu9tcvznsq/H76/+NL/tc1ZfZ90Dn5yr/7tZ+fzZduycLpc/Wen+2+25e35+pl+ywP+vLfGpq9e/FU1/acPwdXeb4G/v+F4rtpbt6Ynh0pHj9Dqe9M9r0vqj5qRrJj121fNvPT/V2PB4N/9b6eHxHh+PxlpZl+308Hm19cPF4XOv2047VaX0+x8M8OT3d+XhcX2bLnpXOyZGOx+N7Q62F/f/a0Cmkvqhh7iw3b9O2RkZGw+MaiVtonqd7m5YfDb1ZfVtP77m+ebrz3uK+htOjW7RW83SiZdl+z9N0vFpunta6/fTt+rQ+n+NhXtyxt/M8rS/zzL7VHzs3xi8bjp1j3ebg6PBYfcyjaRIWx/uFjXEOPpCdyM5lp7OZ/NaxfD7V8m1NPtjbHBwL/9b6WLmlwxzc2bJsv+dg+j623NyrjSx98H3Q+nyOh3nx1IOd52B9mTcd6O97153hmrRMw3vX1p+vLfczr7tbdtON/JlXfZx/faDzz2bry5w+uNI+s/N+ui9cc0ub/dT6+l3uNTWTrc1+2hLG+dzB5fdTfTz1Zb5wqMf5dCTLsssfeSj/eW/4/cqfXfrO15t+79LudzqXP/LQD247+TcrGT8A698LRdlUfK9r+M1UL7//BwAAANaF2PcPhZro/wEAAKA0Yt8f/yo80f8DAABAacS+fyTUpCL9/5Y3PTf3wuUsJfMXgnh72g0PF8vFjOt0uDyxsKh+/UNfnf3xX1zubdtDWZb95OHfaLv8lofjuAoTYZzX3tx8/dIVL/e0/WOPLi7XmF//Urj/+Hh6nQbtIrjTWZZ98/bP5duZeP/VvD7z8LG8vufKk0/Ul3n+UHE5rv/sS4vlfz+Ef4+cPN60/rNhP3wv1Om3t98fcb2vXX3t1gPvW9xeXK+27UX5w37qA8X9xs/J+fwTxfJxPy83/r/87NNfqy//+Kvbj//yUPvxPx3u96uh/s8riuUbn4P65bjep8P44/bieg985Vttx3/tM8Xy599SLHcs1Lj9neHy9rc8N9e4vx6vHW96XNlbi+Xi9qe/89v57fH+4v23jn/86NWm/dE6P575p+J+plqWj9fH7UR/3rL9+v00zs+4/ad/61jTfu62/WvvefYV9ftt3f59LcsNt6zf+olNf/Dpz7XdXhzPkT893/R4jrw7vI7D9p/6QJiP4fb/vfa5pu1Gx97dfPyJy39p8+WmxxO97UfF9q+9/lRe/2Pix793y623vejKq+r7Lsu+/d7i/rpt/9Qfnmsa/5fv3JU/H/H2mNFv3f5y4vYvfHTy7Ln5S3MzDXs1/+ycdxTj2TC+cVN9vLeHY2vr5aPnLn5w9sLE9MR0lk2U9yP0rttXQv1BUa6sdP1dj4bn8+4vfnPTjn/8bLz+nx8prr/69uL71mvCcp8P128unr+F2iq3/9Q9d+av79ozxeWmHHsfbN3+nwd7WjA8/tb3BXG+n3/ZB/P9UL8t/74RX9erHP93Z4r7+UbYrwvhk5m33bm4vcbl42cjXH1v8Xpf9f4Lh7n4vP5xeL7f+b3i/uO44uP9bngf860tzce7OD++cXmo9f7zT/G4Eo4n2ZXi9rhU3N9Xn7+z7fDi55BkV+7KL/9Oup+7VvQwlzP/sfmp03NnLz0+dXF2/uLU/Mc+fvTMuUtnLx7NP8vz6Ie6rb94fNqUH59mZvfvy6Y3Zll2LptegwPWjRl//avexn/+0RMzB6Z3zMyePH7p5MVHz89eOHVifv7E7Mz8juMnT85+tNv6czOHd+85tPfAnslTczOHDx46tPfQ5NzZc/VhFIPqYv/0hyfPXjiarzJ/eN+h3Q8+uG968sy5mdnDB6anJy91Wz//3jRZX/vXJy/Mnj5+ce7M7OT83MdnD+8+tH//nq6fBnjm/Mn5iakLl85OXZqfvTBVPJaJi/nV9e993dannOb/tXg/26pWfBBf9q779qfPZ6376ieXvatikZYPEH0ufBbN37/4/MFeLse+fzTUpCL9PwAAAFRB7PvHQk30/wAAAFAase/fEGqi/wcAAIDSiH3/eKhJRfp/+X/5/97y/8Xt8v/Vyv+f/0iRK13v+f+Yn5f/r4abnP9f9fbl/+X/y5f/7z0/v97HL/8v/89Sg5b/j33/xiyrZP8PAAAAVRD7/k2hJvp/AAAAKI3Y998SaqL/BwAAgNKIff+toSYV6f/l/3vK/+/pFrgqf/7f+f/l/7P1mf+PT478f2WsOH//vkeaLsr/B/L/8v/y//L/8v+s2uiyt9ys/H/s+28LNalI/w8AAABVEPv+F4Wa6P8BAACgNGLff3uoif4fAAAASiP2/ZtDTSrS/8v/O/+//L/8f6nz/6s9/3/DYOT/1wfn/+9M/r+L687/j8v/r8f8/2h/x7+W+f+F1m+WXfP/XYcv/88NMWjn/499/4tDTSrS/wMAAEAVxL7/JaEm+n8AAAAojdj3vzTURP8PAAAApRH7/jtCTSrS/8v/y/8PVv7/i/fX97z8f0H+v3Aj8v/jfTn/f/GV/P9gkf/vTP6/C+f/r1b+v8/jr9b5/0ff3Lq+/D/tDFr+P/b9Lws1qUj/DwAAAFUQ+/47Q030/wAAAFAase9/eaiJ/h8AAABKI/b9W0JNKtL/y//L/68g/z/m/P/y/43Wc/6/5/P/d8z/F+T/B4v8f2fy/13I/8v/y//3lv9v8+ZX/p92Bi3/H/v+u0JNKtL/AwAAQBXEvv/uUBP9PwAAAJRG7Pt/KtRE/w8AAAClEfv+raEmFen/5f/l/wfr/P/y/zc6/3/fmPy//H+5yf93Jv/fhfy//L/8/7mZ+iTsev7/pVaS/9/Q7c4ojUHL/8e+/xWhJhXp/wEAAKAKYt//ylAT/T8AAACURuz7XxVqov8HAACA0oh9/0SoSUX6f/n/cuX//+SvnnpVJv8v/99l+yXN/8dpIP9fcfL/ncn/dyH/L/8v/9/b+f/bcP5/2hm0/H/s++8JNalI/w8AAABVEPv+baEm+n8AAAAojdj33xtqov8HAACA0oh9//ZQk4r0//L/5cr/R/L/8v+dtl/S/H8i/19t8v9tNLxI5f+7kP+X/698/j+++5X/pz8GLf8f+/5Xh5pUpP8HAACAKoh9/45QE/0/AAAAlEbs+18TaqL/BwAAgNKIff/OUJOK9P/y//L/8v/y//L/7bcv/78+yf93ttL8/5j8v/y//H/F8v/O/09/3fz8f/HOLV6Off9rQ00q0v8DAABAFcS+f1eoif4fAAAASiP+/Wbxd6/6fwAAACij2PdPhppUpP+X/5f/r1L+vyb/L/8v/1968v+dOf9/F/L/8v9txz8ej9Qdyf/L/7PUzc//N1+Off/9oSYV6f8BAACgCmLf/0Coif4fAAAASiP2/VOhJvp/AAAAKI3Y90+HmuT9/+hNGtXaGcT8/5D8v/y/8//n5P8L8v/y/ysh/9+Z/H8X8v/y/2U7/3+Wyf9zUw1a/j/2/btDTfz+HwAAAEoj9v17Qk30/wAAAFAase/fG2qi/wcAAIDSiH3/vlCTivT/g5j/z+T/5f/l/3Py/wX5f/n/lZD/70z+vwv5f/n/suX/nf+fm2zQ8v+x738w1KQi/T8AAABUQez794ea6P8BAACgNGLffyDUJPT/7f6uGwAAAFhfYt9/MNSkIr//l/8foPx/bRX5/9/8u6Ztlz3/P5TJ/2c3Pf+/Uf4/VPn/wbKYv8/na1ny/60vi+sm/9+F/L/8v/z/SvL/o40X5P9pZ9Dy/7HvPxRqUpH+HwAAAKog9v2vCzXR/wMAAEBpxL7/p0NN9P8AAABQGrHv/5lQk4r0//L/A5T/d/7/nPP/L6432Pl/5/+X/x9Mzv/fWany/0Py//L/gzX+Cub/m8j/086Nz//Hr3rL/8e+/3CoSUX6fwAAAKiC2Pf/bKiJ/h8AAABKI/b9rw810f8DAABAacS+/0ioSUX6f/l/+X/5f/n/G5P/f33WahDz//XJI/9fLvL/nZUq/+/8//L/AzZ++X/5f5YatPP/x77/DaEmFen/AQAAoApi3/9QqIn+HwAAAEoj9v1vDDXR/wMAAEBpxL7/TaEmFen/5f/l/+X/5f+d/7/99uX/16d+5v9rDbNb/r8g/y//34n8v/y//D+tBi3/H/v+N4eaVKT/BwAAgCqIff9bQk30/wAAAFAase9/a6iJ/h8AAABKI/b9bws1qUj/L/8v/y//L/8v/99++73m/7N/k/8fJBU+//9oLwvJ/3ch/y//L/8v/09fDVr+P/b9PxdqUpH+HwAAAKog9v0Ph5ro/wEAAKA0Yt//9lCT5v6/1u7vuwEAAID1Ifb97wg16eX3/4/dqFGtHfl/+f+q5f+H5f/l/53/v9QqnP/vifx/F/L/8v/y//L/9NWg5f9j3//OUBN//w8AAAClEfv+nw810f8DAABAacS+/12hJvp/AAAAGFwr/KC+2Pf/QqhJRfp/+X/5/8HK/y9cblzP+f/l/7N+5f/rK8n/V4L8f2fy/120yf9vkP+X/5f/l//nug1a/j/2/e8ONalI/w8AAABVEPv+94Sa6P8BAACgNGLf/95QE/0/AAAAlEbs+x8JNalI/y//X8n8f3rIg5f/v/Hn/5f/r2j+3/n/K0P+vzP5/y6c/79P+flb5f/l/+X/yQ1a/j/2/Y+GmlSk/wcAAIAqiH3/+0JN9P8AAABQGrHv/8VQE/0/AAAAlEbs+x/L8+/V6//l/yuZ/x/g8/+XLf8/0jQ/qpT/H294PtO8lP+X/18D8v+drZf8/2b5/7bDWz/5/zU+///4YIz/huf/w2zeuMz68v8MokHL/z+WrzWevT/UpCL9PwAAAFRB7Pt/KdRE/w8AAAClETv+X266pP8HAACAMol9/6+EmlSk/5f/l/+X/3f+f+f/b799+f/1Sf6/s/WS/3f+f/n/9Th+5/+X/2epQcv/x77/V0NNlm38fvBfPTxMAAAAYIDEvv8DoSYV+f0/AAAAVEHs+4+Gmuj/AQAAoDRi338s1KQi/b/8f2v+P55RVf5f/l/+X/5f/n896l/+/+W3ZZn8v/y//L/8v/y//D+rMWj5/9j3Hw81qUj/DwAAAFUQ+/5fCzXR/wMAAEBpxL7/RKiJ/h8AAABKI/b9M6EmFen/b2L+f3Qw8//O/3+9+f+fyP/nefr6zJH/l/9vR/5/bTj/f2fy/12Ew9xPRrNM/l/+X/5f/p/VG7T8f+z7Z0NNKtL/AwAAQImlHwfHvv9kqIn+HwAAAEoj9v2nQk30/wAAAFAase//YKhJRfp/5/+X/3f+/5tx/v+RpuXl/wvy//L//SD/35n8fxfO/y//L/8v/09fDVr+P/b9c6EmFen/AQAAoApi3/+hUBP9PwAAAJRG7Ps/HGqi/wcA4P/Zu48ny86zjuNnhkm9gg0bVqxZaQkLSvwJbNlRxRYRRQ4zImcQOQchcs4ZhHPOOcrZcrblKLtqXNP9PE9P9719TvfM6b7nvO/ns3nQ1Ii+Y7WEf4y/fgFoRu7+b45bOtn/+n/9f+/9/6VhuHXx/f/Rn6//P6D/P0X/f1X/P0X/P07/P0H/r//X/+v/mdXS+v/c/Q/FLZ3sfwAAAOhB7v5viVvsfwAAAGhG7v5vjVvsfwAAAGhG7v5vi1s62f/6f/3/tv7/ckf9/7CT9/+P/nz9/wH9v/f/57DR31/Z/vNOisJP7P8f+OqHv1H/r/+fp/+/Xn+s/5/Vrj+//l//z6al9f+5+789bulk/wMAAEAPcvd/R9xi/wMAAEAzcvd/Z9xi/wMAAEAzcvc/HLd0sv/76P8348/9/v/G4edI+v/+3v8f9P9H+/8n9P/6/3Xz/v84/f8E7//r//X/+n9mtbT+P3f/d8Utnex/AAAA6EHu/u+OW+x/AAAAaEbu/u+JW+x/AAAAaEbu/u+NWzrZ/330/5u8/99w/3+51f7/mvf/j/169P/6/230/+P0/xP0//ffz3+t/l//r//n0NL6/9z93xe3dLL/AQAAoAe5+78/brH/AQAAoBm5+38gbrH/AQAAoBm5+38wbulk/+v/9f+76v/z7zbv/y/s/X/9v/5/5R4bDv+ZoP/fpP+fMNH/D4P+f8yp+/ntv7z1fP4T6P/1/2xaWv+fu/+H4pavG4Zr9/qLBAAAABYld/8Pxy2d/P4/AAAA9CB3/824xf4HAACAZuTuvxW3dLL/9f/6/+be/9f/6//1/13z/v+4++//v+rLHvqmdfb/p+o6vf+/035+7Z9//v7/zneG/p91W1r/n7v/kbilk/0PAAAAPcjd/yNxi/0PAAAAzcjd/6Nxi/0PAAAAzcjd/2NxSyf7X//fWv//JUf+vLv6//3aRf8/1v8/oP8/9vP0//r/NdL/j/P+/4T9f8zt1R/q//X/nb//f+eH7+r/x/9bNPT/bLO0/j93/4/HLZ3sfwAAAOhB7v6fiFvsfwAAAGhG7v6fjFvsfwAAAGhG7v6fils62f8X0/9vD/L1/97/X1b/7/1//b/+vwX99v97p/pZ+v8Jrbz/f4//rRG77ufv164/f4P9v/f/uW9L6/9z9/903NLJ/gcAAIAe5O7/mbjF/gcAAIBm5O7/2bjF/gcAAIBm5O7/ubilk/3v/X/9/zr6//wK+n/9//n3/0n/v07z9/8H3yHL7/9PR/8/oZX+/x7tup9f++fX/+v/2bS0/j93/8/HLZ3sfwAAAOhB7v5fiFvsfwAAAGhG7v5fjFvsfwAAAGhG7v5fils62f/6f/3/Ovp/7//r/73/r/8/nX7f/z8d/f8E/b/+X/+v/2dWS+v/c/c/Grd0sv8BAACgB7n7fzlusf8BAACgGbn7fyVusf8BAACgGbn7fzVu6WT/6//1//p//b/+f/vX1/+vk/5/nP5/gv5f/6//1/8zqwX1/3f9WTeGX4tbOtn/AAAA0IPc/b8et9j/AAAA0Izc/b8Rt9j/AAAA0Izc/b8Zt3Sy//X/i+n/93O+tvr/vWEY9P9Dp/3/3l1/Pev7Uv+v/78AF9X/R5beQf//1OMH37kH9P/6/zH6f/2//p/jFtT/7/9x7v7fils62f8AAADQg9z9vx232P8AAADQjNz9vxO32P8AAADQjNz9vxu3dLL/9f+L6f/3tdX/e///+PdHT/2/9/836f8vhvf/x3n/f4L+X/+v/9f/M6ul9f+5+38vbrp29Z5/iQAAAMDC5O7//bilk9//BwAAgB7k7v+DuMX+BwAAgJV6dONHcvf/YdzSyf7X/8/b/1+768f0//r/498f+n/9v/7//On/x+n/J+j/9f/6f/0/s1pa/5+7/4/ilk72PwAAAPQgd/9jcYv9DwAAAM3I3f/HcYv9DwAAAM3I3f943NLJ/tf/e/9f/6//1/9v//r6/3XS/4/T/09oqv+/cqZf+nCsn/+KvWHQ/194/3/98H/U/7MGx/9d26Yz9P+3b9++ee79f+7+P4lbOtn/AAAA0IPc/X8at9j/AAAA0Izc/X8Wt9j/AAAA0Izc/X8et3Sy//X/nfb/+a2+rv7/1jDo//X/+n/9/zj9/zj9/4Sm+v+z23U/v/bP7/1//T+blvb+f+7+v4hbOtn/AAAA0IPc/X8Zt9j/AAAA0Izc/X8Vt9j/AAAA0Izc/X8dt3Sy//X/nfb/3v/X/+v/L7r/f2bQ/1+IVfT/eyd//aX3/48stv+/rv+fwa77+dV9/q//miN/qP/X/7Npaf1/7v6/iVs62f8AAADQg9z9fxu32P8AAADQjNz9fxe32P8AAADQjNz9fx83Xelk/+v/9f/6f/2//n/717/g9/+vDcOg/5/BKvr/EUvv/+d5///43+WHvP+v/1/z59f/6//ZtLT+P3f/P8Qtnex/AAAA6EHu/n+MW+x/AAAAaEbu/n+KW+x/AAAAaEbu/n+OWzrZ//p//b/+f77+/9IJ3w/6//h+2FX//8gq+n/v/89E/z9uGf3/yfT/+v81f379v/6f09tV/5+7/1/ilk72PwAAAPQgd/+/xi32PwAAADQjd/+/xS32PwAAADQjd/+/xy2d7H/9v/7/LP1/fk79f1vv/19fXP9/48j/vk7e/9f/z0T/P07/P0H/r//X/z+q/2dOS3v/P3f/f8Qtnex/AAAA6EHu/v+MW/+vW/sfAAAAmpG7/7/iFvsfAAAAmpG7/7/jlk72v/5f/+/9f/1/8+//6/+7ov8fp/+foP8/h37+zqfW/6+o//f+P7NaWv+fu/9/4pZO9j8AAAD0IHf//8Yt9j8AAAA0I3f//8Ut9j8AAAA0I3f/E3FLJ/tf/6//1//r//X/B38N9f9t0P+Pu5j+f0//r/+vfv5S/F2g/9f/T/35tGlp/X/u/v+PWzrZ/wAAANCD3P3PilvsfwAAAGhG7v5nxy32PwAAAKzSlS0/lrv/OXFLJ/tf/6//1//r//X/27++/n+ddtL/5zeF/t/7/6Gf/v8rj/zR/fbzF/35j//fL/2//p/5La3/z93/3Lilk/0PAAAAPcjd/7y4xf4HAACAZuTuf37cYv8DAABAM3L3vyBu6WT/6//X0f/nd6b+X/+v/9f/6//Hef9/nP5/gv5/p+/nr/3z6//1/2xaWv+fu/+FcUsn+x8AAAB6kLv/RXGL/Q8AAADNyN3/4rjF/gcAAIBm7O/+jMs63P/6/3X0/97/1//r//X/+v/T0f+P0/9P0P/r//X/+n9mtbT+/yX7f9aN4aVxSyf7HwAAAHqQu/9lcYv9DwAAAIt08n9U4GS5+18et9j/AAAA0Izc/a+IWzrZ//p//f86+v/bt2/f1P/r/4/+eg77/yf1/xT9/zj9/wT9v/5f/6//Z1ZL6/9z978ybulk/wMAAEAPcve/Km6x/wEAAKAZuftfHbfY/wAAANCM3P2viVs62f/6/wX0/zf0/97/1/8P3v/X/89E/z9O/z+hxf7/xul/+bvu5+/Xrj+//l//z6aj/f+X14/vqv/P3f/auKWT/Q8AAAA9yN3/urjF/gcAAIBm5O5/fdxi/wMAAEAzcve/IW7pZP/r/y+u/7/zr10v7//vDds/v/5f/6//1/+fN/3/OP3/hBb7/zPYdT+/9s+v/9f/s+lU7/9fPfzx8+7/c/e/MW45OvyunuXXCAAAACxL7v43xS2d/P4/AAAA9CB3/5vjFvsfAAAAmpG7/y1xSyf7X/+/gPf/G+z/vf+//ftD/7/o/v+y/r8N+v9x+v8J+n/9v/5/pv4/v5v1/707Vf9/17+/O+/+P3f/W+OWTvY/AAAA9CB3/9viFvsfAAAAmpG7/+1xi/0PAAAAzcjd/2Tcctf+39Z2t0L/r//X/+v/9f/bv77+f530/+NO2/9fH+6v/0/6f/2//r/X/t/7/xxYWv+fu/8dcYvf/wcAAIDVuXrCj+fuf2fcYv8DAABAM3L3vytusf8BAACgGbn73x23PH15Vx/pQun/9f+t9v/X9P8nfn39v/6/Zfr/cd7/n6D/n6Off1D/30b/Pwz6f87ghH/aLq3/z93/nrjF7/8DAABAM3L3vzdusf8BAACgGbn73xe32P8AAADQjNz9749bOtn/l4bhlv7/kP7/zP3/fpq5xP7f+/8nf339v/6/Zfr/cfr/Cfp/7//r/73/z6yW1v/n7n8qbulk/wMAAEAPcvd/IG6x/wEAAKAZufs/GLfY/wAAANCM3P0fils62f87e/8//qU+6P8f3Pxc+v99K+j/F/v+v/7/5K+v/9f/t0z/P07/P0H/r//X/+v/mdXS+v/c/R+OWzrZ/wAAANCD3P0fiVvsfwAAAGhG7v6Pxi32PwAAADQjd//H4pZO9v/O+v9m3v8/CFT0/0c/v/7/KP1/fD/o//X/F0D/P07/v139hdL/6//1//p/ZrW0/j93/8fjlk72PwAAAPQgd/8n4hb7HwAAAJqRu//puMX+BwAAgGbk7v9k3NLJ/tf/e/9f/6//1/9v//r6/3XS/4/bZf//DV86/WW9/7/z/j8/gv5f/6//ZxZL6/9z938qbulk/wMAAEAPcvd/Om6x/wEAAKAZufs/E7fY/wAAANCM3P2fjVs62f8T/f/1+on6/1H6/6OfX/+//ftD/6//1/+fP/3/OO//T9D/e/9f/z9H/39z0P8Tltb/5+7/XNzSyf4HAACAHuTufyZusf8BAACgGbn7Px+32P8AAADQjNz9X4hbOtn/3v9fU///oP5f/6//1//r/yfo/8fp/yfo//X/+n/v/zOrpfX/ufu/GAAA//+KJzwE")
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000480)={{}, 0x0, 0x2, @unused=[0x3, 0x3, 0x577, 0x2], @name="701810222f8a66a301a0af5b1b542264d8160f53b5f57fb390b10e0f35e3992e518a3c3d181c7a74bd444e2e7935e7ca7f92af779a245eeebaaa13e62f8a57911bf5f7f520d2399fc236cd03254b824fea06c75a89722ac38ae6063352a0bba151e7972060eafee54759f696f41f4f4f66332211513393305c0262e7ad17ec5b72ca241ef35515bbaf321db45d3dc76e94299c2be417ebe2f078f9a3c99ba24da217db1551e0b7981277a8a26c62bfb273515de70f3642f3b13ec11e30d51b3383670a3a24a8b11164cfa582ddb0701b8f31e75ab6ba23162c6c5b2128ddde4b1f72c13c996fcb7e318e9e25ebe5174585f73b4fae1e437ab54685d60f22fd5c0c7e21502d47b7a360a85364403c28d66026597e77599c70521528e96ad1861155519842860bdb3703dae1f65bd6cbc3f68131f5e70a7eb6687745ad6d47de974b610f765c1afdd5b90cebe6b0cf53cfc63e618e8790fa79665d215427be36580a6547c5b814bcd7976c9c77d34a59c670ad44580d294228b331df62ce391fc24887fa7aec61f54012b4586331af9ae82e36750d98691d369aa55e0c8b18a09f1074f9a5f01e4899fc465c0678887f9aff6de6a1a4faede764cf99513e8df37e3a3567f54983cca6f8d35dcc9c298e289a5b2cf7df0ec7679e94d5c182ef7698de280772ce7b42062e503d5acd0ce16977e872227050203c5f9bb0eef4eb2f4fd754f0135bcec9eb64adaf88f1eaaa34d2d2bab8f6c32cd69a57c0e519160819875bf4f287ee643e6b30d52ed1748be210c27b509df73d55f3ea22a68d6807637e1d59fc58df65670faa2197266bfc08242a9713a21d287b3fa1fdc8683126c4e8d7609019ee33fc1a16b93ca949220f6f19b9fdbb37c74d88a67cd15a6d79ab50adeb5c74879eff6c025f5898b6049f54f8fe949e4b50b0ea259a88ed8940b6de262c95dfd108df6d67a884570e678ba6d7cf82171be1d380037aaea73429d182978d478ba3e034405b668e708edc5ab25c47b828dcb328a85aba0be3898500f3bf791f4df5c97699bb4932ff4a5d0bc27b53eb89ba5d337e28f307f67059848052fec40327e932b3073d1d51b49da3a1353bff4a9dc17a2a26ccdf5e0c1e2d9bdd0cde60a8d591a53fd99e958931974a6fb6abacaa0591abc751fe0cb0bfaa55d1ff14bf68766ee3910f0e8ca5ad8c5aba6c081b9b5a1bad948031b923c70886467bc55b5ac0882492053d04900787ea4155d8e9b55e861143ff230e305b7761075b3f09966fca286a9cd8a726316f2c82a2d266f23e0677b1b0cd9f774e4f00636e5bae9c2009bcd60c4b57415907f43fb5b325da4b6f3d8fbccf428e6771f0ed9d8896d4f2793f1c7b4ef900fb9a7ec6f09a71cdcb94661fbe34c88f5025e1acd733191e1cc5dd01beecbb7e72b33768cc12886a2c631cf8c7d54ba0ea6e7fbb204409d2545a7ada2f6c8f750a59f167f4a3bef00e4e024d597caa4433d8d8092a84831644ba4e88f36908ec35b889c8d4ecec270f73257a005c8d0c2110bf52e18426efb134e1e8221e0aed193793c8f46f65e0a4d50a948004f9bbf485e14bcec8d6e487bfc95c1d721b64579adb41fe728887305adfe4781e530ca98fe2df34dcc74ef4c9b6e772d19899126c3adc58f83747ec62b54b112a40af8ab08c867ffab2cc5a4eb19948d6389c7f737a98771178d6185faab99e747c7e0641de55d0cea259d66685f6cb6619659dd78aa9eb59bf5e217b1fbceed6bb73ab4c47692364220fcd3796c67857ebcc2ea51ee041757e6ace07eb7889ac75fc3450da63feace4914a99cbc47c1fe3b22b90464f3d385feba5d45ef589d6a1b9468cf07eae80469f254faa68dbc90b879fe5351fc15360363fed140994d6f38ded297803e722e1b69da92f6fad00a7eb17e48b133d6b3f84222f5dd5ef188f63719a8a928cf7964f1257dd48b1d1b8975e96ba1d4b1865985fb1e6953c7b7f3992f377e71f5e1a5e19d69ab9830ea885a4f4fe988ae086cce09f9108e67e815844683d39f11860adb5cff4c4599dcfee3be46af98f9a950ce707e232ca02f900a506b9f65dd26b395f3cf2b0f7a3048405f083332dba8400e0e8a9851ada9675ddffdfe6e9f4ef2f294ae5bc9495fcede2d8cfe93c8957611645e8479318ce391c2f088d3bf0119e738bddf7c4e1edce03288f8f1724862f0087288894bead4b231c7ee4d7d40c5265e5f1d94383d69c53c553e0191f4e11338c6e689da4585cad80920c52db717dfc1deed3f54f54654124924415708c0d1ab9a1f744f8a0915a97a0ac57473d93df9c0a8c417f8e99bc62017e354be8a59d15a536c55b16eb6f369fe4a2ce2eaa53ad39d9ff4468b5f21bbb4cd40c852ad23f509a15111aca956346df1db1cf3801c188b426f06b9b8fd83032a957f80583c06475c95359c4731d2f38c1667e1cccb06400a4e567519b8047b768e65a9c933f216acf4bb0ae13e8cfb80ff50978ca96d01b56b374a9e117db37de203bdc92de95f7e7d544869d6f5f4fe4ee56b1afc8de311dccb44dac97c87f9fb3c72afe1e457b6b405ff310e17d605eb97d5d95867ef4eeae234b22aec6693d97332ecd85a1dfaffff682e99a2f76453b2f1b49ca52e7c089708701cb61d381d1453f84e795777f6b4b89b51b8891f1f902d6a6e57e1e1628abcc22a0e7dee4b733e2673d919462e338d526ade1b0fe7bea0ef4477e80ffd1e2b5d1a456613702046e9768b6ceb0f2d256de6a1ea36eb5c323d301aefe9bbdfd32ae2076844a5c35f2675e9777ccb654dc35196abd2940a60b5d6009154682eab75b2d3a7a5027ffdeceb246a07c241ff94412686716834573722df8a57877d054a211815a9896c1e9185b9fb699d80bb9111f51cd503fcef1ab87a3ef95b7c4806b0768eeea79fb3db992faa83417cc5a54668d26510bec2666f1cf3c1f70c565e49414ab1ae2b95e463f0b99ce8423004a0194af5d2dc75d78b3423675acecd95bb8846bff9c9c46603211e5ff8ec38db709589cc49370b9cb61df59586c3a4fb145ab9fb57729025ecf6d13ddc473cee8a084bfb2f10999c75917d517387f8c9a798dfad04c8d1e9a63b01c25582d8f3663b0a93ca980018b853bac1d0557137b71af3314fbc3dddd75f9f2f73b4e58ca4ecdcecc88ef158e72ead8f75b4f113f3798a00812e544210297cf715d6e5aeefb12dc497fd1528b088b45e5e4d91114ff5f3d749cad17b2c3c80eb6934265b8e9f19e0b68cfc3aaa00fc5a705739a914151fb25484551b210fc6d42ee7b379e9b4029546896c7ee1e929f8e9b6868db9b1df60daba78066875b9f88cf1ed84db44c24a0235b84f5175b624c432d0518263973d09809593c0eaa290cba328a49ba07685a554e4c0f3f632fb1b4dc70248089f8508bbd6fd710dd4b9ab8604b302fa6095833d5bf89ddc35cc2010f967dae09c256e61fd61e6938c7d40ebb6827caefd236ff68d6e9ec4a70a595e02e5b9737327a82e904e920fdba18698e0d2f0302a02d16d16ac25c930f1ba20771f8b12db285ff6a575320064cbb2f3076be21e7961cf321d98c9f8397a0531240fe445c4adf4eed68ba42d63c37b73bb87b33a3cef237bf811960c163ccb4c6f0862e6d3cfb415a37214118dc7bfbe2a9b4fcff7b3bcc54a2b2bb2543f02da6d765d91691505347657a34bf0ec3ad95ad7a44023379521f1aae5f2dd4165824c1eace0ee5bb620c73e094cef53b58fc3e246af489b29f8ab5e1dffe3fe0d03b9d91b1a9f1e2569308de09e798477e0e30d6b1a6db033db22460a74cfcbb5f1d44df45dbc0eb12911cfe957792e0e5015a97125e67ef1e439889609fae73c1e71621ab35ef6fd246c908fbd249ff68229737b433fbc5eb3bb465c87a562652b84053dba3b71856183039307070d48e71f0117d71dfa38e9832b06bf51e853bbccbef4b1bb8e3a911bb3c3cbba8efcde349a3afee99f35f4f78eef5eef3418fcbb62a2b66b7c9b6149df71253b99f1a0c903f54fc39c4ea57e9a90b1a0f37cb0c21e04c9d078d201075a5498b96a05f8795d278b65f1122a6d26d057aa5f39dbea9acda8176cf2769d1dd776de46858bedcabdb6d1a4d8a25b714ef5975faaff28e80756519d1f8f03cc5dd4d412e5c08d938d2dbfe5a791e812770a97534b0e6eacbf3a8b387aabd18acbc46d5cbda386bf92c6a7be44796863359f7c3d60dea1a80d1852f00f9777fa7348aab68a64b30d129149045be1f55086c2a84fedbd84617c1ac8387835a13c44213150e879ee970f9e4fbebed15a20dfd8c3271e325ee9f1b40c7c5c365b79be932c92c41a4e395df1d51b84b80faa887ad613ecffb3fe0dbe1681bdd643899ecaf065dd09dfaba2ccb94cd9b20d7fa8a226e5ba78b05426c0681392e42aa09b058d63f6841ca43c8e3b9fbaefa9c1428e02beab39f86da2ec296adff8b60144341b15c2e563adc50a974ad8fa983319fdb39982e49450a1818685ca8c147f92cccd571dc58a78b7ff0a0e5259aa3f7eb213d6ed4336eb34e632c51a1de98b6e67f6d22c95d612ece272105a6c56c77d9905d2def9c223a071126ddf1ba771a014e331cd34c0f85745a38ce8aae595fa5746b7ca444dde27a1bf7e6d9c7fd5ff00572030c0caef8be9cafc039a8babb113ecf752ccc7e2f4bbad00e7c0a143784906d18733dbc01fe832fe5095cef173a97a68b1457c68fcbcf8d24fe1589f67bd0adc9616733f314d7a7545791c9011442d6591610f0d65de4e3eae6cb5a076afbf6fdcc989d83b34caa10d261f215ffcedd12fb3431165e80c6630c6a37d9d0d1d0f9cdfc4335c8c7b6f6fc7779550337834128e580654307722ac22da09585587b54a5bf89990752dc53b3926b52143b04a17efe39f328877ec1f69b3fed8381c19df66a05e769ae754ef8744b9d308c730ae1730a3caf44f7496f77a2e4e5bdf9b6eccc47fea8225fb103a8ce67747749e20e61cd84ea8e2c30bfc67436ace6a2c7857e7dafbe787670045aee6e08653922e9f7d8a2a072245a7e51547601e60aa9ad98c5aa9ac79e17a5023e6d2f48667a038ebe8e862d83295d880323a2e6004dd64529efa35b144b43541df620ffce89a2a87ff5a0985e2bae6b560c1429505df70081eaba59cfd1ff88d958949d6dd922bb37b9c37b126d7589fcdc48c8fb1fb7deca1134b03812e30713be87310fa0f50cdd1e1731e3945a35116505099554de229fac30d7d40e4b99282bb8f4b422e0aa02f6a0898c0b965e9b1cabea7b6de3494101d6e1822cbb93af68cdae6b753c7d4433aaff5b74d958888fdfe2e8a2601b505ae523f286f2f2a942c01f5628ff32d66016117f08734aa1fa334ae9263ab6ed4d748b7452cb63be5f57ea5577faf431cc13ebca184e9c11d5ee768803804b25a6cac278ca1febc92e075e14fa46d0d3cdbcc0a48fd21c1d40bc626439c7121333e8bffc0dd7b6e8a9980d63a491b327a40b9a42ed1241b30dfb9302db9551a03e924f5897d36926674be49e7d29752fcca48b674cdc14bf5ee801b6e117dfbc363cf3611bca64a13774ee540f767d6d96e0c1d537276dfd8e8f34fb71082900f1f5bf853a25233726a8db62ab64cef9fc9114c2badaa6a09227aef181bb7e2db6434a995e6c89749aeb89fd76a2155fa0829d458f97f26c803a9ea739727fb20cfb60f558ec53ae8bc6"})
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000001480)={{0x7f, 0x45, 0x4c, 0x46, 0xb4, 0x0, 0xa, 0x9, 0x7f, 0xd798cc7d6ed4fd84, 0x6, 0x5, 0x209, 0x40, 0xb7, 0x400, 0x1000, 0x38, 0x1, 0xed0, 0x8, 0x2}, [{0x1, 0x6, 0x9, 0x3, 0x4, 0x7f, 0xfffffffffffffeec, 0x6}]}, 0x78)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

1.669388209s ago: executing program 7 (id=5871):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
listen(r0, 0x6)
sendmmsg(r0, &(0x7f0000000140)=[{{&(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x8, @private2, 0x8, 0x3}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000040)='y', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x10, 0x84}], 0x10}}], 0x2, 0x40000050)

1.182485379s ago: executing program 7 (id=5876):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xd76}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900010073797a30000000000900030073797a3000000000140004800800024000000000080001400000000568000000060a010400000008000000000100000008000b4000000000400004803c0001800a0001006d617463680000002c0002800800010065636e000c000300e4edf2b75cc7c0a308000240000000000c000100706b7474797065000900010073797a300000000014000000110001"], 0xf0}}, 0x0)

1.031420453s ago: executing program 37 (id=5876):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xd76}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900010073797a30000000000900030073797a3000000000140004800800024000000000080001400000000568000000060a010400000008000000000100000008000b4000000000400004803c0001800a0001006d617463680000002c0002800800010065636e000c000300e4edf2b75cc7c0a308000240000000000c000100706b7474797065000900010073797a300000000014000000110001"], 0xf0}}, 0x0)

923.293824ms ago: executing program 3 (id=5881):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406e050c01000000000001090224000100000034090400b901030000000921000805012205000905810300000509"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x8, "8d826a6d"}]}}, 0x0}, 0x0)

613.051726ms ago: executing program 5 (id=5884):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000fbffbfff0000000000000000850000004100000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

523.245472ms ago: executing program 5 (id=5885):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x8, 0x0, 0x4)

413.177899ms ago: executing program 3 (id=5886):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000006800010000000000000000000000000000000000240002000200000000000000010000000008"], 0x3c}}, 0x0)

412.987051ms ago: executing program 3 (id=5887):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffffd, 0x400, 0x3, 0x6, 0x7}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

157.158407ms ago: executing program 5 (id=5888):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@migrate={0xd8, 0x21, 0x1, 0x0, 0x0, {{@in6=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@migrate={0x50, 0x11, [{@in=@empty, @in6=@private2, @in6=@rand_addr=' \x01\x00', @in=@broadcast}]}, @user_kmaddress={0x2c, 0x13, {@in=@remote, @in6=@loopback}}, @policy_type={0xa}]}, 0xd8}}, 0x0)

156.850232ms ago: executing program 3 (id=5889):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r2 = gettid()
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffff]}, 0x0, 0x0, 0x8)
timer_create(0x2, &(0x7f0000000500)={0x0, 0x2, 0x4, @tid=r2}, &(0x7f00000000c0))
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f0000000000)={{}, {0x0, 0x9}}, 0x0)

156.739867ms ago: executing program 5 (id=5890):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x8001, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000000}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[@ANYBLOB="84010000210001000000000000000000fc020000000000000000000000000000fe80000000000000000000000000003500000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000034011100ac14140c000000000000000000000000fc000000000000000000000000000001fc020000000000000000000000000000fe8000000000000000000000000000aa6c01a8000200000002000a00ac1414aa000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000ff020000000000000000000000000001ff020000003500000a000800ac1414bb000000000000000000000000fc02000000000000000000000000000064010102000000000000000000000000fe8000000000000000000000000000323c"], 0x184}}, 0x0)

82.908042ms ago: executing program 5 (id=5891):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9)
syz_clone(0xa0201400, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)

382.487µs ago: executing program 3 (id=5892):
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)={0x78, 0x7, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x58, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_META_SREG={0x8}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x6}]}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

112.084µs ago: executing program 5 (id=5893):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r1, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6}}, 0x20)
bpf$LINK_DETACH(0x22, &(0x7f0000000000)=r2, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 3 (id=5894):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8912, 0x0)

kernel console output (not intermixed with test programs):

79.849197][   T40]  __submit_merged_bio+0x27a/0x6a0
[  279.849208][   T40]  __submit_merged_write_cond+0x255/0x530
[  279.849220][   T40]  f2fs_write_data_pages+0x261d/0x3000
[  279.849265][   T40]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  279.849308][   T40]  ? f2fs_write_meta_pages+0x357/0x450
[  279.849321][   T40]  ? __lock_acquire+0xab9/0xd20
[  279.849335][   T40]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  279.849345][   T40]  do_writepages+0x32e/0x550
[  279.849357][   T40]  ? reacquire_held_locks+0x127/0x1d0
[  279.849365][   T40]  ? writeback_sb_inodes+0x384/0x1010
[  279.849378][   T40]  __writeback_single_inode+0x145/0xff0
[  279.849387][   T40]  ? do_raw_spin_unlock+0x4d/0x240
[  279.849397][   T40]  writeback_sb_inodes+0x6c7/0x1010
[  279.849417][   T40]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  279.849443][   T40]  ? rcu_is_watching+0x15/0xb0
[  279.849455][   T40]  wb_writeback+0x43b/0xaf0
[  279.849467][   T40]  ? queue_io+0x391/0x590
[  279.849477][   T40]  ? __pfx_wb_writeback+0x10/0x10
[  279.849489][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  279.849498][   T40]  wb_workfn+0x409/0xef0
[  279.849512][   T40]  ? __pfx_wb_workfn+0x10/0x10
[  279.849521][   T40]  ? __lock_acquire+0xab9/0xd20
[  279.849535][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  279.849545][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  279.849552][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  279.849558][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  279.849565][   T40]  process_scheduled_works+0xae1/0x17b0
[  279.849584][   T40]  ? __pfx_process_scheduled_works+0x10/0x10
[  279.849602][   T40]  worker_thread+0x8a0/0xda0
[  279.849620][   T40]  kthread+0x711/0x8a0
[  279.849630][   T40]  ? __pfx_worker_thread+0x10/0x10
[  279.849637][   T40]  ? __pfx_kthread+0x10/0x10
[  279.849646][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  279.849653][   T40]  ? lockdep_hardirqs_on+0x9c/0x150
[  279.849661][   T40]  ? __pfx_kthread+0x10/0x10
[  279.849669][   T40]  ret_from_fork+0x3fc/0x770
[  279.849679][   T40]  ? __pfx_ret_from_fork+0x10/0x10
[  279.849688][   T40]  ? __switch_to_asm+0x39/0x70
[  279.849696][   T40]  ? __switch_to_asm+0x33/0x70
[  279.849704][   T40]  ? __pfx_kthread+0x10/0x10
[  279.849713][   T40]  ret_from_fork_asm+0x1a/0x30
[  279.849729][   T40]  </TASK>
[  279.849732][   T40] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  279.949674][T15123] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 15: invalid block bitmap
[  280.015724][T15126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3719'.
[  280.506183][ T1847] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  280.618345][ T9973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.660975][ T1847] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  280.664585][T15137] loop4: detected capacity change from 0 to 2048
[  280.665265][ T1847] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.670683][ T1847] usb 6-1: config 0 descriptor??
[  280.674368][ T1847] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  280.687329][ T5965]  loop4: p3 p4 < >
[  280.694568][T15137]  loop4: p3 p4 < >
[  280.743676][ T5965] udevd[5965]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  280.744962][ T5855] udevd[5855]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  280.760016][ T5965] udevd[5965]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  280.761836][ T5855] udevd[5855]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  280.966168][ T5908] usb 5-1: new low-speed USB device number 26 using dummy_hcd
[  281.118761][ T5908] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  281.121700][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.129650][ T5908] usb 5-1: config 0 descriptor??
[  282.492780][ T1847] usb 6-1: USB disconnect, device number 4
[  282.552055][ T5908] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  282.557504][ T5908] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  282.560819][ T5908] asix 5-1:0.0: probe with driver asix failed with error -71
[  282.568546][ T5908] usb 5-1: USB disconnect, device number 26
[  282.638859][T15160] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3736'.
[  282.771933][   T33] kauditd_printk_skb: 7 callbacks suppressed
[  282.771945][   T33] audit: type=1800 audit(1754929582.011:124): pid=15170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3741" name="file1" dev="tmpfs" ino=6358 res=0 errno=0
[  283.137375][T15198] loop4: detected capacity change from 0 to 128
[  283.149628][T15198] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  283.153717][T15198] ext4 filesystem being mounted at /499/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.178981][ T9973] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  283.839829][T15234] overlayfs: failed to clone upperpath
[  284.118631][T15246] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3774'.
[  284.177971][T15249] loop5: detected capacity change from 0 to 8
[  284.376613][T15256] loop4: detected capacity change from 0 to 256
[  284.499260][T15244] overlayfs: failed to clone upperpath
[  284.588556][T15256] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF
[  284.591627][T15256] FAT-fs (loop4): Filesystem has been set read-only
[  284.764038][T15274] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[  285.159259][T15307] loop5: detected capacity change from 0 to 2048
[  285.175073][T15307] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  285.436843][T15313] loop5: detected capacity change from 0 to 32768
[  285.441148][T15313] (syz.5.3805,15313,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  285.447464][T15313] (syz.5.3805,15313,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  285.456918][T15313] JBD2: Ignoring recovery information on journal
[  285.479416][T15313] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  285.535989][T14570] ocfs2: Unmounting device (7,5) on (node local)
[  286.156199][T15339] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3815'.
[  286.426782][T15366] fuse: Bad value for 'fd'
[  286.562849][ T1847] IPVS: starting estimator thread 0...
[  286.569293][T15373] loop5: detected capacity change from 0 to 1024
[  286.665952][T15374] IPVS: using max 79 ests per chain, 189600 per kthread
[  286.673417][T15382] CIFS mount error: No usable UNC path provided in device string!
[  286.673417][T15382] 
[  286.681267][T15382] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  287.549422][   T33] audit: type=1800 audit(1754929586.792:125): pid=15389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3837" name="/" dev="fuse" ino=0 res=0 errno=0
[  288.713229][T15466] loop5: detected capacity change from 0 to 4096
[  288.739637][T15466] ntfs3(loop5): ino=19, mi_enum_attr
[  288.741793][T15466] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  288.763314][T15466] ntfs3(loop5): try to read out of volume at offset 0x3fffffc7000
[  288.767174][T15466] ntfs3(loop5): ino=21, The size of extended attributes must not exceed 64KiB
[  289.546542][ T5851] Bluetooth: hci2: unexpected event for opcode 0x203c
[  289.966491][T15539] loop5: detected capacity change from 0 to 128
[  289.969482][T15539] EXT4-fs: Ignoring removed nobh option
[  289.993179][T15539] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  290.002807][T15539] ext4 filesystem being mounted at /89/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  290.032640][T14570] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  290.307823][T15549] loop5: detected capacity change from 0 to 32768
[  290.311760][T15549] bcachefs (/dev/loop5): error validating superblock: Invalid superblock section downgrade: downgrade entry with mismatched major version (0 != 1)
[  290.311760][T15549] downgrade (size 2912):
[  290.311760][T15549] version:	0.0: (unknown version)
[  290.311760][T15549] recovery passes:	
[  290.311760][T15549] errors:	sb_clean_missing
[  290.311760][T15549] version:	0.0: (unknown version)
[  290.311760][T15549] recovery passes:	snapshots_read,set_may_go_rw,check_alloc_info,check_lrus,check_extents_to_backpointers,check_snapshot_trees,check_snapshots,fs_upgrade_for_subvolumes
[  290.311760][T15549] errors:	clean_but_journal_not_empty
[  290.311760][T15549] version:	0.0: (unknown version)
[  290.311760][T15549] recovery passes:	fs_freespace_init
[  290.311760][T15549] errors:	
[  290.311760][T15549] version:	0.1: (unknown version)
[  290.311760][T15549] recovery passes:	set_may_go_rw,fs_freespace_init,check_snapshot_trees
[  290.311760][T15549] errors:	sb_clean_missing,clean_but_journal_not_empty,clean_but_journal_not_empty,clean_but_journal_not_empty,clean_but_journal_not_empty,clean_but_journal_not_empty,dirty_but_no_journal_entries,(unknown error 768),sb_clean_missing,clean_but_journal_not_empty,clean_but_journal_not_empty,clean_but_journal_not_empty,clean_but_journal_not_empty,clean_but_journal_not_
[  290.312097][T15549] bcachefs: bch2_fs_get_tree() error: invalid_sb_downgrade
[  290.793158][T15581] loop5: detected capacity change from 0 to 256
[  290.816793][T15581] FAT-fs (loop5): Directory bread(block 64) failed
[  290.819415][T15581] FAT-fs (loop5): Directory bread(block 65) failed
[  290.821759][T15581] FAT-fs (loop5): Directory bread(block 66) failed
[  290.824095][T15581] FAT-fs (loop5): Directory bread(block 67) failed
[  290.828603][T15581] FAT-fs (loop5): Directory bread(block 68) failed
[  290.830811][T15581] FAT-fs (loop5): Directory bread(block 69) failed
[  290.833224][T15581] FAT-fs (loop5): Directory bread(block 70) failed
[  290.836956][T15581] FAT-fs (loop5): Directory bread(block 71) failed
[  290.839427][T15581] FAT-fs (loop5): Directory bread(block 72) failed
[  290.841893][T15581] FAT-fs (loop5): Directory bread(block 73) failed
[  291.080843][T15589] loop5: detected capacity change from 0 to 256
[  291.131902][T15591] bond1: entered allmulticast mode
[  291.232460][T15600] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3936'.
[  291.260409][T15600] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3936'.
[  292.294968][   T47] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  292.444711][   T47] usb 6-1: Using ep0 maxpacket: 8
[  292.451161][   T47] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  292.460035][   T47] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  292.466460][   T47] usb 6-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  292.470229][   T47] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.472810][   T47] usb 6-1: Product: syz
[  292.475761][   T47] usb 6-1: Manufacturer: syz
[  292.477900][   T47] usb 6-1: SerialNumber: syz
[  292.487368][   T47] usb 6-1: config 0 descriptor??
[  292.708439][   T47] usb 6-1: USB disconnect, device number 5
[  293.247891][   T33] audit: type=1326 audit(1754929592.492:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15649 comm="syz.4.3960" exe="/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7faad5d85ba7 code=0x0
[  293.320593][T15656] futex_wake_op: syz.5.3963 tries to shift op by 36; fix this program
[  293.664726][ T1847] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  293.816868][ T1847] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  293.820281][ T1847] usb 6-1: New USB device found, idVendor=0471, idProduct=0303, bcdDevice=e5.df
[  293.823300][ T1847] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.829247][ T1847] usb 6-1: config 0 descriptor??
[  293.832951][ T1847] pwc: Philips PCA646VC USB webcam detected.
[  294.033940][ T1847] pwc: send_video_command error -71
[  294.035975][ T1847] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  294.038493][ T1847] Philips webcam 6-1:0.0: probe with driver Philips webcam failed with error -71
[  294.042579][ T1847] usb 6-1: USB disconnect, device number 6
[  294.591135][T15690] loop5: detected capacity change from 0 to 4096
[  294.806936][T15696] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.3981'.
[  294.832720][T15698] net_ratelimit: 10 callbacks suppressed
[  294.832732][T15698] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  294.904469][ T5908] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  295.059616][ T5908] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  295.063034][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.068458][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.071474][ T5908] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  295.077911][ T5908] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  295.081069][ T5908] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  295.083576][ T5908] usb 6-1: Manufacturer: syz
[  295.089798][ T5908] usb 6-1: config 0 descriptor??
[  295.521331][ T5908] appleir 0003:05AC:8243.0015: unknown main item tag 0x0
[  295.529240][ T5908] appleir 0003:05AC:8243.0015: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0
[  296.367452][T15747] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[  298.536125][ T6501] usb 6-1: reset high-speed USB device number 7 using dummy_hcd
[  298.539595][ T6501] usb 6-1: device reset changed ep0 maxpacket size!
[  298.544311][   T24] usb 6-1: USB disconnect, device number 7
[  298.684799][   T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  298.761009][T15811] netlink: 288 bytes leftover after parsing attributes in process `syz.3.4030'.
[  298.835044][   T24] usb 6-1: Using ep0 maxpacket: 16
[  298.838477][   T24] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  298.841056][   T24] usb 6-1: config 0 has no interface number 0
[  298.843007][   T24] usb 6-1: config 0 interface 51 has no altsetting 0
[  298.850160][   T24] usb 6-1: New USB device found, idVendor=1004, idProduct=61aa, bcdDevice=4f.d5
[  298.853052][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.861315][   T24] usb 6-1: Product: syz
[  298.863020][   T24] usb 6-1: Manufacturer: syz
[  298.864822][   T24] usb 6-1: SerialNumber: syz
[  298.868056][   T24] usb 6-1: config 0 descriptor??
[  298.876404][   T24] usb 6-1: bad CDC descriptors
[  299.073823][ T6501] usb 6-1: USB disconnect, device number 8
[  299.166413][T15828] openvswitch: netlink: IP tunnel dst address not specified
[  299.757072][T15847] netlink: 2028 bytes leftover after parsing attributes in process `syz.5.4043'.
[  299.760179][T15847] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4043'.
[  299.895100][T15859] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4052'.
[  299.900023][T15859] netlink: 72 bytes leftover after parsing attributes in process `syz.3.4052'.
[  299.905349][T15859] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[  300.013330][T15866] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.4053'.
[  300.018716][T15861] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.4053'.
[  300.302192][T15878] overlayfs: failed to resolve './file0': -2
[  300.706340][T15891] loop5: detected capacity change from 0 to 512
[  300.708919][T15891] vfat: Unknown parameter '01777777777777777777777^ݤ;	S3t<Xn{gFgaFFg!0~:'
[  301.582561][T15928] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  301.717445][T15937] loop5: detected capacity change from 0 to 128
[  301.727096][T15937] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  301.733854][T15937] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  301.800726][T15941] loop5: detected capacity change from 0 to 256
[  301.906742][T15949] loop5: detected capacity change from 0 to 128
[  302.207892][T15977] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4106'.
[  302.282507][T15983] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4109'.
[  302.515331][T15998] netlink: 'syz.3.4116': attribute type 15 has an invalid length.
[  302.751189][T16016] netlink: 'syz.4.4125': attribute type 29 has an invalid length.
[  302.807301][T16022] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4128'.
[  302.951469][T16036] loop5: detected capacity change from 0 to 1024
[  302.995593][T16036] hfsplus: request for non-existent node 62977 in B*Tree
[  302.999337][T16036] hfsplus: request for non-existent node 62977 in B*Tree
[  303.014100][ T1089] hfsplus: b-tree write err: -5, ino 3
[  303.099501][T16042] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  303.179689][T16046] loop5: detected capacity change from 0 to 128
[  303.199139][T16046] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  304.310577][   T33] audit: type=1326 audit(1754929603.554:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16054 comm="syz.5.4144" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a3658ebe9 code=0x7fc00000
[  304.379998][T16083] loop5: detected capacity change from 0 to 1024
[  304.489623][T16091] bridge_slave_0: entered promiscuous mode
[  304.494753][T16091] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  304.547658][T16097] loop5: detected capacity change from 0 to 1024
[  304.552346][T16097] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
[  304.650906][T16101] loop5: detected capacity change from 0 to 512
[  304.660918][T16101] EXT4-fs (loop5): Using encoding defined by superblock: utf8-12.1.0 with flags 0x0
[  304.665922][T16101] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  304.669075][T16101] EXT4-fs (loop5): Couldn't mount because of unsupported optional features (fffc1829)
[  304.672401][T16101] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  305.723259][T10019] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  305.873164][T10019] usb 6-1: Using ep0 maxpacket: 32
[  305.877845][T10019] usb 6-1: config 0 has no interfaces?
[  305.887831][T10019] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  305.891821][T10019] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.895358][T10019] usb 6-1: Product: syz
[  305.897070][T10019] usb 6-1: Manufacturer: syz
[  305.898932][T10019] usb 6-1: SerialNumber: syz
[  305.903839][T10019] usb 6-1: config 0 descriptor??
[  305.936740][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  306.114651][ T6501] usb 6-1: USB disconnect, device number 9
[  307.420789][T16176] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  307.516036][T16180] could not allocate digest TFM handle cryptd(blake2b-160)
[  307.948010][T16214] loop5: detected capacity change from 0 to 512
[  307.974206][T16214] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  307.983155][T16214] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  307.998658][T16214] EXT4-fs (loop5): 1 truncate cleaned up
[  308.001248][T16214] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.028996][T14570] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.474384][T16243] netlink: 'syz.5.4227': attribute type 1 has an invalid length.
[  308.501152][T16243] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4227'.
[  308.540717][ T5708] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  308.545500][ T5708] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.617311][ T5708] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  308.620698][ T5708] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.729997][ T5708] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  308.740003][ T5708] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.835868][ T5708] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  308.844896][ T5235] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  308.850601][ T5235] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  308.854800][ T5708] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.856328][ T5235] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  308.862475][ T5235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  308.865513][ T5235] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  309.129160][ T5708] bridge_slave_1: left allmulticast mode
[  309.131014][ T5708] bridge_slave_1: left promiscuous mode
[  309.153681][ T5708] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.159322][ T5708] bridge_slave_0: left allmulticast mode
[  309.161192][ T5708] bridge_slave_0: left promiscuous mode
[  309.170039][ T5708] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.177204][T16258] loop5: detected capacity change from 0 to 40427
[  309.184267][T16258] F2FS-fs (loop5): build fault injection rate: 16
[  309.186246][T16258] F2FS-fs (loop5): build fault injection type: 0x77fd1
[  309.211548][T16258] F2FS-fs (loop5): invalid crc value
[  309.233637][T16258] F2FS-fs (loop5): inject kmalloc in f2fs_kmalloc of f2fs_build_segment_manager+0x30ed/0x49f0
[  309.236835][T16258] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-12)
[  309.773860][ T5708] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  309.778118][ T5708] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  309.781612][ T5708] bond0 (unregistering): Released all slaves
[  309.801207][T16255] chnl_net:caif_netlink_parms(): no params data found
[  309.856473][T16298] binder: BINDER_SET_CONTEXT_MGR already set
[  309.875056][T16298] binder: 16297:16298 ioctl 4018620d 200000004a80 returned -16
[  309.920877][T16301] loop5: detected capacity change from 0 to 512
[  309.941494][T16301] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  309.977340][T16301] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.981349][T16301] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.019123][T16309] futex_wake_op: syz.3.4253 tries to shift op by -1; fix this program
[  310.046401][T16255] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.049539][T16255] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.056748][T16255] bridge_slave_0: entered allmulticast mode
[  310.061304][T16255] bridge_slave_0: entered promiscuous mode
[  310.070873][T16255] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.078865][T16255] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.081465][T16255] bridge_slave_1: entered allmulticast mode
[  310.086361][T16255] bridge_slave_1: entered promiscuous mode
[  310.135316][T14570] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.233550][T16255] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  310.270300][T16255] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  310.289024][ T5708] hsr_slave_0: left promiscuous mode
[  310.291257][ T5708] hsr_slave_1: left promiscuous mode
[  310.293904][ T5708] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  310.296338][ T5708] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.299122][ T5708] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  310.301647][ T5708] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.331234][ T5708] vlan0: left allmulticast mode
[  310.333649][ T5708] veth0_vlan: left allmulticast mode
[  310.335433][ T5708] vlan0: left promiscuous mode
[  310.337298][ T5708] veth1_macvtap: left promiscuous mode
[  310.339113][ T5708] veth0_macvtap: left allmulticast mode
[  310.340933][ T5708] veth0_macvtap: left promiscuous mode
[  310.343797][ T5708] veth1_vlan: left promiscuous mode
[  310.345626][ T5708] veth0_vlan: left promiscuous mode
[  310.908003][ T5235] Bluetooth: hci2: command tx timeout
[  310.951476][T16328] netlink: 'syz.3.4257': attribute type 6 has an invalid length.
[  311.094238][ T5708] team0 (unregistering): Port device team_slave_1 removed
[  311.147775][ T5708] team0 (unregistering): Port device team_slave_0 removed
[  311.542209][T16335] loop5: detected capacity change from 0 to 32768
[  311.618163][T16255] team0: Port device team_slave_0 added
[  311.621527][T16255] team0: Port device team_slave_1 added
[  311.709814][T16255] batman_adv: batadv0: Adding interface: batadv_slave_0
[  311.713369][T16255] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.721319][T16255] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  311.729573][T16255] batman_adv: batadv0: Adding interface: batadv_slave_1
[  311.731790][T16255] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.772425][T16255] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  311.858573][T16255] hsr_slave_0: entered promiscuous mode
[  311.868471][T16255] hsr_slave_1: entered promiscuous mode
[  311.881762][T16255] debugfs: 'hsr0' already exists in 'hsr'
[  311.884204][T16255] Cannot create hsr debugfs directory
[  311.968006][ T5708] IPVS: stop unused estimator thread 0...
[  311.975237][T16360] loop5: detected capacity change from 0 to 16
[  311.992025][T16360] erofs: DAX unsupported by block device. Turning off DAX.
[  312.016700][T16360] erofs (device loop5): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk!
[  312.023292][T16360] erofs (device loop5): mounted with root inode @ nid 36.
[  312.226256][T16255] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  312.579920][T16255] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  312.586549][T16255] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  312.590951][T16255] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  312.652896][T16255] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.668871][T16255] 8021q: adding VLAN 0 to HW filter on device team0
[  312.675225][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.677615][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.697847][ T1089] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.700324][ T1089] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.829201][T16255] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.956449][T16255] veth0_vlan: entered promiscuous mode
[  312.961801][T16255] veth1_vlan: entered promiscuous mode
[  312.981894][T16255] veth0_macvtap: entered promiscuous mode
[  312.984228][ T5235] Bluetooth: hci2: command tx timeout
[  312.990912][T16255] veth1_macvtap: entered promiscuous mode
[  313.065211][T16255] batman_adv: batadv0: Interface activated: batadv_slave_0
[  313.077808][T16255] batman_adv: batadv0: Interface activated: batadv_slave_1
[  313.085842][   T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.097199][   T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.108395][   T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.134685][ T5909] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.199863][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.202610][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.253213][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.256572][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.528950][T16443] loop5: detected capacity change from 0 to 4096
[  313.567562][T16443] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  313.594361][T16443] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.696339][T14570] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.728639][T16441] loop6: detected capacity change from 0 to 32768
[  313.807195][T16441] (syz.6.4286,16441,1):ocfs2_verify_userspace_stack:858 ERROR: cluster stack passed to mount, but this filesystem does not support it
[  313.825189][T16441] (syz.6.4286,16441,1):ocfs2_fill_super:1177 ERROR: status = -22
[  314.102263][ T6501] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  314.262805][T16509] loop6: detected capacity change from 0 to 1024
[  314.263918][ T6501] usb 6-1: Using ep0 maxpacket: 16
[  314.272147][ T6501] usb 6-1: config 0 has an invalid interface number: 48 but max is 0
[  314.274873][ T6501] usb 6-1: config 0 has no interface number 0
[  314.276855][ T6501] usb 6-1: config 0 interface 48 has no altsetting 0
[  314.280985][ T6501] usb 6-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[  314.285125][ T6501] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.287666][ T6501] usb 6-1: Product: syz
[  314.289963][ T6501] usb 6-1: Manufacturer: syz
[  314.292144][ T6501] usb 6-1: SerialNumber: syz
[  314.303762][ T6501] usb 6-1: config 0 descriptor??
[  314.509482][ T6501] usb 6-1: USB disconnect, device number 10
[  315.052235][ T5235] Bluetooth: hci2: command tx timeout
[  315.126331][T16555] netlink: 'syz.3.4332': attribute type 1 has an invalid length.
[  315.149754][T16555] 8021q: adding VLAN 0 to HW filter on device bond2
[  315.168211][T16555] bond2: (slave veth5): Enslaving as an active interface with a down link
[  315.179893][T16555] bond2: (slave veth0_to_bond): making interface the new active one
[  315.183629][T16555] veth0_to_bond: entered promiscuous mode
[  315.186506][T16555] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  315.473001][T10019] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  315.633585][T10019] usb 7-1: New USB device found, idVendor=0757, idProduct=0a00, bcdDevice= 0.00
[  315.636571][T10019] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.641162][T10019] usb 7-1: config 0 descriptor??
[  315.642100][ T1847] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  315.794605][ T1847] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  315.798814][ T1847] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  315.803221][ T1847] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  315.806163][ T1847] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.811584][ T1847] usb 6-1: config 0 descriptor??
[  316.052875][T10019] nti 0003:0757:0A00.0016: unknown main item tag 0x0
[  316.055081][T10019] nti 0003:0757:0A00.0016: unknown main item tag 0x0
[  316.057815][T10019] nti 0003:0757:0A00.0016: unknown main item tag 0x0
[  316.060154][T10019] nti 0003:0757:0A00.0016: unknown main item tag 0x0
[  316.062991][T10019] nti 0003:0757:0A00.0016: unknown main item tag 0x0
[  316.066785][T10019] nti 0003:0757:0A00.0016: hidraw0: USB HID v0.00 Device [HID 0757:0a00] on usb-dummy_hcd.6-1/input0
[  316.177496][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  316.224689][ T1847] keytouch 0003:0926:3333.0017: fixing up Keytouch IEC report descriptor
[  316.235799][ T1847] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0017/input/input17
[  316.250798][T10019] usb 7-1: USB disconnect, device number 2
[  316.331040][ T1847] keytouch 0003:0926:3333.0017: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[  316.631333][ T1847] usb 6-1: USB disconnect, device number 11
[  316.956405][T16639] loop6: detected capacity change from 0 to 128
[  316.969782][T16639] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  316.976840][T16639] ext4 filesystem being mounted at /18/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  317.010360][T16255] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  317.044820][T16642] loop6: detected capacity change from 0 to 128
[  317.052416][T16642] EXT4-fs: Ignoring removed nobh option
[  317.069311][T16642] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  317.078071][T16642] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  317.132105][ T5235] Bluetooth: hci2: command tx timeout
[  317.132546][T16255] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  317.238355][T16651] netlink: 'syz.3.4375': attribute type 11 has an invalid length.
[  317.368326][T16663] loop5: detected capacity change from 0 to 16
[  317.375792][T16663] erofs (device loop5): mounted with root inode @ nid 36.
[  317.385915][T16663] syz.5.4381: attempt to access beyond end of device
[  317.385915][T16663] loop5: rw=524288, sector=7864328, nr_sectors = 8 limit=16
[  317.397150][T16663] syz.5.4381: attempt to access beyond end of device
[  317.397150][T16663] loop5: rw=0, sector=7864328, nr_sectors = 8 limit=16
[  317.404908][T16663] erofs (device loop5): read error -5 @ 0 of nid 89
[  317.407393][   T33] audit: type=1800 audit(1754929616.645:128): pid=16663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4381" name="file3" dev="loop5" ino=89 res=0 errno=0
[  317.435773][T16655] loop6: detected capacity change from 0 to 32768
[  317.470231][T16655] ocfs2: Slot 0 on device (7,6) was already allocated to this node!
[  317.481395][T16655] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  317.534273][T16255] ocfs2: Unmounting device (7,6) on (node local)
[  317.561755][T16671] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4384'.
[  317.777311][T16683] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.337594][T16697] Invalid ELF header magic: != ELF
[  318.877020][T16717] netlink: 'syz.3.4406': attribute type 6 has an invalid length.
[  318.882203][ T1847] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  318.963942][T16726] netlink: 'syz.3.4409': attribute type 11 has an invalid length.
[  319.035745][ T1847] usb 7-1: config 0 has an invalid interface number: 214 but max is 0
[  319.038361][ T1847] usb 7-1: config 0 has no interface number 0
[  319.040301][ T1847] usb 7-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  319.050209][ T1847] usb 7-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  319.055078][ T1847] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.057572][ T1847] usb 7-1: Product: syz
[  319.058910][ T1847] usb 7-1: Manufacturer: syz
[  319.060375][ T1847] usb 7-1: SerialNumber: syz
[  319.074240][ T1847] usb 7-1: config 0 descriptor??
[  319.123605][T16727] loop5: detected capacity change from 0 to 32768
[  319.144662][T16727] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  319.164845][T16727] XFS (loop5): Ending clean mount
[  319.176083][T16727] XFS (loop5): Quotacheck needed: Please wait.
[  319.230932][T16727] XFS (loop5): Quotacheck: Done.
[  319.306872][T14570] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  319.495147][T16753] loop5: detected capacity change from 0 to 512
[  319.498617][T16753] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  319.505061][T16753] EXT4-fs (loop5): orphan cleanup on readonly fs
[  319.507309][T16753] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.4418: bad orphan inode 458763
[  319.511774][T16753] EXT4-fs (loop5): Remounting filesystem read-only
[  319.517905][T16753] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  319.537953][T14570] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.619006][T16760] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4420'.
[  319.692988][ T1847] usbtouchscreen 7-1:0.214: probe with driver usbtouchscreen failed with error -71
[  319.700581][ T1847] usb 7-1: USB disconnect, device number 3
[  319.747613][T16773] loop5: detected capacity change from 0 to 1024
[  319.775646][T16773] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.779488][T16773] ext4 filesystem being mounted at /247/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  319.788634][T16773] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 1: comm syz.5.4427: lblock 1 mapped to illegal pblock 1 (length 3)
[  319.799848][T16773] EXT4-fs (loop5): Remounting filesystem read-only
[  319.813890][T14570] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.873317][T16780] netlink: 'syz.5.4429': attribute type 1 has an invalid length.
[  319.876732][T16780] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4429'.
[  319.880436][T16780] nbd: illegal input index 1048576
[  320.285659][T16794] loop6: detected capacity change from 0 to 4096
[  320.293400][T16794] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512).
[  320.735405][T16821] syz.5.4445 (16821): /proc/16820/oom_adj is deprecated, please use /proc/16820/oom_score_adj instead.
[  320.866782][T16823] loop6: detected capacity change from 0 to 32768
[  320.883261][T16823] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  320.918771][T16255] ocfs2: Unmounting device (7,6) on (node local)
[  321.031406][ T5708] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  321.037541][ T5708] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  321.047068][ T5708] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  321.049952][ T5708] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  321.065751][T16838] loop5: detected capacity change from 0 to 512
[  321.076579][T16838] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.4452: iget: bad extended attribute block 1
[  321.088013][T16838] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4452: couldn't read orphan inode 15 (err -117)
[  321.100347][T16844] comedi: No check for data length of config insn id 7 is implemented
[  321.109224][T16838] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.118369][T16844] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  321.130877][T16844] comedi: Assuming n=15 is correct
[  321.135526][T14570] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.181689][T16847] RDS: rds_bind could not find a transport for ::4000:0:20:0, load rds_tcp or rds_rdma?
[  321.353303][T16850] loop6: detected capacity change from 0 to 32768
[  321.364277][T16850] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4457 (16850)
[  321.392985][T16850] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  321.396244][T16850] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  321.399053][T16850] BTRFS info (device loop6): using free-space-tree
[  321.515724][T16850] BTRFS info (device loop6): rebuilding free space tree
[  321.585521][T16255] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  321.844997][T16884] loop5: detected capacity change from 0 to 32768
[  321.873072][T16884] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  321.920136][T16909] loop6: detected capacity change from 0 to 16
[  321.924098][T16884] XFS (loop5): Ending clean mount
[  321.929424][T16909] erofs (device loop6): algorithm 1 isn't enabled on this kernel
[  321.939256][T16884] XFS (loop5): Quotacheck needed: Please wait.
[  321.984796][T16884] XFS (loop5): Quotacheck: Done.
[  322.034217][T14570] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  322.605778][   T33] audit: type=1326 audit(1754929621.846:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16953 comm="syz.6.4490" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb3b38ebe9 code=0x7ffc0000
[  322.618457][   T33] audit: type=1326 audit(1754929621.846:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16953 comm="syz.6.4490" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb3b38ebe9 code=0x7ffc0000
[  322.627773][   T33] audit: type=1326 audit(1754929621.856:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16953 comm="syz.6.4490" exe="/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7feb3b38ebe9 code=0x7ffc0000
[  322.641192][   T33] audit: type=1326 audit(1754929621.856:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16953 comm="syz.6.4490" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb3b38ebe9 code=0x7ffc0000
[  322.650134][   T33] audit: type=1326 audit(1754929621.856:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16953 comm="syz.6.4490" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb3b38ebe9 code=0x7ffc0000
[  322.658985][   T33] audit: type=1326 audit(1754929621.866:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16953 comm="syz.6.4490" exe="/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7feb3b38ebe9 code=0x7ffc0000
[  322.669142][   T33] audit: type=1326 audit(1754929621.866:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16953 comm="syz.6.4490" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb3b38ebe9 code=0x7ffc0000
[  322.678552][   T33] audit: type=1326 audit(1754929621.866:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16953 comm="syz.6.4490" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb3b38ebe9 code=0x7ffc0000
[  322.851061][ T5908] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  322.911890][T16961] loop6: detected capacity change from 0 to 128
[  322.914635][T16961] zonefs: Unexpected value for 'explicit-open'
[  323.014723][ T5908] usb 6-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  323.018491][ T5908] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.022332][ T5908] usb 6-1: Product: syz
[  323.024048][ T5908] usb 6-1: Manufacturer: syz
[  323.025989][ T5908] usb 6-1: SerialNumber: syz
[  323.029320][ T5908] usb 6-1: config 0 descriptor??
[  323.042921][ T5908] gspca_main: sq930x-2.14.0 probing 2770:930c
[  323.149709][T16965] loop6: detected capacity change from 0 to 32768
[  323.184935][T16965] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  323.198290][T16965] XFS (loop6): Ending clean mount
[  323.203598][T16965] XFS (loop6): Quotacheck needed: Please wait.
[  323.246097][T16965] XFS (loop6): Quotacheck: Done.
[  323.276336][T16255] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  323.600650][T16983] loop6: detected capacity change from 0 to 32768
[  323.612900][T16983] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4496 (16983)
[  323.639422][T16983] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  323.651700][T16983] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  323.691243][ T5908] gspca_sq930x: reg_w 0305 fd00 failed -71
[  323.694387][ T5908] sq930x 6-1:0.0: probe with driver sq930x failed with error -71
[  323.704335][ T5908] usb 6-1: USB disconnect, device number 12
[  323.750132][T16983] BTRFS info (device loop6): rebuilding free space tree
[  323.764864][T16983] BTRFS info (device loop6): disabling free space tree
[  323.767060][T16983] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  323.770037][T16983] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  323.821756][T16255] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  324.472081][ T1847] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  324.661271][ T1847] usb 7-1: Using ep0 maxpacket: 32
[  324.685392][ T1847] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[  324.686624][T17039] syz.5.4512 (17039): drop_caches: 2
[  324.695058][ T1847] usb 7-1: config 0 has no interface number 0
[  324.704809][ T1847] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.39
[  324.716293][ T1847] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.725134][ T1847] usb 7-1: Product: syz
[  324.726592][ T1847] usb 7-1: Manufacturer: syz
[  324.732495][ T1847] usb 7-1: SerialNumber: syz
[  324.761560][ T1847] usb 7-1: config 0 descriptor??
[  324.785321][ T1847] smsc95xx v2.0.0
[  325.196842][ T1847] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  325.208848][ T1847] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  325.626517][ T1847] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000108: -71
[  325.646317][ T1847] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -71
[  325.663310][ T1847] usb 7-1: USB disconnect, device number 4
[  325.839517][T17072] loop5: detected capacity change from 0 to 1024
[  325.895115][  T174] hfsplus: b-tree write err: -5, ino 4
[  325.994984][   T33] audit: type=1326 audit(1754929625.236:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.5.4525" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a3658ebe9 code=0x7ffc0000
[  326.010493][   T33] audit: type=1326 audit(1754929625.246:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.5.4525" exe="/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f6a3658ebe9 code=0x7ffc0000
[  326.267725][T17097] syz.6.4527 (17097): drop_caches: 2
[  326.276463][ T5708] veth0_to_bond: left promiscuous mode
[  327.854595][T17135] kAFS: No cell specified
[  327.888179][T17140] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4541'.
[  327.982405][T17148] loop5: detected capacity change from 0 to 128
[  327.990916][T17148] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  327.998622][T17150] netlink: 'syz.3.4545': attribute type 16 has an invalid length.
[  328.003965][T17150] netlink: 'syz.3.4545': attribute type 3 has an invalid length.
[  328.006599][T17150] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4545'.
[  328.009026][T17148] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  328.491267][T17178] Bluetooth: MGMT ver 1.23
[  328.575110][T17183] trusted_key: encrypted_key: insufficient parameters specified
[  328.899293][T17194] loop6: detected capacity change from 0 to 32768
[  328.920407][T17194] JBD2: Ignoring recovery information on journal
[  328.942519][T17194] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  328.960033][T17194] OCFS2: ERROR (device loop6): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad parent pointer (0, expected 74)
[  328.966630][T17194] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  328.969872][T17194] OCFS2: File system is now read-only.
[  328.973799][T17194] (syz.6.4561,17194,0):ocfs2_search_one_group:1738 ERROR: status = -30
[  328.976563][T17194] (syz.6.4561,17194,0):ocfs2_claim_suballoc_bits:1989 ERROR: status = -30
[  328.979524][T17194] (syz.6.4561,17194,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[  328.982480][T17194] (syz.6.4561,17194,0):ocfs2_claim_new_inode:2298 ERROR: status = -30
[  328.985157][T17194] (syz.6.4561,17194,0):ocfs2_claim_new_inode:2313 ERROR: status = -30
[  328.988029][T17194] (syz.6.4561,17194,0):ocfs2_mknod_locked:641 ERROR: status = -30
[  328.990601][T17194] (syz.6.4561,17194,0):ocfs2_mknod:388 ERROR: status = -30
[  328.993199][T17194] (syz.6.4561,17194,0):ocfs2_mknod:505 ERROR: status = -30
[  329.001964][T17194] (syz.6.4561,17194,0):ocfs2_create:678 ERROR: status = -30
[  329.027600][T16255] ocfs2: Unmounting device (7,6) on (node local)
[  329.242134][T17207] loop6: detected capacity change from 0 to 40427
[  329.249031][T17207] F2FS-fs (loop6): invalid crc value
[  329.283698][T17207] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  329.287082][T17207] F2FS-fs (loop6): Start checkpoint disabled!
[  329.294085][T17207] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  329.334093][   T26] kworker/u9:0: attempt to access beyond end of device
[  329.334093][   T26] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  329.338582][   T26] CPU: 0 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  329.338595][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  329.338600][   T26] Workqueue: writeback wb_workfn (flush-7:6)
[  329.338616][   T26] Call Trace:
[  329.338620][   T26]  <TASK>
[  329.338624][   T26]  dump_stack_lvl+0x189/0x250
[  329.338637][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[  329.338646][   T26]  ? __pfx_queue_work_on+0x10/0x10
[  329.338655][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  329.338665][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  329.338678][   T26]  f2fs_handle_critical_error+0x37c/0x540
[  329.338692][   T26]  f2fs_write_end_io+0x886/0xb60
[  329.338712][   T26]  __submit_merged_bio+0x27a/0x6a0
[  329.338724][   T26]  __submit_merged_write_cond+0x255/0x530
[  329.338736][   T26]  f2fs_write_data_pages+0x261d/0x3000
[  329.338762][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  329.338778][   T26]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  329.338807][   T26]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  329.338822][   T26]  ? trace_f2fs_writepages+0x7f/0x200
[  329.338832][   T26]  ? f2fs_write_node_pages+0x478/0x6e0
[  329.338842][   T26]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  329.338858][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  329.338868][   T26]  do_writepages+0x32e/0x550
[  329.338881][   T26]  ? reacquire_held_locks+0x127/0x1d0
[  329.338889][   T26]  ? writeback_sb_inodes+0x384/0x1010
[  329.338903][   T26]  __writeback_single_inode+0x145/0xff0
[  329.338912][   T26]  ? do_raw_spin_unlock+0x4d/0x240
[  329.338924][   T26]  writeback_sb_inodes+0x6c7/0x1010
[  329.338945][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  329.338974][   T26]  ? rcu_is_watching+0x15/0xb0
[  329.339009][   T26]  wb_writeback+0x43b/0xaf0
[  329.339024][   T26]  ? queue_io+0x391/0x590
[  329.339035][   T26]  ? __pfx_wb_writeback+0x10/0x10
[  329.339048][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  329.339058][   T26]  wb_workfn+0x409/0xef0
[  329.339073][   T26]  ? __pfx_wb_workfn+0x10/0x10
[  329.339083][   T26]  ? __lock_acquire+0xab9/0xd20
[  329.339100][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  329.339111][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  329.339118][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  329.339124][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  329.339132][   T26]  process_scheduled_works+0xae1/0x17b0
[  329.339154][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[  329.339174][   T26]  worker_thread+0x8a0/0xda0
[  329.339195][   T26]  kthread+0x711/0x8a0
[  329.339206][   T26]  ? __pfx_worker_thread+0x10/0x10
[  329.339213][   T26]  ? __pfx_kthread+0x10/0x10
[  329.339223][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  329.339230][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[  329.339239][   T26]  ? __pfx_kthread+0x10/0x10
[  329.339249][   T26]  ret_from_fork+0x3fc/0x770
[  329.339259][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[  329.339269][   T26]  ? __switch_to_asm+0x39/0x70
[  329.339278][   T26]  ? __switch_to_asm+0x33/0x70
[  329.339286][   T26]  ? __pfx_kthread+0x10/0x10
[  329.339295][   T26]  ret_from_fork_asm+0x1a/0x30
[  329.339312][   T26]  </TASK>
[  329.339316][   T26] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  329.659437][T17221] loop6: detected capacity change from 0 to 8192
[  329.715570][T17225] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4574'.
[  329.843154][T17230] netlink: 164 bytes leftover after parsing attributes in process `syz.6.4576'.
[  330.127569][T17234] loop6: detected capacity change from 0 to 32768
[  330.130878][T17234] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4577 (17234)
[  330.137443][T17234] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  330.140997][T17234] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  330.143622][T17234] BTRFS info (device loop6): using free-space-tree
[  330.269962][T17238] loop5: detected capacity change from 0 to 40427
[  330.273466][T17238] F2FS-fs (loop5): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  330.276188][T17238] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  330.278897][T17238] F2FS-fs (loop5): build fault injection type: 0x6
[  330.282538][T17238] F2FS-fs (loop5): invalid crc value
[  330.317158][T17238] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  330.320642][T17238] F2FS-fs (loop5): Start checkpoint disabled!
[  330.332649][T17238] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  330.334910][T17238] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  331.132102][T16255] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  331.337655][T17274] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4587'.
[  331.602941][T17278] trusted_key: encrypted_key: insufficient parameters specified
[  331.952638][   T64] kworker/u10:3: attempt to access beyond end of device
[  331.952638][   T64] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  331.957086][   T64] CPU: 1 UID: 0 PID: 64 Comm: kworker/u10:3 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  331.957099][   T64] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  331.957104][   T64] Workqueue: writeback wb_workfn (flush-7:5)
[  331.957121][   T64] Call Trace:
[  331.957125][   T64]  <TASK>
[  331.957128][   T64]  dump_stack_lvl+0x189/0x250
[  331.957142][   T64]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.957151][   T64]  ? __pfx_queue_work_on+0x10/0x10
[  331.957159][   T64]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  331.957169][   T64]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  331.957182][   T64]  f2fs_handle_critical_error+0x37c/0x540
[  331.957197][   T64]  f2fs_write_end_io+0x886/0xb60
[  331.957217][   T64]  __submit_merged_bio+0x27a/0x6a0
[  331.957229][   T64]  __submit_merged_write_cond+0x255/0x530
[  331.957241][   T64]  f2fs_write_data_pages+0x261d/0x3000
[  331.957267][   T64]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  331.957283][   T64]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  331.957310][   T64]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  331.957320][   T64]  ? look_up_lock_class+0x74/0x170
[  331.957335][   T64]  ? trace_f2fs_writepages+0x7f/0x200
[  331.957344][   T64]  ? f2fs_write_node_pages+0x478/0x6e0
[  331.957355][   T64]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  331.957371][   T64]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  331.957381][   T64]  do_writepages+0x32e/0x550
[  331.957394][   T64]  ? reacquire_held_locks+0x127/0x1d0
[  331.957403][   T64]  ? writeback_sb_inodes+0x384/0x1010
[  331.957416][   T64]  __writeback_single_inode+0x145/0xff0
[  331.957426][   T64]  ? do_raw_spin_unlock+0x4d/0x240
[  331.957437][   T64]  writeback_sb_inodes+0x6c7/0x1010
[  331.957458][   T64]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  331.957487][   T64]  ? rcu_is_watching+0x15/0xb0
[  331.957500][   T64]  wb_writeback+0x43b/0xaf0
[  331.957513][   T64]  ? queue_io+0x391/0x590
[  331.957524][   T64]  ? __pfx_wb_writeback+0x10/0x10
[  331.957537][   T64]  ? _raw_spin_unlock_irq+0x23/0x50
[  331.957547][   T64]  wb_workfn+0x409/0xef0
[  331.957562][   T64]  ? __pfx_wb_workfn+0x10/0x10
[  331.957572][   T64]  ? __lock_acquire+0xab9/0xd20
[  331.957588][   T64]  ? process_scheduled_works+0x9ef/0x17b0
[  331.957598][   T64]  ? _raw_spin_unlock_irq+0x23/0x50
[  331.957605][   T64]  ? process_scheduled_works+0x9ef/0x17b0
[  331.957612][   T64]  ? process_scheduled_works+0x9ef/0x17b0
[  331.957619][   T64]  process_scheduled_works+0xae1/0x17b0
[  331.957645][   T64]  ? __pfx_process_scheduled_works+0x10/0x10
[  331.957666][   T64]  worker_thread+0x8a0/0xda0
[  331.957675][   T64]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  331.957687][   T64]  ? __kthread_parkme+0x7b/0x200
[  331.957701][   T64]  kthread+0x711/0x8a0
[  331.957711][   T64]  ? __pfx_worker_thread+0x10/0x10
[  331.957718][   T64]  ? __pfx_kthread+0x10/0x10
[  331.957728][   T64]  ? _raw_spin_unlock_irq+0x23/0x50
[  331.957735][   T64]  ? lockdep_hardirqs_on+0x9c/0x150
[  331.957758][   T64]  ? __pfx_kthread+0x10/0x10
[  331.957769][   T64]  ret_from_fork+0x3fc/0x770
[  331.957779][   T64]  ? __pfx_ret_from_fork+0x10/0x10
[  331.957790][   T64]  ? __switch_to_asm+0x39/0x70
[  331.957799][   T64]  ? __switch_to_asm+0x33/0x70
[  331.957807][   T64]  ? __pfx_kthread+0x10/0x10
[  331.957816][   T64]  ret_from_fork_asm+0x1a/0x30
[  331.957833][   T64]  </TASK>
[  331.959470][   T64] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  332.400848][ T5235] Bluetooth: hci0: Malformed LE Event: 0x1b
[  332.590293][   T47] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  332.750200][   T47] usb 7-1: Using ep0 maxpacket: 16
[  332.763249][   T47] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  332.826756][   T47] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  332.832007][   T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.835672][   T47] usb 7-1: Product: syz
[  332.837180][   T47] usb 7-1: Manufacturer: syz
[  332.839447][   T47] usb 7-1: SerialNumber: syz
[  332.852293][   T47] r8152-cfgselector 7-1: Unknown version 0x0000
[  332.854726][   T47] r8152-cfgselector 7-1: config 0 descriptor??
[  333.499999][   T47] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  333.653097][   T47] usb 6-1: unable to get BOS descriptor or descriptor too short
[  333.656520][   T47] usb 6-1: config 66 has an invalid descriptor of length 0, skipping remainder of the config
[  333.662487][   T47] usb 6-1: config 66 has 1 interface, different from the descriptor's value: 2
[  333.666485][   T47] usb 6-1: config 66 interface 0 altsetting 16 endpoint 0x7 has invalid wMaxPacketSize 0
[  333.669547][   T47] usb 6-1: config 66 interface 0 has no altsetting 0
[  333.674791][   T47] usb 6-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=a4.95
[  333.677693][   T47] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.683434][   T47] usb 6-1: Product: syz
[  333.684857][   T47] usb 6-1: Manufacturer: syz
[  333.686463][   T47] usb 6-1: SerialNumber: syz
[  333.909469][   T47] ati_remote2 6-1:66.0: ati_remote2_probe(): need 2 interfaces, found 1
[  333.929027][   T47] usb 6-1: USB disconnect, device number 13
[  334.276815][T17372] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[  334.446707][T17384] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4637'.
[  334.719715][ T6501] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[  334.883711][ T6501] usb 6-1: config 54 has an invalid interface number: 154 but max is 0
[  334.887260][ T6501] usb 6-1: config 54 has an invalid descriptor of length 0, skipping remainder of the config
[  334.892011][ T6501] usb 6-1: config 54 has no interface number 0
[  334.894797][ T6501] usb 6-1: too many endpoints for config 54 interface 154 altsetting 0: 146, using maximum allowed: 30
[  334.899327][ T6501] usb 6-1: config 54 interface 154 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 146
[  334.907321][ T6501] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice= 0.ec
[  334.911460][ T6501] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.915162][ T6501] usb 6-1: Product: syz
[  334.916930][ T6501] usb 6-1: Manufacturer: syz
[  334.918893][ T6501] usb 6-1: SerialNumber: syz
[  334.927503][ T6501] hub 6-1:54.154: bad descriptor, ignoring hub
[  334.930467][ T6501] hub 6-1:54.154: probe with driver hub failed with error -5
[  334.954430][ T6501] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  334.961515][ T5909] usb 6-1: Failed to submit usb control message: -71
[  334.965214][ T5909] usb 6-1: unable to send the bmi data to the device: -71
[  334.968341][ T5909] usb 6-1: unable to get target info from device
[  334.972085][ T5909] usb 6-1: could not get target info (-71)
[  334.974152][ T5909] usb 6-1: could not probe fw (-71)
[  335.274584][ T1847] usb 6-1: USB disconnect, device number 14
[  335.300492][ T6501] r8152-cfgselector 7-1: USB disconnect, device number 5
[  335.420671][T17414] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4650'.
[  335.670911][T17419] loop5: detected capacity change from 0 to 1024
[  335.677104][T17419] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  335.695781][T17419] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.721574][T17419] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2848: Unable to expand inode 12. Delete some EAs or run e2fsck.
[  335.727280][T17419] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: inode #11: comm syz.5.4652: missing EA_INODE flag
[  335.735602][T17419] EXT4-fs (loop5): Remounting filesystem read-only
[  335.753058][T14570] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.772247][T17417] loop6: detected capacity change from 0 to 32768
[  335.786027][   T33] kauditd_printk_skb: 3 callbacks suppressed
[  335.786037][   T33] audit: type=1800 audit(1754929635.028:142): pid=17417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4651" name="file1" dev="loop6" ino=4 res=0 errno=0
[  336.015758][T17434] netlink: 88 bytes leftover after parsing attributes in process `syz.5.4658'.
[  336.018766][T17434] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4658'.
[  336.097238][T17436] loop5: detected capacity change from 0 to 128
[  336.100122][T17436] EXT4-fs: Ignoring removed nobh option
[  336.102263][T17436] EXT4-fs (loop5): Invalid log block size: 4294967295
[  336.212494][   T33] audit: type=1800 audit(1754929635.458:143): pid=17447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4664" name="file1" dev="tmpfs" ino=8391 res=0 errno=0
[  336.371930][T17466] netlink: 300 bytes leftover after parsing attributes in process `syz.5.4673'.
[  336.688546][T17488] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  336.691421][T17488] IPv6: NLM_F_CREATE should be set when creating new route
[  337.012611][T17501] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.4689'.
[  337.052364][T17503] loop5: detected capacity change from 0 to 512
[  337.062111][T17503] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.4690: casefold flag without casefold feature
[  337.070646][T17503] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4690: couldn't read orphan inode 15 (err -117)
[  337.080897][T17503] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  337.113797][T14570] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.590059][   T47] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  337.739562][   T47] usb 6-1: Using ep0 maxpacket: 32
[  337.772979][   T47] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  337.783134][   T47] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  337.797152][   T47] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  337.807812][   T47] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.827433][   T47] usb 6-1: config 0 descriptor??
[  337.831449][   T47] hub 6-1:0.0: USB hub found
[  338.009298][ T5851] Bluetooth: hci3: command 0x1003 tx timeout
[  338.009701][ T5235] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  338.037864][   T47] hub 6-1:0.0: 1 port detected
[  338.226351][T17520] loop6: detected capacity change from 0 to 32768
[  338.230208][T17520] bcachefs (/dev/loop6): error validating superblock: Invalid superblock section replicas: invalid device 1 in entry (unknown data_type 122): 119/246 [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 4 5 5 6 8 8 9 9 10 11 14 24 27 31 35 37 43 47 47 51 56 65 80 89 96 102 128 132 172 173 174 179 205 222 235 245]
[  338.230208][T17520] replicas (size 64):
[  338.230208][T17520] (unknown data_type 122): 119/246 [43 0 222 65 89 132 205 31 174 173 5 172 235 128 0 0 0 0 0 0 0 0 0 0 1 8 0 0 0 179 245 51 102 0 0 0 0 0 0 14 96 0 0 0 0 0 0 0 0 0 0 0 0 5 0 0 0 9 0 0 0 9 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 24 0 0 0 0 0 0 0 37 0 0 0 0 0 0 0 80 0 0 0 10 0 0 0 0 0 0 0 0 0 0 0 56 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 
[  338.230298][T17520] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  338.590056][ T5908] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  338.678613][ T1847] hub 6-1:0.0: activate --> -90
[  338.749199][ T5908] usb 7-1: Using ep0 maxpacket: 16
[  338.756611][ T5908] usb 7-1: config 0 has an invalid interface number: 104 but max is 1
[  338.760850][ T5908] usb 7-1: config 0 has an invalid interface number: 104 but max is 1
[  338.765913][ T5908] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  338.768717][ T5908] usb 7-1: config 0 has no interface number 0
[  338.779124][ T5908] usb 7-1: config 0 interface 104 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  338.782267][ T5908] usb 7-1: config 0 interface 104 has no altsetting 1
[  338.786870][ T5908] usb 7-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 0.00
[  338.792633][ T5908] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.795258][ T5908] usb 7-1: Product: syz
[  338.796612][ T5908] usb 7-1: Manufacturer: syz
[  338.798113][ T5908] usb 7-1: SerialNumber: syz
[  338.803253][ T5908] usb 7-1: config 0 descriptor??
[  338.838360][   T33] audit: type=1326 audit(1754929638.078:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17554 comm="syz.3.4714" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x0
[  338.879625][    C1] raw-gadget.0 gadget.5: ignoring, device is not running
[  338.882231][ T1847] hub 6-1:0.0: hub_ext_port_status failed (err = -71)
[  338.882654][    T9] usb 6-1: USB disconnect, device number 15
[  339.008713][ T5908] asix 7-1:0.104 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  339.012334][ T5908] asix 7-1:0.104: probe with driver asix failed with error -71
[  339.017670][ T5908] usb 7-1: USB disconnect, device number 6
[  339.563034][T17562] loop6: detected capacity change from 0 to 8
[  339.565752][T17562] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  340.350744][T17577] netlink: 'syz.3.4724': attribute type 30 has an invalid length.
[  340.411087][T17558] comedi comedi3: reset error (fatal)
[  340.599912][   T33] audit: type=1326 audit(1754929639.838:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17592 comm="syz.5.4732" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a3658ebe9 code=0x7ffc0000
[  340.612586][T17595] loop6: detected capacity change from 0 to 256
[  340.613357][   T33] audit: type=1326 audit(1754929639.838:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17592 comm="syz.5.4732" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a3658ebe9 code=0x7ffc0000
[  340.624377][   T33] audit: type=1326 audit(1754929639.848:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17592 comm="syz.5.4732" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6a36590b07 code=0x7ffc0000
[  340.633922][   T33] audit: type=1326 audit(1754929639.848:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17592 comm="syz.5.4732" exe="/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f6a36590a7c code=0x7ffc0000
[  340.639450][T17595] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  340.654168][T17595] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  340.668066][   T33] audit: type=1326 audit(1754929639.848:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17592 comm="syz.5.4732" exe="/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f6a365909b4 code=0x7ffc0000
[  340.671639][T17597] loop5: detected capacity change from 0 to 1024
[  340.677087][   T33] audit: type=1326 audit(1754929639.858:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17592 comm="syz.5.4732" exe="/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f6a365909b4 code=0x7ffc0000
[  340.686190][T17595] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  340.687609][   T33] audit: type=1326 audit(1754929639.858:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17592 comm="syz.5.4732" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6a3658d84a code=0x7ffc0000
[  340.701294][T17597] hfsplus: failed to load root directory
[  340.933780][T17622] netlink: 'syz.5.4747': attribute type 1 has an invalid length.
[  340.937000][T17622] netlink: 5624 bytes leftover after parsing attributes in process `syz.5.4747'.
[  341.002611][T17631] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  341.048705][T17634] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4751'.
[  341.281119][T17642] team0: entered allmulticast mode
[  341.285103][T17642] team0: left allmulticast mode
[  343.551750][T17691] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1340
[  343.558075][T17691] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  343.967334][ T5908] IPVS: starting estimator thread 0...
[  344.008940][T17711] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4785'.
[  344.083136][T17714] IPVS: using max 78 ests per chain, 187200 per kthread
[  344.287982][T17736] loop6: detected capacity change from 0 to 1024
[  344.292317][T17736] EXT4-fs: Ignoring removed i_version option
[  344.294447][T17736] EXT4-fs: Ignoring removed nobh option
[  344.305980][T17736] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.386441][T16255] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.944657][T17798] netlink: 'syz.5.4820': attribute type 10 has an invalid length.
[  345.947634][T17798] team0: Cannot enslave team device to itself
[  346.274647][T17802] loop6: detected capacity change from 0 to 4096
[  346.287659][T17804] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  346.385474][T17805] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4822'.
[  346.862280][T17818] loop5: detected capacity change from 0 to 1024
[  346.983570][   T27] hfsplus: b-tree write err: -5, ino 8
[  347.169730][T17828] netlink: 'syz.3.4834': attribute type 8 has an invalid length.
[  347.666241][T17860] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4847'.
[  347.687345][T17860] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4847'.
[  347.726807][T17862] Bluetooth: MGMT ver 1.23
[  347.861385][T17876] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4854'.
[  347.865931][T17874] loop6: detected capacity change from 0 to 2048
[  347.874018][T17874] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  347.939800][T17880] netlink: 'syz.6.4856': attribute type 2 has an invalid length.
[  347.997862][T17878] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.096013][T17878] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.213784][T17878] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.336068][T17900] loop5: detected capacity change from 0 to 512
[  348.343511][T17900] EXT4-fs: Ignoring removed nobh option
[  348.393635][T17900] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.4864: corrupted inode contents
[  348.403300][T17900] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.4864: mark_inode_dirty error
[  348.408835][T17900] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.4864: corrupted inode contents
[  348.417095][T17900] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.4864: mark_inode_dirty error
[  348.434043][T17900] __quota_error: 1 callbacks suppressed
[  348.434053][T17900] Quota error (device loop5): write_blk: dquota write failed
[  348.441130][T17900] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  348.444428][T17900] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4864: Failed to acquire dquot type 0
[  348.453315][T17900] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4864: corrupted inode contents
[  348.457526][T17900] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.4864: mark_inode_dirty error
[  348.463928][T17900] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4864: corrupted inode contents
[  348.471038][T17900] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.4864: mark_inode_dirty error
[  348.475088][T17900] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4864: corrupted inode contents
[  348.480132][T17900] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  348.483193][T17900] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4864: corrupted inode contents
[  348.487299][T17900] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.4864: mark_inode_dirty error
[  348.498860][T17900] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  348.513002][T17900] EXT4-fs (loop5): 1 truncate cleaned up
[  348.520596][T17900] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.529561][T17900] ext4 filesystem being mounted at /383/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.553953][T17900] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.609185][T16326] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.611951][T16326] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.636099][T16326] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  348.660990][ T5708] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  348.834453][T17919] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4871'.
[  349.504577][T17947] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  349.519083][T17947] overlayfs: missing 'lowerdir'
[  349.594556][T17953] netlink: zone id is out of range
[  349.596446][T17953] netlink: set zone limit has 4 unknown bytes
[  349.731076][T17963] netlink: 'syz.3.4891': attribute type 2 has an invalid length.
[  349.848086][T17865] Bluetooth: hci0: command 0x0000 tx timeout
[  349.856763][T17973] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4896'.
[  350.277777][ T5908] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  350.432157][ T5908] usb 7-1: config 6 has an invalid interface number: 14 but max is 0
[  350.434862][ T5908] usb 7-1: config 6 has no interface number 0
[  350.436824][ T5908] usb 7-1: config 6 interface 14 altsetting 218 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[  350.441189][ T5908] usb 7-1: config 6 interface 14 has no altsetting 0
[  350.445524][ T5908] usb 7-1: New USB device found, idVendor=0979, idProduct=0227, bcdDevice=6f.50
[  350.452083][ T5908] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.454628][ T5908] usb 7-1: Product: syz
[  350.461584][ T5908] usb 7-1: Manufacturer: syz
[  350.463098][ T5908] usb 7-1: SerialNumber: syz
[  350.681136][ T5908] gspca_main: jl2005bcd-2.14.0 probing 0979:0227
[  350.683325][ T5908] command write [95] error -8
[  350.695273][ T5908] usb 7-1: USB disconnect, device number 7
[  351.209401][T18041] tipc: Can't bind to reserved service type 2
[  351.238244][T18045] overlayfs: failed to clone upperpath
[  351.276032][T18049] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4933'.
[  352.330935][T18102] IPv4: Oversized IP packet from 127.202.26.0
[  353.231944][T18131] netlink: 'syz.5.4969': attribute type 1 has an invalid length.
[  353.345648][T18143] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4975'.
[  353.447575][T18157] loop6: detected capacity change from 0 to 1764
[  354.690960][T18183] netlink: 64985 bytes leftover after parsing attributes in process `syz.5.4993'.
[  355.079495][T18211] Invalid ELF header magic: != ELF
[  355.118847][T18213] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  355.123084][T18213] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  355.125769][T18213] gretap1: entered promiscuous mode
[  355.131966][T18213] gretap1: entered allmulticast mode
[  355.162793][T18215] loop6: detected capacity change from 0 to 64
[  355.330059][T18221] loop6: detected capacity change from 0 to 4096
[  355.625756][T18248] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5024'.
[  355.630668][T18248] netlink: 104 bytes leftover after parsing attributes in process `syz.6.5024'.
[  355.806632][T18250] wg2: entered promiscuous mode
[  355.816210][T18250] wg2: entered allmulticast mode
[  355.964279][T18260] loop6: detected capacity change from 0 to 128
[  355.971995][T18260] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  355.976918][T18260] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  356.129810][T18274] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5035'.
[  356.133542][T18274] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5035'.
[  356.598240][T18291] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5043'.
[  356.864446][ T1089] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  357.105800][T18323] loop6: detected capacity change from 0 to 4096
[  357.200045][T18323] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.256760][T16255] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.258334][T18333] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5063'.
[  358.162518][T18361] netlink: 52 bytes leftover after parsing attributes in process `syz.3.5075'.
[  358.565076][T18374] batman_adv: batadv0: Interface deactivated: dummy0
[  358.660723][T18381] Invalid ELF header magic: != ELF
[  358.704285][T16326] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  358.708031][T16326] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  358.711081][T16326] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  358.713994][T16326] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  359.019625][T18388] netlink: 180 bytes leftover after parsing attributes in process `syz.6.5085'.
[  359.023528][T18386] netlink: 180 bytes leftover after parsing attributes in process `syz.6.5085'.
[  359.027235][T18386] netlink: 180 bytes leftover after parsing attributes in process `syz.6.5085'.
[  359.190691][T18392] loop6: detected capacity change from 0 to 32768
[  359.207101][T18392] ea_get: invalid extended attribute
[  359.378316][T18401] loop6: detected capacity change from 0 to 2048
[  359.411577][T18402] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  359.445566][T18401] NILFS (loop6): error -2 truncating bmap (ino=16)
[  359.469355][T18402] NILFS (loop6): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3)
[  359.475127][T18402] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=16)
[  359.486191][T18402] Remounting filesystem read-only
[  359.488549][T16255] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer
[  359.690517][T18421] netlink: 'syz.6.5096': attribute type 1 has an invalid length.
[  359.692995][T18421] netlink: 'syz.6.5096': attribute type 2 has an invalid length.
[  360.214734][T18452] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5113'.
[  360.219285][T18452] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5113'.
[  360.275422][T17865] Bluetooth: hci0: Malformed LE Event: 0x0d
[  360.651104][T18482] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5128'.
[  360.660085][T18482] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5128'.
[  360.663545][T18482] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5128'.
[  360.669130][T18482] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5128'.
[  360.672623][T18482] netlink: 5 bytes leftover after parsing attributes in process `syz.6.5128'.
[  360.769287][T18496] loop6: detected capacity change from 0 to 256
[  360.781543][T18496] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  361.084351][T18513] loop6: detected capacity change from 0 to 4096
[  361.131690][T18513] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  361.140487][T18513] ntfs3(loop6): ino=1a, mi_enum_attr
[  361.142389][T18513] ntfs3(loop6): ino=1a, mi_enum_attr
[  361.144171][T18513] ntfs3(loop6): Failed to initialize $Extend/$Reparse.
[  361.645869][ T1847] IPVS: starting estimator thread 0...
[  361.737050][T18523] IPVS: using max 78 ests per chain, 187200 per kthread
[  361.818688][T17865] Bluetooth: hci1: unexpected event for opcode 0x2029
[  361.913611][T18531] team0: MTU too low for tipc bearer
[  361.919322][T18531] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  362.260758][T18541] 9pnet_fd: p9_fd_create_tcp (18541): problem connecting socket to 127.0.0.1
[  363.565417][T18593] loop6: detected capacity change from 0 to 512
[  363.571240][T18593] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  363.582203][T18593] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee018, mo2=0002]
[  363.585335][T18593] System zones: 1-12
[  363.588412][T18593] EXT4-fs (loop6): orphan cleanup on readonly fs
[  363.594262][T18593] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  363.603043][T18593] EXT4-fs (loop6): 1 truncate cleaned up
[  363.607275][T18593] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  363.637941][T16255] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.725912][T18607] netlink: 'syz.3.5187': attribute type 4 has an invalid length.
[  363.936327][ T5908] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  364.107651][ T5908] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  364.110730][ T5908] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  364.114263][ T5908] usb 7-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  364.117838][ T5908] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.128987][ T5908] usb 7-1: config 0 descriptor??
[  364.334619][ T1847] usb 7-1: USB disconnect, device number 8
[  365.121288][T18675] 9pnet_virtio: no channels available for device 
[  365.534209][T18682] overlayfs: failed to clone upperpath
[  365.849939][T17865] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  365.852860][T17865] Bluetooth: hci1: Injecting HCI hardware error event
[  365.858311][T17865] Bluetooth: hci1: hardware error 0x00
[  366.370414][T18721] overlayfs: failed to clone upperpath
[  366.402507][T18725] __nla_validate_parse: 2 callbacks suppressed
[  366.402519][T18725] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5239'.
[  366.440108][T18727] loop6: detected capacity change from 0 to 1024
[  367.612301][T18789] fuse: Bad value for 'user_id'
[  367.614099][T18789] fuse: Bad value for 'user_id'
[  367.926143][T17865] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  368.451553][T18810] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5278'.
[  369.616831][T18816] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5282'.
[  369.797211][T18836] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5290'.
[  370.903827][T18885] loop6: detected capacity change from 0 to 8192
[  370.908191][T18885] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  370.925042][T18885] ntfs3(loop6): Failed to initialize $Extend/$Reparse.
[  370.928604][T18885] ntfs3(loop6): ino=5, mi_enum_attr
[  370.993336][T18895] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  371.357561][T18935] netlink: 332 bytes leftover after parsing attributes in process `syz.6.5334'.
[  371.360549][T18935] netlink: 104 bytes leftover after parsing attributes in process `syz.6.5334'.
[  371.363556][T18935] netlink: 32 bytes leftover after parsing attributes in process `syz.6.5334'.
[  371.595387][T18944] veth1_macvtap: left promiscuous mode
[  371.597266][T18944] macsec0: entered promiscuous mode
[  371.819888][T18946] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[  371.959261][   T33] audit: type=1326 audit(1754929927.210:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18955 comm="syz.3.5343" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  371.967362][   T33] audit: type=1326 audit(1754929927.220:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18955 comm="syz.3.5343" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  371.974621][   T33] audit: type=1326 audit(1754929927.220:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18955 comm="syz.3.5343" exe="/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  371.987447][   T33] audit: type=1326 audit(1754929927.220:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18955 comm="syz.3.5343" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  371.994439][   T33] audit: type=1326 audit(1754929927.220:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18955 comm="syz.3.5343" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  372.259866][T18962] overlayfs: failed to clone upperpath
[  372.292677][T18964] netlink: 830 bytes leftover after parsing attributes in process `syz.6.5347'.
[  372.321439][T18966] loop6: detected capacity change from 0 to 128
[  372.332341][T18966] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  372.346092][T18966] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  372.362420][T18966] UDF-fs: error (device loop6): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  372.371886][T18966] UDF-fs: error (device loop6): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  372.530124][T18974] vivid-007: =================  START STATUS  =================
[  372.533722][T18974] vivid-007: Generate PTS: true
[  372.540566][T18974] vivid-007: Generate SCR: true
[  372.542323][T18974] tpg source WxH: 320x240 (Y'CbCr)
[  372.544253][T18974] tpg field: 1
[  372.545960][T18974] tpg crop: (0,0)/320x240
[  372.547741][T18974] tpg compose: (0,0)/320x240
[  372.549469][T18974] tpg colorspace: 8
[  372.551142][T18974] tpg transfer function: 0/0
[  372.553030][T18974] tpg Y'CbCr encoding: 0/0
[  372.554866][T18974] tpg quantization: 0/0
[  372.557595][T18974] tpg RGB range: 0/2
[  372.559305][T18974] vivid-007: ==================  END STATUS  ==================
[  372.569410][T18974] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[  372.571654][T18974] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  372.577026][T18974] vhci_hcd vhci_hcd.0: Device attached
[  372.815987][ T1847] usb 45-1: new high-speed USB device number 2 using vhci_hcd
[  373.337855][T18975] vhci_hcd: connection reset by peer
[  373.350808][   T13] vhci_hcd: stop threads
[  373.352242][   T13] vhci_hcd: release socket
[  373.361747][   T13] vhci_hcd: disconnect device
[  373.618534][T19002] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5363'.
[  374.238599][T19036] loop6: detected capacity change from 0 to 256
[  374.251079][T19036] FAT-fs (loop6): Directory bread(block 64) failed
[  374.253285][T19036] FAT-fs (loop6): Directory bread(block 65) failed
[  374.258140][T19036] FAT-fs (loop6): Directory bread(block 66) failed
[  374.260974][T19036] FAT-fs (loop6): Directory bread(block 67) failed
[  374.263051][T19036] FAT-fs (loop6): Directory bread(block 68) failed
[  374.265712][T19036] FAT-fs (loop6): Directory bread(block 69) failed
[  374.268065][T19036] FAT-fs (loop6): Directory bread(block 70) failed
[  374.270865][T19036] FAT-fs (loop6): Directory bread(block 71) failed
[  374.273108][T19036] FAT-fs (loop6): Directory bread(block 72) failed
[  374.276049][T19036] FAT-fs (loop6): Directory bread(block 73) failed
[  374.361898][T19040] syzkaller0: entered promiscuous mode
[  374.363794][T19040] syzkaller0: entered allmulticast mode
[  375.767874][T17865] Bluetooth: hci0: command 0x0000 tx timeout
[  377.203289][T19094] loop6: detected capacity change from 0 to 32768
[  377.535826][T19114] loop6: detected capacity change from 0 to 8
[  377.541399][T19114] SQUASHFS error: lzo decompression failed, data probably corrupt
[  377.545586][T19114] SQUASHFS error: Failed to read block 0x91: -5
[  377.548123][T19114] SQUASHFS error: Unable to read metadata cache entry [8f]
[  377.551062][T19114] SQUASHFS error: Unable to read inode 0x11f
[  377.616143][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  377.762087][T19128] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5419'.
[  377.904374][ T5908] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  377.914529][ T1847] vhci_hcd: vhci_device speed not set
[  378.054419][ T5908] usb 7-1: Using ep0 maxpacket: 8
[  378.059324][ T5908] usb 7-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  378.062150][ T5908] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.064789][ T5908] usb 7-1: Product: syz
[  378.066297][ T5908] usb 7-1: Manufacturer: syz
[  378.067790][ T5908] usb 7-1: SerialNumber: syz
[  378.070611][ T5908] usb 7-1: config 0 descriptor??
[  378.076980][ T5908] radio-usb-si4713 7-1:0.0: Si4713 development board discovered: (10C4:8244)
[  378.756095][ T5908] radio-usb-si4713 7-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  378.759330][ T5908] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  378.763098][ T5908] usb 7-1: USB disconnect, device number 9
[  379.291901][T19162] loop6: detected capacity change from 0 to 64
[  379.340658][T19164] netlink: 224 bytes leftover after parsing attributes in process `syz.6.5435'.
[  379.824444][ T5908] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  379.984156][ T5908] usb 7-1: Using ep0 maxpacket: 8
[  379.988170][ T5908] usb 7-1: config 105 has an invalid interface number: 212 but max is 0
[  379.991564][ T5908] usb 7-1: config 105 has no interface number 0
[  379.994822][ T5908] usb 7-1: config 105 interface 212 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1024
[  379.999189][ T5908] usb 7-1: config 105 interface 212 altsetting 0 endpoint 0x5 has invalid maxpacket 431, setting to 64
[  380.005616][ T5908] usb 7-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=72.73
[  380.008505][ T5908] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.010936][ T5908] usb 7-1: Product: syz
[  380.012220][ T5908] usb 7-1: Manufacturer: syz
[  380.013671][ T5908] usb 7-1: SerialNumber: syz
[  380.019847][T19180] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  380.400825][ T5908] port100 7-1:105.212: NFC: Could not find bulk-in or bulk-out endpoint
[  380.408038][ T5908] usb 7-1: USB disconnect, device number 10
[  380.834168][T19214] loop6: detected capacity change from 0 to 512
[  380.839928][T19214] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  381.049467][T19230] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5466'.
[  381.052406][T19230] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5466'.
[  381.057240][T19230] netlink: 'syz.6.5466': attribute type 18 has an invalid length.
[  381.059928][T19230] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5466'.
[  381.097047][T19234] loop6: detected capacity change from 0 to 512
[  381.102842][T19234] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  381.123590][T19234] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  381.132028][T19234] ext4 filesystem being mounted at /282/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  381.146888][T19234] EXT4-fs error (device loop6): ext4_xattr_block_list:762: inode #15: comm syz.6.5469: corrupted xattr block 19: overlapping e_value 
[  381.154757][T19234] EXT4-fs (loop6): Remounting filesystem read-only
[  381.169498][T16255] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.206660][T19244] vlan2: entered allmulticast mode
[  381.208888][T19244] vlan1: entered allmulticast mode
[  381.210840][T19244] veth0_vlan: entered allmulticast mode
[  381.368743][T19246] loop6: detected capacity change from 0 to 32768
[  381.383346][T19246] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  381.405771][T19246] XFS (loop6): Ending clean mount
[  381.410511][T19246] XFS (loop6): Quotacheck needed: Please wait.
[  381.447680][T19246] XFS (loop6): Quotacheck: Done.
[  381.472604][T16255] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  382.154048][   T24] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  382.324386][   T24] usb 7-1: Using ep0 maxpacket: 32
[  382.372912][   T24] usb 7-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  382.381708][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.389546][   T24] usb 7-1: Product: syz
[  382.390995][   T24] usb 7-1: Manufacturer: syz
[  382.392548][   T24] usb 7-1: SerialNumber: syz
[  382.398549][   T24] usb 7-1: config 0 descriptor??
[  382.610859][   T24] RobotFuzz Open Source InterFace, OSIF 7-1:0.0: version d4.15 found at bus 007 address 011
[  382.811180][ T5908] usb 7-1: USB disconnect, device number 11
[  384.214578][T19351] loop6: detected capacity change from 0 to 256
[  384.480087][T19353] bond3: entered promiscuous mode
[  384.481882][T19353] bond3: entered allmulticast mode
[  384.484017][T19353] 8021q: adding VLAN 0 to HW filter on device bond3
[  384.606381][T19368] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5524'.
[  385.149968][T19388] loop6: detected capacity change from 0 to 1024
[  385.195897][   T26] hfsplus: b-tree write err: -5, ino 8
[  385.513644][ T1847] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  385.844796][T19435] netlink: 76 bytes leftover after parsing attributes in process `syz.3.5556'.
[  385.848119][T19435] netlink: 76 bytes leftover after parsing attributes in process `syz.3.5556'.
[  385.907224][ T1847] usb 7-1: unable to get BOS descriptor or descriptor too short
[  385.910305][ T1847] usb 7-1: not running at top speed; connect to a high speed hub
[  385.914280][ T1847] usb 7-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  385.919204][ T1847] usb 7-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[  385.922139][ T1847] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.925656][ T1847] usb 7-1: Product: syz
[  385.927092][ T1847] usb 7-1: Manufacturer: syz
[  385.928629][ T1847] usb 7-1: SerialNumber: syz
[  386.096402][T19449] cgroup: none used incorrectly
[  386.138691][T19452] netlink: 'syz.3.5564': attribute type 10 has an invalid length.
[  386.141147][ T1847] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  386.158259][T19452] wlan1: mtu less than device minimum
[  386.160332][T19452] : (slave wlan1): Error -22 calling dev_set_mtu
[  386.161873][ T1847] snd-usb-audio 7-1:8.0: probe with driver snd-usb-audio failed with error -2
[  386.185446][ T1847] usb 7-1: USB disconnect, device number 12
[  386.362646][ T5965] udevd[5965]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  386.375487][T19455] netlink: 'syz.3.5565': attribute type 1 has an invalid length.
[  386.798837][T19469] ptrace attach of "/syz-executor exec"[16255] was attempted by ""[19469]
[  386.997166][T19473] loop6: detected capacity change from 0 to 40427
[  387.000172][T19473] F2FS-fs: heap/no_heap options were deprecated
[  387.009310][T19473] F2FS-fs (loop6): build fault injection rate: 19
[  387.011535][T19473] F2FS-fs (loop6): build fault injection type: 0x3bfe8c
[  387.015533][T19473] F2FS-fs (loop6): invalid crc value
[  387.024357][T19473] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  387.050914][T19473] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  387.060634][T19473] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  387.065295][T19473] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  387.080752][T19473] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  387.088421][T19473] F2FS-fs (loop6): inject lock_op in f2fs_trylock_op of f2fs_write_single_data_page+0x9f1/0x16a0
[  387.094393][T19473] syz.6.5574: attempt to access beyond end of device
[  387.094393][T19473] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  387.116930][T16255] syz-executor: attempt to access beyond end of device
[  387.116930][T16255] loop6: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  387.121717][T16255] CPU: 0 UID: 0 PID: 16255 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  387.121730][T16255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  387.121736][T16255] Call Trace:
[  387.121740][T16255]  <TASK>
[  387.121744][T16255]  dump_stack_lvl+0x189/0x250
[  387.121760][T16255]  ? __pfx_dump_stack_lvl+0x10/0x10
[  387.121769][T16255]  ? __pfx_queue_work_on+0x10/0x10
[  387.121777][T16255]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  387.121789][T16255]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  387.121803][T16255]  f2fs_handle_critical_error+0x37c/0x540
[  387.121817][T16255]  f2fs_write_end_io+0x886/0xb60
[  387.121837][T16255]  __submit_merged_bio+0x27a/0x6a0
[  387.121849][T16255]  __submit_merged_write_cond+0x255/0x530
[  387.121861][T16255]  f2fs_write_data_pages+0x261d/0x3000
[  387.121887][T16255]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  387.121903][T16255]  ? __bad_area_nosemaphore+0x11a/0x780
[  387.121941][T16255]  ? __lock_acquire+0xab9/0xd20
[  387.121961][T16255]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  387.121971][T16255]  do_writepages+0x32e/0x550
[  387.121988][T16255]  ? do_raw_spin_unlock+0x4d/0x240
[  387.121999][T16255]  filemap_fdatawrite+0x199/0x240
[  387.122010][T16255]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  387.122041][T16255]  ? do_raw_spin_unlock+0x4d/0x240
[  387.122052][T16255]  f2fs_sync_dirty_inodes+0x31f/0x830
[  387.122070][T16255]  f2fs_write_checkpoint+0x95a/0x1df0
[  387.122091][T16255]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  387.122124][T16255]  ? kill_f2fs_super+0x298/0x6c0
[  387.122137][T16255]  kill_f2fs_super+0x2c3/0x6c0
[  387.122150][T16255]  ? __pfx_kill_f2fs_super+0x10/0x10
[  387.122159][T16255]  ? radix_tree_delete_item+0x2b6/0x400
[  387.122171][T16255]  ? shrinker_free+0x2ce/0x3e0
[  387.122181][T16255]  deactivate_locked_super+0xbc/0x130
[  387.122192][T16255]  cleanup_mnt+0x425/0x4c0
[  387.122200][T16255]  ? lockdep_hardirqs_on+0x9c/0x150
[  387.122210][T16255]  task_work_run+0x1d4/0x260
[  387.122222][T16255]  ? __pfx_task_work_run+0x10/0x10
[  387.122230][T16255]  ? __x64_sys_umount+0x122/0x160
[  387.122242][T16255]  ? exit_to_user_mode_loop+0x40/0x110
[  387.122256][T16255]  exit_to_user_mode_loop+0xec/0x110
[  387.122266][T16255]  do_syscall_64+0x2bd/0x3b0
[  387.122274][T16255]  ? lockdep_hardirqs_on+0x9c/0x150
[  387.122287][T16255]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.122295][T16255]  ? exc_page_fault+0x9f/0xf0
[  387.122304][T16255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.122311][T16255] RIP: 0033:0x7feb3b38ff17
[  387.122320][T16255] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  387.122326][T16255] RSP: 002b:00007ffc803d3ca8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  387.122336][T16255] RAX: 0000000000000000 RBX: 00007feb3b411c05 RCX: 00007feb3b38ff17
[  387.122341][T16255] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc803d3d60
[  387.122345][T16255] RBP: 00007ffc803d3d60 R08: 0000000000000000 R09: 0000000000000000
[  387.122349][T16255] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc803d4df0
[  387.122354][T16255] R13: 00007feb3b411c05 R14: 000000000005e981 R15: 00007ffc803d4e30
[  387.122367][T16255]  </TASK>
[  387.122370][T16255] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  387.498013][T19489] tipc: Started in network mode
[  387.499644][T19489] tipc: Node identity ac14140f, cluster identity 4711
[  387.502117][T19489] tipc: New replicast peer: 255.255.255.255
[  387.505157][T19489] tipc: Enabled bearer <udp:syz2>, priority 10
[  387.542450][T19492] loop6: detected capacity change from 0 to 128
[  387.566557][T19492] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  387.571748][T19492] ext4 filesystem being mounted at /309/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  387.609334][T16255] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  387.787268][T19514] loop6: detected capacity change from 0 to 8
[  387.790858][T19514] SQUASHFS error: zlib decompression failed, data probably corrupt
[  387.794877][T19514] SQUASHFS error: Failed to read block 0x9b: -5
[  387.796986][T19514] SQUASHFS error: Unable to read metadata cache entry [99]
[  387.799391][T19514] SQUASHFS error: Unable to read inode 0x127
[  387.933937][   T26] wlan1: Trigger new scan to find an IBSS to join
[  388.624428][ T1847] tipc: Node number set to 2886997007
[  389.423644][T19555] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  389.480418][T19562] overlayfs: failed to clone upperpath
[  390.142522][T19601] loop6: detected capacity change from 0 to 764
[  390.160056][T19601] rock: directory entry would overflow storage
[  390.162098][T19601] rock: sig=0x5245, size=8, remaining=5
[  390.461839][T19617] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5638'.
[  390.464986][T19617] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5638'.
[  390.839763][T19647] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5653'.
[  390.883037][   T36] wlan1: Trigger new scan to find an IBSS to join
[  391.152938][ T6501] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  391.324230][ T6501] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  391.327544][ T6501] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  391.342762][ T6501] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  391.346389][ T6501] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  391.349417][ T6501] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  391.364391][ T6501] usb 7-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  391.367220][ T6501] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  391.369667][ T6501] usb 7-1: Product: syz
[  391.371144][ T6501] usb 7-1: Manufacturer: syz
[  391.372595][ T6501] usb 7-1: SerialNumber: syz
[  391.377328][ T6501] usb 7-1: config 0 descriptor??
[  391.651945][ T6501] radio-si470x 7-1:0.0: DeviceID=0x51b4 ChipID=0x426b
[  391.942094][ T6501] radio-si470x 7-1:0.0: software version 81, hardware version 180
[  391.989412][ T6501] radio-si470x 7-1:0.0: si470x_set_report: usb_control_msg returned -71
[  391.992128][ T6501] radio-si470x 7-1:0.0: submitting int urb failed (-90)
[  391.996740][ T6501] radio-si470x 7-1:0.0: si470x_set_report: usb_control_msg returned -71
[  391.999621][ T6501] radio-si470x 7-1:0.0: probe with driver radio-si470x failed with error -22
[  392.006423][ T6501] usb 7-1: USB disconnect, device number 13
[  392.011939][ T5965] udevd[5965]: setting mode of /dev/bus/usb/007/013 to 020664 failed: No such file or directory
[  392.019911][ T5965] udevd[5965]: setting owner of /dev/bus/usb/007/013 to uid=0, gid=0 failed: No such file or directory
[  392.588589][T19732] fuse: Unknown parameter '0x0000000000000004'
[  392.970196][   T13] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  392.979135][   T13] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.098121][   T13] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  393.113358][   T13] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.159692][ T5235] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  393.175436][ T5235] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  393.179982][ T5235] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  393.191107][ T5235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  393.195783][ T5235] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  393.224657][   T13] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  393.228017][   T13] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.339640][   T13] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  393.345168][   T13] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.361243][T19803] netlink: 'syz.5.5718': attribute type 3 has an invalid length.
[  393.365314][T19803] netlink: 'syz.5.5718': attribute type 3 has an invalid length.
[  393.506039][T19787] chnl_net:caif_netlink_parms(): no params data found
[  393.756594][   T13] bridge_slave_1: left allmulticast mode
[  393.758704][   T13] bridge_slave_1: left promiscuous mode
[  393.760638][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.777585][   T13] bridge_slave_0: left allmulticast mode
[  393.786691][   T13] bridge_slave_0: left promiscuous mode
[  393.788649][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.996841][T19757] wlan1: Trigger new scan to find an IBSS to join
[  394.496290][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.500918][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  394.505287][   T13] bond0 (unregistering): Released all slaves
[  394.511758][T19787] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.522163][T19787] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.527101][T19787] bridge_slave_0: entered allmulticast mode
[  394.530023][T19787] bridge_slave_0: entered promiscuous mode
[  394.554045][T19787] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.556511][T19787] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.558840][T19787] bridge_slave_1: entered allmulticast mode
[  394.561428][T19787] bridge_slave_1: entered promiscuous mode
[  394.567131][   T13] tipc: Disabling bearer <udp:syz2>
[  394.569133][   T13] tipc: Left network mode
[  394.684316][T19787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  394.703414][T19787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  394.741213][T19787] team0: Port device team_slave_0 added
[  394.759878][T19787] team0: Port device team_slave_1 added
[  394.854124][T19787] batman_adv: batadv0: Adding interface: batadv_slave_0
[  394.856425][T19787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  394.869325][T19787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  394.883506][T19787] batman_adv: batadv0: Adding interface: batadv_slave_1
[  394.885993][T19787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  394.896999][T19787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  394.934577][   T13] hsr_slave_0: left promiscuous mode
[  394.936921][   T13] hsr_slave_1: left promiscuous mode
[  394.939724][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  394.944795][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  394.947787][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  394.950344][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  394.966541][   T13] veth0_macvtap: left promiscuous mode
[  394.968541][   T13] veth1_vlan: left promiscuous mode
[  394.970280][   T13] veth0_vlan: left promiscuous mode
[  395.283740][ T5235] Bluetooth: hci2: command tx timeout
[  395.459330][   T13] team0 (unregistering): Port device team_slave_1 removed
[  395.494207][   T13] team0 (unregistering): Port device team_slave_0 removed
[  395.911027][T19787] hsr_slave_0: entered promiscuous mode
[  395.915323][T19787] hsr_slave_1: entered promiscuous mode
[  395.918102][T19787] debugfs: 'hsr0' already exists in 'hsr'
[  395.920002][T19787] Cannot create hsr debugfs directory
[  396.214828][   T13] IPVS: stop unused estimator thread 0...
[  396.251432][T19787] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  396.260133][T19787] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  396.267167][T19787] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  396.275430][T19787] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  396.318309][T19787] 8021q: adding VLAN 0 to HW filter on device bond0
[  396.333926][T19787] 8021q: adding VLAN 0 to HW filter on device team0
[  396.339124][T19754] bridge0: port 1(bridge_slave_0) entered blocking state
[  396.341415][T19754] bridge0: port 1(bridge_slave_0) entered forwarding state
[  396.348810][T19754] bridge0: port 2(bridge_slave_1) entered blocking state
[  396.351128][T19754] bridge0: port 2(bridge_slave_1) entered forwarding state
[  396.467118][T19787] 8021q: adding VLAN 0 to HW filter on device batadv0
[  396.590394][T19787] veth0_vlan: entered promiscuous mode
[  396.597636][T19787] veth1_vlan: entered promiscuous mode
[  396.619427][T19787] veth0_macvtap: entered promiscuous mode
[  396.630809][T19787] veth1_macvtap: entered promiscuous mode
[  396.654252][T19787] batman_adv: batadv0: Interface activated: batadv_slave_0
[  396.666415][T19787] batman_adv: batadv0: Interface activated: batadv_slave_1
[  396.673591][   T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  396.676424][   T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  396.679180][   T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  396.703958][   T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  396.763980][T19765] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.774303][T19765] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.795805][T19771] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.798274][T19771] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.839395][T19945] IPVS: ip_vs_add_dest(): server weight less than zero
[  396.841808][T10019] IPVS: starting estimator thread 0...
[  396.942987][T19946] IPVS: using max 80 ests per chain, 192000 per kthread
[  396.987708][T19962] veth0_to_bond: entered allmulticast mode
[  396.990943][T19962] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check.
[  397.251558][T19974] loop7: detected capacity change from 0 to 32768
[  397.264838][T19974] XFS: attr2 mount option is deprecated.
[  397.300800][T19974] XFS (loop7): DAX unsupported by block device. Turning off DAX.
[  397.316190][T19974] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  397.362249][T19974] XFS (loop7): Ending clean mount
[  397.362507][ T5235] Bluetooth: hci2: command tx timeout
[  397.369030][T19974] XFS (loop7): Quotacheck needed: Please wait.
[  397.431193][T19974] XFS (loop7): Quotacheck: Done.
[  397.490900][T19787] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  397.667250][T20008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5772'.
[  397.670272][T20008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5772'.
[  397.673226][T20008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5772'.
[  397.696046][T20003] GUP no longer grows the stack in syz.5.5770 (20003): 200000003000-20000000a000 (200000001000)
[  397.702376][T20003] CPU: 0 UID: 0 PID: 20003 Comm: syz.5.5770 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  397.702390][T20003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  397.702396][T20003] Call Trace:
[  397.702399][T20003]  <TASK>
[  397.702404][T20003]  dump_stack_lvl+0x189/0x250
[  397.702422][T20003]  ? __pfx_dump_stack_lvl+0x10/0x10
[  397.702431][T20003]  ? __pfx__printk+0x10/0x10
[  397.702443][T20003]  ? find_vma+0xe7/0x160
[  397.702454][T20003]  ? __lock_acquire+0xab9/0xd20
[  397.702472][T20003]  __get_user_pages+0x24d0/0x2ce0
[  397.702485][T20003]  ? __bpf_trace_mmap_lock_acquire_returned+0x13b/0x190
[  397.702506][T20003]  ? rcu_is_watching+0x15/0xb0
[  397.702516][T20003]  __gup_longterm_locked+0xde9/0x1660
[  397.702539][T20003]  ? sanity_check_pinned_pages+0x123a/0x1300
[  397.702552][T20003]  gup_fast_fallback+0x1e6a/0x2010
[  397.702576][T20003]  ? __pfx_gup_fast_fallback+0x10/0x10
[  397.702592][T20003]  ? pin_user_pages_fast+0x4d/0xb0
[  397.702603][T20003]  iov_iter_extract_pages+0x35a/0x5e0
[  397.702616][T20003]  extract_iter_to_sg+0xe46/0x24e0
[  397.702634][T20003]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  397.702679][T20003]  ? __asan_memset+0x22/0x50
[  397.702690][T20003]  af_alg_get_rsgl+0x436/0x810
[  397.702707][T20003]  aead_recvmsg+0x4cc/0x13f0
[  397.702721][T20003]  ? rcu_is_watching+0x15/0xb0
[  397.702732][T20003]  ? __pfx_aead_recvmsg+0x10/0x10
[  397.702744][T20003]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  397.702755][T20003]  ? __pfx_aead_recvmsg+0x10/0x10
[  397.702766][T20003]  sock_recvmsg_nosec+0x186/0x1c0
[  397.702777][T20003]  ____sys_recvmsg+0x3aa/0x460
[  397.702792][T20003]  ? __pfx_____sys_recvmsg+0x10/0x10
[  397.702808][T20003]  ? import_iovec+0x74/0xa0
[  397.702817][T20003]  ___sys_recvmsg+0x1b5/0x510
[  397.702830][T20003]  ? __pfx____sys_recvmsg+0x10/0x10
[  397.702853][T20003]  ? __might_fault+0xb0/0x130
[  397.702864][T20003]  do_recvmmsg+0x307/0x770
[  397.702878][T20003]  ? __pfx_do_recvmmsg+0x10/0x10
[  397.702887][T20003]  ? __ia32_sys_rt_sigreturn+0x6a2/0x7b0
[  397.702906][T20003]  ? __pfx_do_futex+0x10/0x10
[  397.702923][T20003]  __x64_sys_recvmmsg+0x190/0x240
[  397.702935][T20003]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  397.702945][T20003]  ? rcu_is_watching+0x15/0xb0
[  397.702954][T20003]  ? do_syscall_64+0xbe/0x3b0
[  397.702965][T20003]  do_syscall_64+0xfa/0x3b0
[  397.702974][T20003]  ? lockdep_hardirqs_on+0x9c/0x150
[  397.702982][T20003]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.702990][T20003]  ? exc_page_fault+0x9f/0xf0
[  397.702999][T20003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.703006][T20003] RIP: 0033:0x7f6a3658ebe9
[  397.703014][T20003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.703020][T20003] RSP: 002b:00007f6a3736f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  397.703030][T20003] RAX: ffffffffffffffda RBX: 00007f6a367b5fa0 RCX: 00007f6a3658ebe9
[  397.703035][T20003] RDX: 0000000000000002 RSI: 0000200000000180 RDI: 0000000000000007
[  397.703040][T20003] RBP: 00007f6a36611e19 R08: 0000000000000000 R09: 0000000000000000
[  397.703045][T20003] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000000
[  397.703049][T20003] R13: 00007f6a367b6038 R14: 00007f6a367b5fa0 R15: 00007fff6c6fcc98
[  397.703061][T20003]  </TASK>
[  398.014143][T20027] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  398.231919][ T5908] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  398.381958][ T5908] usb 8-1: Using ep0 maxpacket: 16
[  398.387191][ T5908] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  398.390690][ T5908] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  398.394135][ T5908] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  398.399270][ T5908] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  398.403883][ T5908] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  398.406545][ T5908] usb 8-1: Manufacturer: syz
[  398.410015][ T5908] usb 8-1: config 0 descriptor??
[  398.618410][ T5908] usb 8-1: USB disconnect, device number 2
[  399.442277][ T5235] Bluetooth: hci2: command tx timeout
[  399.449121][T20060] loop7: detected capacity change from 0 to 32768
[  399.453898][T20060] XFS: attr2 mount option is deprecated.
[  399.472297][T20060] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  399.528391][T20060] XFS (loop7): Ending clean mount
[  399.531400][T20060] XFS (loop7): Quotacheck needed: Please wait.
[  399.569096][T20060] XFS (loop7): Quotacheck: Done.
[  399.590225][T19787] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  399.730790][T20086] netlink: 'syz.7.5802': attribute type 11 has an invalid length.
[  399.781871][T20090] mac80211_hwsim hwsim21 wlan1: entered promiscuous mode
[  399.788537][T20090] macvtap1: entered promiscuous mode
[  400.214852][T20133] io-wq is not configured for unbound workers
[  401.002201][T20165] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5838'.
[  401.090768][T20172] 9pnet: p9_errstr2errno: server reported unknown error 184467440737095
[  401.521853][ T5235] Bluetooth: hci2: command tx timeout
[  402.951846][T20235] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5868'.
[  403.267324][T20238] loop7: detected capacity change from 0 to 32768
[  403.312657][T20238] overlayfs: upper fs needs to support d_type.
[  403.314990][T20238] overlayfs: upper fs does not support tmpfile.
[  403.327602][T20238] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  403.396147][T20242] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5870'.
[  403.906118][T20258] netlink: 'syz.3.5877': attribute type 11 has an invalid length.
[  403.919424][T20258] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.5877'.
[  403.938838][ T5872] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.056121][ T5872] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.130798][ T5872] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.187233][ T5872] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.194385][T17865] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  404.204671][T17865] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  404.208134][T17865] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  404.214571][T17865] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  404.217525][T17865] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  404.378542][ T5872] bridge_slave_1: left allmulticast mode
[  404.382158][ T5872] bridge_slave_1: left promiscuous mode
[  404.384062][ T5872] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.388164][ T5872] bridge_slave_0: left allmulticast mode
[  404.390051][ T5872] bridge_slave_0: left promiscuous mode
[  404.394785][ T5872] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.768993][ T5872] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  404.773749][ T5872] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  404.778164][ T5872] bond0 (unregistering): Released all slaves
[  404.855681][   T33] audit: type=1326 audit(1754929960.114:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20287 comm="syz.3.5889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  404.890067][   T33] audit: type=1326 audit(1754929960.114:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20287 comm="syz.3.5889" exe="/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  404.899051][   T33] audit: type=1326 audit(1754929960.114:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20287 comm="syz.3.5889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  404.907787][   T33] audit: type=1326 audit(1754929960.114:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20287 comm="syz.3.5889" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  404.927892][   T33] audit: type=1326 audit(1754929960.114:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20287 comm="syz.3.5889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  404.935887][   T33] audit: type=1326 audit(1754929960.114:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20287 comm="syz.3.5889" exe="/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  404.955008][   T33] audit: type=1326 audit(1754929960.184:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20287 comm="syz.3.5889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  404.965510][   T33] audit: type=1326 audit(1754929960.184:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20287 comm="syz.3.5889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde55f8ebe9 code=0x7ffc0000
[  405.047583][ T3569] ------------[ cut here ]------------
[  405.049992][ T3569] WARNING: CPU: 1 PID: 3569 at io_uring/io_uring.c:2981 io_ring_exit_work+0x4ed/0x930
[  405.053318][ T3569] Modules linked in:
[  405.054813][ T3569] CPU: 1 UID: 0 PID: 3569 Comm: kworker/u10:5 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  405.059429][ T3569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  405.063391][ T3569] Workqueue: iou_exit io_ring_exit_work
[  405.065191][ T3569] RIP: 0010:io_ring_exit_work+0x4ed/0x930
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  405.067326][ T3569] Code: c6 05 08 aa 61 0e 01 48 c7 c7 00 50 e2 8b be 24 00 00 00 48 c7 c2 a0 4f e2 8b e8 ce 1d 72 00 e9 7b fe ff ff e8 74 43 94 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 38 e9 5f ff ff ff 89 d9 80 e1
[  405.073768][ T3569] RSP: 0018:ffffc90003baf8e0 EFLAGS: 00010293
[  405.075734][ T3569] RAX: ffffffff812b683c RBX: 00000001000028b8 RCX: ffff88810a12d640
[  405.078187][ T3569] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[  405.080741][ T3569] RBP: ffffc90003bafa70 R08: ffffc90003baf867 R09: 1ffff92000775f0c
[  405.084143][ T3569] R10: dffffc0000000000 R11: fffff52000775f0d R12: 00000001000028b7
[  405.086818][ T3569] R13: ffff8880220d0310 R14: ffff8880220d0480 R15: dffffc0000000000
[  405.089582][ T3569] FS:  0000000000000000(0000) GS:ffff8881a3c24000(0000) knlGS:0000000000000000
[  405.092579][ T3569] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  405.093950][T20307] netlink: 'syz.3.5895': attribute type 1 has an invalid length.
[  405.094645][ T3569] CR2: fffffffffffffffd CR3: 0000000125076000 CR4: 00000000000006f0
[  405.097097][T20307] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.5895'.
[  405.099644][ T3569] Call Trace:
[  405.103973][ T3569]  <TASK>
[  405.104944][ T3569]  ? __pfx_io_ring_exit_work+0x10/0x10
[  405.106734][ T3569]  ? _raw_spin_unlock_irq+0x23/0x50
[  405.108467][ T3569]  ? process_scheduled_works+0x9ef/0x17b0
[  405.110390][ T3569]  ? process_scheduled_works+0x9ef/0x17b0
[  405.112490][ T3569]  process_scheduled_works+0xae1/0x17b0
[  405.114297][ T3569]  ? __pfx_process_scheduled_works+0x10/0x10
[  405.116234][ T3569]  worker_thread+0x8a0/0xda0
[  405.117729][ T3569]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  405.119753][ T3569]  ? __kthread_parkme+0x7b/0x200
[  405.121575][ T3569]  kthread+0x711/0x8a0
[  405.122935][ T3569]  ? __pfx_worker_thread+0x10/0x10
[  405.124624][ T3569]  ? __pfx_kthread+0x10/0x10
[  405.126152][ T3569]  ? _raw_spin_unlock_irq+0x23/0x50
[  405.127869][ T3569]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.129500][ T3569]  ? __pfx_kthread+0x10/0x10
[  405.131403][ T3569]  ret_from_fork+0x3fc/0x770
[  405.132885][ T3569]  ? __pfx_ret_from_fork+0x10/0x10
[  405.134514][ T3569]  ? __switch_to_asm+0x39/0x70
[  405.136021][ T3569]  ? __switch_to_asm+0x33/0x70
[  405.137524][ T3569]  ? __pfx_kthread+0x10/0x10
[  405.139000][ T3569]  ret_from_fork_asm+0x1a/0x30
[  405.140509][ T3569]  </TASK>
[  405.141912][ T3569] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  405.144158][ T3569] CPU: 1 UID: 0 PID: 3569 Comm: kworker/u10:5 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  405.148046][ T3569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  405.151213][ T3569] Workqueue: iou_exit io_ring_exit_work
[  405.152950][ T3569] Call Trace:
[  405.154203][ T3569]  <TASK>
[  405.155151][ T3569]  dump_stack_lvl+0x99/0x250
[  405.156629][ T3569]  ? __asan_memcpy+0x40/0x70
[  405.158093][ T3569]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.159717][ T3569]  ? __pfx__printk+0x10/0x10
[  405.161178][ T3569]  vpanic+0x281/0x750
[  405.162440][ T3569]  ? __pfx__printk+0x10/0x10
[  405.163917][ T3569]  ? __pfx_vpanic+0x10/0x10
[  405.165400][ T3569]  ? is_bpf_text_address+0x26/0x2b0
[  405.167047][ T3569]  panic+0xb9/0xc0
[  405.168229][ T3569]  ? __pfx_panic+0x10/0x10
[  405.169670][ T3569]  __warn+0x31b/0x4b0
[  405.170918][ T3569]  ? io_ring_exit_work+0x4ed/0x930
[  405.172539][ T3569]  ? io_ring_exit_work+0x4ed/0x930
[  405.174190][ T3569]  report_bug+0x2be/0x4f0
[  405.175616][ T3569]  ? io_ring_exit_work+0x4ed/0x930
[  405.177238][ T3569]  ? io_ring_exit_work+0x4ed/0x930
[  405.178857][ T3569]  ? io_ring_exit_work+0x4ef/0x930
[  405.180478][ T3569]  handle_bug+0x84/0x160
[  405.181849][ T3569]  exc_invalid_op+0x1a/0x50
[  405.183301][ T3569]  asm_exc_invalid_op+0x1a/0x20
[  405.184857][ T3569] RIP: 0010:io_ring_exit_work+0x4ed/0x930
[  405.186663][ T3569] Code: c6 05 08 aa 61 0e 01 48 c7 c7 00 50 e2 8b be 24 00 00 00 48 c7 c2 a0 4f e2 8b e8 ce 1d 72 00 e9 7b fe ff ff e8 74 43 94 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 38 e9 5f ff ff ff 89 d9 80 e1
[  405.192743][ T3569] RSP: 0018:ffffc90003baf8e0 EFLAGS: 00010293
[  405.194682][ T3569] RAX: ffffffff812b683c RBX: 00000001000028b8 RCX: ffff88810a12d640
[  405.197195][ T3569] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[  405.199781][ T3569] RBP: ffffc90003bafa70 R08: ffffc90003baf867 R09: 1ffff92000775f0c
[  405.202277][ T3569] R10: dffffc0000000000 R11: fffff52000775f0d R12: 00000001000028b7
[  405.204766][ T3569] R13: ffff8880220d0310 R14: ffff8880220d0480 R15: dffffc0000000000
[  405.207256][ T3569]  ? io_ring_exit_work+0x4ec/0x930
[  405.208952][ T3569]  ? __pfx_io_ring_exit_work+0x10/0x10
[  405.210749][ T3569]  ? _raw_spin_unlock_irq+0x23/0x50
[  405.212443][ T3569]  ? process_scheduled_works+0x9ef/0x17b0
[  405.214244][ T3569]  ? process_scheduled_works+0x9ef/0x17b0
[  405.216033][ T3569]  process_scheduled_works+0xae1/0x17b0
[  405.217794][ T3569]  ? __pfx_process_scheduled_works+0x10/0x10
[  405.219702][ T3569]  worker_thread+0x8a0/0xda0
[  405.221144][ T3569]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  405.223207][ T3569]  ? __kthread_parkme+0x7b/0x200
[  405.224836][ T3569]  kthread+0x711/0x8a0
[  405.226143][ T3569]  ? __pfx_worker_thread+0x10/0x10
[  405.227761][ T3569]  ? __pfx_kthread+0x10/0x10
[  405.229264][ T3569]  ? _raw_spin_unlock_irq+0x23/0x50
[  405.230962][ T3569]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.232658][ T3569]  ? __pfx_kthread+0x10/0x10
[  405.234183][ T3569]  ret_from_fork+0x3fc/0x770
[  405.235737][ T3569]  ? __pfx_ret_from_fork+0x10/0x10
[  405.237391][ T3569]  ? __switch_to_asm+0x39/0x70
[  405.238970][ T3569]  ? __switch_to_asm+0x33/0x70
[  405.240537][ T3569]  ? __pfx_kthread+0x10/0x10
[  405.242056][ T3569]  ret_from_fork_asm+0x1a/0x30
[  405.243653][ T3569]  </TASK>
[  405.245294][ T3569] Kernel Offset: disabled
[  405.246688][ T3569] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:19:51  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff93489760 RBX=0000000000000003 RCX=fa4f7e9cd9eb1140 RDX=0000000000000000
RSI=ffff888046768b68 RDI=ffff888046768000 RBP=0000000000000000 RSP=ffffc900038df420
R8 =0000000000000000 R9 =ffffffff822e5b0a R10=dffffc0000000000 R11=fffff94000179d99
R12=000000005f7320a6 R13=ffff888046768af0 R14=ffff888046768b68 R15=fa4f7e9cd9eb1140
RIP=ffffffff819da190 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=fffffffffffffffd CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fde56187498 00007fde56187470 XMM03=00007fde561874a8 00007fde561874a0
XMM04=00007fde56ced100 00007fde56187460 XMM05=00007fde56187478 00007fde561874c0
XMM06=00007fde561874b8 00007fde561874b0 XMM07=00007fde561874a8 00007fde561874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fde56012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000044 RBX=0000000000000044 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90003baf090
R8 =ffff88801f888237 R9 =1ffff11003f11046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af18e8 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=fffffffffffffffd CR3=0000000125076000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffffff ffffff0000000000
XMM02=ffff000000000000 ffffffffffffffff XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
