last executing test programs:

3m59.645477685s ago: executing program 1 (id=111):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000000)="09000000010001", 0x7)

3m59.64325641s ago: executing program 1 (id=112):
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f0000000140)={0x0, 0x0, 0x7c, 0x9, 0x2, [], [0x8, 0x19, 0x7, 0x7ff], [0x1, 0x4, 0x7, 0x3], [0x2, 0x5, 0x0, 0x2]})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_setup(0x4968, &(0x7f0000000140)={0x0, 0x402a, 0x8000, 0x2, 0xddf0})

3m59.566357962s ago: executing program 1 (id=113):
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r2, 0x0, 0x6}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

3m59.540739483s ago: executing program 1 (id=114):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680), 0x3, 0x470, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

3m59.357877507s ago: executing program 1 (id=116):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000000, 0x71, 0x200000009})
pread64(r0, 0x0, 0x0, 0xce2)

3m57.727681205s ago: executing program 1 (id=130):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000040)='notify_on_release\x00', 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_int(r2, 0x11, 0x1, &(0x7f0000000080)=0x4, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendfile(r2, r1, 0x0, 0xe25)

3m57.571950635s ago: executing program 32 (id=130):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000040)='notify_on_release\x00', 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_int(r2, 0x11, 0x1, &(0x7f0000000080)=0x4, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendfile(r2, r1, 0x0, 0xe25)

2m51.524566114s ago: executing program 2 (id=797):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
copy_file_range(r0, 0x0, r0, &(0x7f0000000180)=0xfffffffffffff470, 0x0, 0x0)

2m51.414307156s ago: executing program 2 (id=799):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@caif=@rfm={0x25, 0x5, "cdfaaf7254f4ef6249f068fcdd7e1cbd"}, 0x80, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000001280)="1c393502dda1a67d93b1", 0xa}], 0x2}, 0x800)

2m51.327544884s ago: executing program 2 (id=801):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2m51.277378779s ago: executing program 2 (id=803):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
umount2(&(0x7f0000000100)='./file0\x00', 0x8)

2m51.19590246s ago: executing program 2 (id=804):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000400), 0x1, 0x0)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000440)="688b", 0x2}, {0x0}], 0x2)

2m51.005473108s ago: executing program 2 (id=805):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000001780)={0x44, &(0x7f0000001600)={0x0, 0x15, 0x1, "c3"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
r4 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[], 0x0)
syz_usb_control_io(r4, &(0x7f0000000140)={0x2c, 0x0, &(0x7f0000000300)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x3001}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r4, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41f}}}, 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f0000000c40)={0x84, &(0x7f0000000740)={0x20, 0x3, 0x2, "b23b"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000540)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x84, 0x2, "06ac"}, 0x0})
r5 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x8402)
ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000002580)={&(0x7f0000000780)=[{0xd0, 0x8000, 0x0, 0x0}], 0x1})

2m50.702766089s ago: executing program 33 (id=805):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000001780)={0x44, &(0x7f0000001600)={0x0, 0x15, 0x1, "c3"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
r4 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[], 0x0)
syz_usb_control_io(r4, &(0x7f0000000140)={0x2c, 0x0, &(0x7f0000000300)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x3001}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r4, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41f}}}, 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f0000000c40)={0x84, &(0x7f0000000740)={0x20, 0x3, 0x2, "b23b"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000540)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x84, 0x2, "06ac"}, 0x0})
r5 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x8402)
ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000002580)={&(0x7f0000000780)=[{0xd0, 0x8000, 0x0, 0x0}], 0x1})

2m24.91453141s ago: executing program 3 (id=993):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
accept(r0, 0x0, 0x0)

2m24.062551917s ago: executing program 3 (id=998):
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x58}}, 0x0)
r0 = syz_io_uring_setup(0x2e94, &(0x7f0000000180)={0x0, 0x100, 0x13090, 0x4, 0x1c4}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x497c, 0x0, 0x0, 0x0, 0x0)

2m23.97222573s ago: executing program 3 (id=1001):
syz_mount_image$fuse(0xfffffffffffffffe, &(0x7f0000000000)='./file0\x00', 0x8000d4, 0x0, 0x0, 0x0, 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000080)={0x10}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x6)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081c11, 0x0, 0x1, 0x0, &(0x7f0000000080))
rename(&(0x7f0000000f00)='./file0\x00', &(0x7f0000000f40)='./bus/file0\x00')

2m23.874520203s ago: executing program 3 (id=1003):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380), 0x64, 0x1)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2m23.735530833s ago: executing program 3 (id=1007):
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x12, &(0x7f0000000040)=@conn_svc_rsp={0x0, 0x0, 0xa, "9383f28a", {0x3, 0x107, 0x0, 0x7, 0x6, 0x3, 0xc0}})

2m23.446750102s ago: executing program 3 (id=1012):
socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x28000600)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)

2m23.337402483s ago: executing program 34 (id=1012):
socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x28000600)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)

1m44.168388149s ago: executing program 5 (id=1377):
lsm_list_modules(&(0x7f0000002600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000000)=0x7b, 0x0)

1m44.096840098s ago: executing program 5 (id=1378):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r0, 0x5101)

1m44.096665802s ago: executing program 5 (id=1379):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x8000000000001, 0x0, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0xffe0)

1m42.976079098s ago: executing program 5 (id=1384):
r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000300)={0x1, @pix_mp={0x8e0, 0xffff8000, 0x3136564e, 0x5, 0x3, [{0x4, 0x6}, {0xc00}, {0x3, 0x5de3}, {0x14, 0x3ff}, {0xe4, 0x2}, {0x7, 0x3}, {0x81, 0x5}, {0x60a, 0x17}], 0x7b, 0x2, 0x8, 0x2, 0x4}})

1m42.896255751s ago: executing program 5 (id=1386):
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0x5)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000a40), &(0x7f0000000100)='./file0\x00', 0x2004400, &(0x7f0000000740)=ANY=[@ANYBLOB="73686f72746164001000006d653d30303030303030303030303030303030307569643d0000400000000000000000000000003de0ec1508bb8f2a1f1601aeda124934677b06979d48833908fd570738d3bc9113d9cfebb48ddfc76262e6004074f35fa54feb05ddada3ec41f71771ca8d8fe742dd535804de31a8bcc767ae7225d5f67397c04e605a3a512f705d72dc3f91243cef3c65a89a9429490dc4c312fa3190068268e99a0c3ffd411f5945c70e93ebf0b31d06ac5fc6", @ANYBLOB="a85f0dc3446ae0c36ba4848c770920cd9addace5c10dee3a96f810395203ae3bd777155e0b6764a2fd6da6853696460e4dc9849661ef1979cffa16b5bf59dabf336f10c3c559e5e6957f06f8cc8dc9d87dce1e2fe00f1a9e839df7923f50ee737985bd9b461e751d8f2be497d8651d589f890f61b87b83f3c7ad3ba191fa8e9a0ea1b14157305d0891f22ea0bbafcc5044e7177fcb08366d582b977b1847305408f72d19577993c4f746315483175fd218fe2194c2e6c97f561184a4f7c739d2ae93ba3016354f0d2ed26e6b810ebbbd0d1f93e7251bd3b5ed60ea3c840a2bbe7fc0", @ANYRES32], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1dyaKdrFbdzkzbLWLQIMqUN5P9KvAH2rApt5iZGZWXzZTBlyQ4RiVIluXC6ofWwAUWAHowC62EDhlx2GLCDd9hlp2CHYcCwwdhhKFa009I1S28sNiCnTcP78qFEyXKsxbElO5+PYX/Jl7+XfP7Q5Es+fAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiPjNL58aOZh2uhUAwP300sTXRw57/weAj5RzPv8DAAAAAAAAAAAAAMBul6KIP40Ur/64ky5U17vqZ1rtK1cnx8a33m1vihS1KKr68m/94KHDR44eOz7ay/ff/8P2RLw8ce5U4/T83MLizNLSzHRjst26OD89s+17uNv9NxuuBqAx99qV6UuXlhqHnju84earQ+888uiBoRPHXzy/v1c7OTY+PtFXMzD4gR/9Frc7w2NPFPHTSFH/7rupGRG1uPuxuMNz517bW3ViuOrE5Nh41ZHZVrO9XN6YarmqFjHUt9PJ3hjdh7m4K42Ia2XzywYPl92bWGguNqdmZxpnm4vLreXWfDvVuq0t+zMUtRhNEQsR0SluvbvBKOLfIsX33uukqYgoeuPwbHVi8J3bU7sHfdyGgbJvRcTNeADmbBd7JIp4I1J8//xIXMzjWg3b0xFfK/OpiG+UuRJxPV9P5RPkyYhfbPF84sEyEEX8Y6SYT5003Zv76nXlzCuNr7YvzffV9l5XHvj3h/tpl7821aOIqeoVv5M++MEOAAAAAAC7TxF/EyluzD2TFqJ/TbHVvtw415ya7X4r3Pvuv5H3Wl1dXR1K3WzkHMl5MufZnBdyLuS8lvN6zjdz3sj5Vs6bOVdydnJGLT9+zkbOkZwnc57NeSHnQs5rOa/nfDPnjZxv5byZcyVnJ2dY9wIAAAAAAABgl9kbRfwoUnz+r79ZnVcc1Xnpnzgx+sxXvtB/zvin73A/Ze1zEXEjtndO7mA+dTjVyj8ffr/YnnoU8e18/t8f7HRjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHVWLIj4dKX7wRidFiohGxIXo5kqx060DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPoh6KuJ0pPj5l+vV9ZsR8ZmI+N/V8k9ErKxustMtBgAAAAAAAABukYoYiRSPPdFJQxFxdeidRx49MHTi+Ivn9xdRRCpL+utfnjh3qnF6fm5hcWZpaWa6MdluXZyfntnuw9XPtNpXrk6Ojd+TztzR3nvc/r310/MLry+2Lr+6vOXt++qnppaWF5sXt7459kYtYqR/y3DV4Mmx8arRs61mu9o11W7TwFpEY7udAQAAAAAAAOChsS8VcTRSvNo6knrrxgPdNf9f6l4r1mr//PfXfwswuyl7+n8/sJ3LabsNHa4W3huTY+PjE32bBwZvLS3blFIRfxUpPvs7j1fr4Sn2bbk2XtbtiRTHvnkk1w19tqw7uaGqPjw5Nt54ab79pVOzs/MXm8vNqdmZxsRC8+K2fzgAAAAAAAAAAPfQvlTEn0WK3x25mXrnnef1/4Hutb71/1+vltAr9bQx11Rr+x+v1va7lz9xYrQx/qu3234v1v/LNqVUxL9Gisd+7/HqfPre+v/Iptqy7r8ixb/8w5O5rranrDvY6073Hi+1ZmdGUh6rzz3bq42q9niu/eR67cGy9nOR4i+e3lg7mms/tV57qKz9o0jxP0e3rv3l9drDZe0fRorfervRq91X1p7JtQfWa5+7OD87fadhLef/byPF2Z9/JfX6fNv57/v9x7VNueaWOX//yx/W/A/1bbuW5/VHef4P3mH+/y5S/PFPnsx13bE/lG9/rPp3ff5/O1L8569srD2Wa/ev1x7cbrd2Wjn/X4wUJ374w7U+5/nPI7s+Q/3z/5mBjbn2LNmh+X+sb9tQbtfh/+dYfBQtvf6t15qzszOLLrjgggtrF3b6lYn7oXz//6dI8cKZWuodx+T3/491r60f/7337fX3/xc25Zodev/f37fthXzUMjgQUV+eWxg8EFFfev1bX2rNNS/PXJ5pjx47euT50WPHnh/c0zu2W7+07aF7KJTzfyZSvPKTf177HLPx+G/r4/99m3LNDs3/J/v7tOG4ZttD8ZFUzv/1SPGdt99d+7z5fsf/vc//z3x+Y679/9uh+f9U37bqN/4fj3i+b9ueiDi13ccCAACAh8y+vE7+J7/292vnvG/8/B9f6NX2f/9zO7vh/H8AAAAAAPio25eK+MtI8d8jX0y9c8i28/vP6U25Zod+/3egb9v0fTqvZduDDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwC6Uo4qlI8eqPO2mlKK931c+02leuTo6Nb73b3hQpalFU9eXf+sFDh48cPXZ8tJfvv/+H7Yl4eeLcqcbp+bmFxZmlpZnpxmS7dXF+embb93C3+282XA1AY+61K9OXLi01Dj13eMPNV4feeeTRA0Mnjr94fn+vdnJsfHyir2Zg8AM/+i3SbbbviSIuRYr6d99N/15E1OLux+IOz517bW/VieGqE5Nj41VHZlvN9nJ5Y6rlqlrEUN9OJ3tjdB/m4q40Iq6VzS8bPFx2b2Khudicmp1pnG0uLreWW/PtVOu2tuzPUNRiNEUsRESnuPXuBqOIqUjxvfc66e0iouiNw7MvTXx95PCd21O7B33st/qdLTcPlH0rIm7GAzBnu9gjUcTHIsX3z4/ET4vuuFbD9nTE18p8KuIbZa5EXM/XU/kEeTLiF1s8n3iwDEQRZyPFfOqk/yjy3FevK2deaXy1fWm+r7b3uvLAvz/cT7v8takeRfysesXvpJ/5/wwAAAAA8BAp4jcixY25Z1K1Pri2pthqX26ca07Ndr/W733338h7ra6urg6lbjZyjuQ8mfNszgs5F3Jey3k955s5b+R8K+fNnCs5Ozmjlh8/ZyPnSM6TOc/mvJBzIee1nNdzvpnzRs63ct7MuZKzkzN8Tw4AAAAAAADsQrUo4vFI8YM3Omm16C7wXohurljnfOj9XwAAAP//dBg+9w==")
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

1m41.866171313s ago: executing program 5 (id=1388):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x50044)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000400)=0x110494)

1m26.826859256s ago: executing program 35 (id=1388):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x50044)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000400)=0x110494)

55.213396825s ago: executing program 4 (id=1883):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)

55.135661159s ago: executing program 4 (id=1885):
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000f00)='./file0\x00', 0x14444, &(0x7f0000000f40)={[{@iocharset={'iocharset', 0x3d, 'ascii'}}, {@noadinicb}, {@adinicb}, {@uid_forget}, {@uid_forget}, {@umask={'umask', 0x3d, 0x2}}, {@longad}, {@gid}, {@nostrict}]}, 0xfe, 0xc22, &(0x7f00000002c0)="$eJzs3UFsHNd9B+D/Gy1FSm4rJk5Uu43bTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmCIJkmpkI22YXnroIUBR9JATgdYokKKB0RRBj2zrAsnFhyKnnogWNoKiB7YIkFPAYGbfikuKsmhTpCj7+2zqNzvz3sx7M+sZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+/fOnMc+lhtwIAOEhXxr985qznPwB8rFz1//8AAAAAAAAAAAAAAHDYpSji8Ugxf2U9TVafOwYut2dv3Z4YGd252rFU1TxSlS9/Bp47e+78F54fvtDN96//oD0Zr45fvVR/ae7m/EJrcbE1XZ+YbU/NTbd2vYe91t9uqDoB9Zuv3Zq+fn2xfvbZc1s23x58r/+xk4MXh58+/VS37MTI6Oh4T5la34c++l3uNcLjaBRxOlI8890fp2ZEFLH3c3Gf785+O1Z1YqjqxMTIaNWRmXZzdqncONY9EUVEvadSo3uODuBa7EkjYrlsftngobJ74/PNhea1mVZ9rLmw1F5qz82OpU5ry/7Uo4gLKWIlItb6795dXxRRixTfPrGerkXEke55+Hw1MPje7Sj2sY+7ULaz3hexUjwC1+wQ648iXokUP3m7iKnynOWf+FzEK2V+P+LNMl+MSOUX43zEuzt8j3g01aKIvyiv/8X1NB0RGyc660frl79S/9Ls9bmest37yiP/fDhIh/zeNBBFNKs7/nr68L/ZAQAAAAAAAAAAAAAAAOBBOxZFPBkpXv6PP67GFUc1Lv3ExeE/GPzF3jHjT9xnP2XZZyNiudjdmNyjeQjxWBpL6SGPJf44G4gi/iSP//vmw24MAAAAAAAAAAAAAAAAAADAx1oRP4oUL7xzKq1E75zi7dkb9avNazOdWWG7c/9250zf2NjYqKdONnJO5lzOuZJzNedazihy/ZyNnJM5l3Ou5FzNuZYzjuT6ORs5J3Mu51zJuZpzLWfUcv2cjZyTOZdzruRczbmWMw7J3L0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8lRRTxs0jxra+tp0gR0YiYjE6u9nfLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPU38q4nuRov6HjTvrahGRqn87TpW/nI/G0TI/GY3hMl+MxqWczSprjW/e92hpX/rAh9eXivhhpOgfeOvO1cnXv6/zafOavfn1zU+/Uuvkke7Gwff6Hzt54uLw6K89ca/lHa/+0OX27K3b9YmR0dHxntW1fPRP9qwbzMctHkzXiYjF1994rTkz01qw8PFYqHUWanFI2nNQC/l+FYelPdsXGoejGZsLD/nGxIEon//vRorfeec/uw/87vP/Fzqf7jzh46d/uvn8f2H7jvbp+f94z7oX8u9G+moRA0s35/tORgwsvv7G6fbN5o3Wjdbs+TNnvjg8/MVzZ/qORgxcb8+0epb2fKoAAAAAAAAAAAAAAAAADlYq4vciRfOH66keEber8VqDF4efPv3UkThSjbfaMm7r1fGrl+ovzd2cX2gtLram6xOz7am56dZuDzdQDfeaGBndl87c17F9bv+xgZfm5l9faN/4o6Udtx8fuHRtcWmhObXz5jgWRUSjd81Q1eCJkdGq0TPt5mxVdewBvUqhLxXxX5Fi6nw9fTavy+P/to/w3zL+f3n7jvZp/N8netaVx0ypiJ9Git/+yyfis1U7j8dd5yyX+9tIMXThM7lcHC3LddvQea9AZ2RgWfb/IsU//mxr2e54yMc3yz636xP7iCiv/4lI8b0//078Rl639f0PO1//49t3tE/X/1M9645veV/BnrtOvv6nI8WLj78Vv5nXvd/7P4rY2Nj4RsSpXPjO+zn26fp/umfdYHSO+1sPrvsAAAAAAAAAAACPrL5UxN9FiqdGa+n5vG43f/9vevuO9unvf/1yz7rpA5qvaM8nFQAAAAAOib5UxI8ixY2lt+6Mod46/rtn/Ofvbs69PpK2ba3+nO+XqvcGPMg//+s1mI87ufduAwAAAAAAAAAAAAAAAAAAwKGSUhHP5/nUJ+8zn/pqpHj5f57J5dLJslx3HvjB6teBK3Ozpy/NzMxNNZea12Za9fH55lSrrPupSLH+N5/JdYtqfvXufPOdOd4HNrpzsS9EitG/75btzMXenZu8Mx94Zy72suwnIsV//8PWst15rD+9WfZsWfavI8VX/3nnsic3y54ry34nUvzgq/Vu2eNl2e77UTvvJB2oxUzr2am5mbtehQoAAAAAAAAAAAAAAAAAAAAfVF8q4s8ixf/eXInlPOw/z//fnYG/1i375td75vvf5nY1z/9gNf//vZY/zPz/gw+spwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OhIUcQbkWL+ynpa7S8/dwxcbs/euj0xMrpztWOpqnmkKl/+DDx39tz5Lzw/fKGb71//QXsyXh2/eqn+0tzN+YXW4mJruj4x256am27teg97rb956jqGqhNQv/narenr1xfrZ589t2Xz7cH3+h87OXhx+OnTT3XLToyMjo73lKn1fYCjf6DGbToaRfxVpHjmuz9O/9IfUcTez8V9vjv77VjViaGqExMjo1VHZtrN2aVy41j3RBQR9Z5Kje45OoBrsSeNiOWy+WWDh8rujc83F5rXZlr1sebCUnupPTc7ljqtLftTjyIupIiViFjrv3t3fVHEa5Hi2yfW07/2RxzpnofPXxn/8pmz925HsY993IWynfW+iJXiEbhmh1h/FPFPkeInb5+Kf+uPqEXnJz4X8UqZ3494s8wXI1KK2PhGxLs7fI94NNWiiP8vr//F9fR2f3k/6N5XLn+l/qXZ63M9Zbv3lV09H3793sd86M+Hg3TI700DUcQPqjv+evp3/10DAAAAAAAAAAAAAAAAHCJF/GqkeOGdU6kaH3xnTHF79kb9avPaTGdYX3fsX3fM9MbGxkY9dbKRczLncs6VnKs513JGkevnbOSczLmccyXnas61nHEk18/ZyDmZcznnSs7VnGs5o5br52zknMy5nHMl52rOtZxxSMbuAQAAAAAAAAAAAAAAAAAAHy1F9U+Kb31tPW30d+aXnoxOrpoP9CPv5wEAAP//N4D+uw==")
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000200)='./file1\x00', 0x20fffffffc)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
pwritev2(r0, &(0x7f0000000180)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x10)
truncate(&(0x7f0000000200)='./file1\x00', 0x20fffffffc)

54.893963211s ago: executing program 4 (id=1891):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in={{0x2, 0x4e24, @empty}}, 0x4, 0x3}, &(0x7f0000000000)=0x90)

54.706675194s ago: executing program 4 (id=1893):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x8800, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodiscard,quota,iocharset=cp950,grpquota,quota,noquota,nointegrity\x00uid=', @ANYRESHEX, @ANYRES16, @ANYRESDEC, @ANYBLOB="bf6a8bfcf00ce3cc70200921", @ANYRESHEX=0x0, @ANYRES16, @ANYRES64, @ANYBLOB="f303e42912de99b7ea1135f2f9d5b1a74117c5c998fb6fd985561a5cd1ce", @ANYRES64], 0x1, 0x617a, &(0x7f0000000580)="$eJzs3c1vHGcdB/DfvvolNLV6qEqEkJuWl1Ka1xICBdoe4MClB5QrSmTcKiIFlBiUVhFx5QsHTvwFICSOCHFEHPgDeuDKjRMnIiVIoJ4YNPbzxOPNbtbB8c7az+cj2TO/eWa9z/i74931zOwTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB89zvfO9+JiKs/SwtWIj4VvYhuxFJdr0bE0upKXr8fES/EdnM8HxGDhYj69tvfno14PSI+Phlx/8GdtXrxhX3249t/+Ntvv3/inb/+fnD2P3/c6L0xab3bt3/57z/dPdg2AwAAQGmqqqo66W3+qfT+vtt2pwCAmcjP/1WSlx/7+lf/eOfP89Qf9SHXG7fq7/PTH7VarW6nbqrGu9ssImKzeZv6NYPD8QBwxGzGJ213gRbJv2j9iDjRdieAudZpuwMcivsP7qx1Ur6d5vPB6k57PhdkT/6bnYfXd0yaTjN6jsmsHl9b0YvnJvRnaUZ9mCc5/+5o/ld32odpvcPOf1Ym5T/cufSpODn/3mj+I45P/t2x+Zcq599/ovx78gcAAAAAgDmW//+/0vLx34WDb8q+PO747+qM+gAAAAAAAAAAT9tBx/97yPh/AAAAMLfq9+q1X5/cXTbps9jq5Vc6Ec+MrA8UJl0ss9x2PwAAAAAAAAAAAACgJP2dc3ivdCIGEfHM8nJVVfVX02j9pA56+6Ou9O2HkrX9Rx4AAHZ8fHLkWv5OxGJEXEmf9TdYXl6uqsWl5Wq5WlrIr2eHC4vVUuN9bZ7WyxaG+3hB3B9W9Q9bbNyuadr75Wntoz+vvq9h1dtHx56SQfptTmhuKWwASHaeje57RjpmqurZSS8+YA/7//Fj/2c/2n6cAgAAAIevqqqqkz7O+1Q65t9tu1MAwEzk5//R4wKHUkcc7s9Xq9VqtVr92LqpGu9us4iIzeZt6tcMhuMHgCNmMz5puwu0SP5F60fEC213AphrnbY7wKG4/+DOWifl22k+H6Tx3fO5IHvy3+xs3y7fftx0mtFzTGb1+NqKXjw3oT/Pz6gP8yTn3x3N/+pO+zCtd9j5z8qk/OvtXGmhP23L+fdG8x9xfPLvjs2/VDn//hPl35M/AAAAAADMsfz//xXHf/MmAwAAAAAAAMCRc//BnbV83Ws+/v+ZMeu5/vN4yvl35F+knH93JP8vjqzXa8zfe3s3/389uLP2u41/fjpP95v/Qp7ppEdWJz0iOumeOv00PcjWPWpr0BvW9zTodHv9dM5PNXg3rseNWI9ze9btpt/Hbvv5Pe11Twd72i/sae8/0n5xT/sgfe5AtZTbz8Ra/DhuNH7bC1O2f3FKezWlPeffs/8XKeffb3zV+S+n9s7ItHbvo+4j+31zOu5+3rr+2V+cO/zNmWoreg+3ranevtMt9Gf7d3JiGD+9tX7zzO1rGxs3z0ea7Fl6IdLkKcv5D7a/Fnb//r+0057/EjX313sfDZ84/3mxFf2J+b/UmK+395UZ960NOf9h+sr5/yC1j9//j3L+k/f/V1voDwAAAAAAAAAAAAAAADxOVVXbl4i+FRGX0vU/bV2bCQDMVn7+r5K8XK1Wq9Vq9fGrm6rx3mwWEfGX5m3q1ww/H/fDAIB59t+I+HvbnaA18i9Y/ry/evpy250BZurWBx/+8NqNG+s3b7XdEwAAAAAAAADg/5XH/1xtjP/8ckSsjKy3Z/zXt2P1oON/9vPMwwFGn/JA3xNsdYe9bmO48Rdje3zuM5PG/z4djx//uz/l/gZT2odT2hemtC+OXbqb1tgLPRpy/i82xjuv8z81Mvx6CeO/jo55P8W06I+EnP/pxuO5zv8LI+s1869+M3f5b+53xa3o7sn/7Mb7Pzl764MPX7v+/rX31t9b/9HF8+fPXbx06fLly2ffvX5j/dzO98Pp9RzI+eexr50HWpacf85c/mXJ+X8u1fIvS87/86mWf1ly/vn1nvzLkvPP733kX5ac/yupln9Zcv5fSrX8y5LzfzXV8i9Lzv/LqZZ/WXL+r6Va/mXJ+Z9JtfzLkvM/m+p95O/j4Y+RnH8+wmX/L0vOP5/ZIP+y5PwvpFr+Zcn5X0y1/MuS83891fIvS87/K6mWf1ly/pdSLf+y5Py/mmr5lyXnfznV8i9Lzv9rqZZ/WXL+X0+1/MuS838j1fIvS87/G6mWf1ly/t9MtfzLkvP/VqrlX5ac/5upln9Zdj//34wZM2byTNt/mQAAAAAAAAAAAACAUbM4nbjtbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLevcbIddb3Az+zF3vtEGIgBCd/A5vEhOAs2fUlvvCviwnXBigFEgq9YLvetVnwDa9dAkWyaaBEwqioomr6oi0g1EaqKqyKF7SiNC+qXl6V9gV9U1FVQmpUBRSQkNqKstXMeZ7HM7Ozc9be8Xr2PJ+PFP+8O2fmnDnzzOx+1/nuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALS7+41zn20URdH8r/XHlqJ4QfPvmya3tD73upt9hAAAAMBq/W/rz+dvS584tIIrtW3zd6/4x68vLi4uFu8f/d3xLy4upgsmi2J8Y1G0Louu/PsHGu3bBE8UE42Rto9HKnY/WnH5WMXl4xWXb6i4fGPF5RMVly85AUtsKn8e07qx7a2/bilPaXF7Md66bHuPaz3R2DgyEn+W09JoXWdx/HgxX5ws5oqZju3LbRut7b95d3Nfbyvivkba9rWtuUJ++Mlj8Rga4Rxv79jX1duMvv+GYvJHP/zksT8+/9ydvWblaei4vfI477+neZyfDp8pj7VRbEznJB7nSNtxbuvxmIx2HGejdb3m37uP8/kVHufo1cNcU92P+UQx0vr7t1vnaaz9x3rpPG0Ln/uve4uiuHT1sLu3WbKvYqTY3PGZkauPz0S5Ipu30VxKLy7Grmmd3r2Cddqcs9s712n3cyI+/neH640tcwztD9P3P7VhyeN+res0at7r5Z4r3Wtw0M+VYVmDcV18u3Wnn+y5BreH+//J+5Zfgz3XTo81mO532xq8p2oNjmwYbR1zehAaretcXYM7O7Yfbe2p0ZrP3td/DU6fP3V2euHjn3jt/KmjJ+ZOzJ3evXPnzO69e/fv3z99fP7k3Ez553We7eG3uRhJz4F7wrmLz4FXd23bvlQXvzy45+FEn+fhlq5tB/08HOu+c421eUIuXdPlc+PR5kmfuDxSLPMcaz0+O1b/PEz3u+15ONb2POz5NaXH83BsBc/D5jZnd6zse5axtv96HcON+lqwpW0Ndn8/0r0GB/39yLCswYmwLv51x/JfC7aF431y6lq/HxldsgbT3Q2vPc3PpO/3J/a3Rq91eVfzgls2FBcW5s49+PjR8+fP7SzCWBMvaVsr3et1c9t9Kpas15FrXq+H5l/x5F09Pr8lnKuJ1zb/mFj2sWpus+fB/o9V66tb7/PZ8dldRRgDttbns9dX8+b5TFmyz/lsbvPp6dV/L55yadvr7/gyr78x9/+03F+6qSdGx8fK5+9oOjvjHa/HnQ/VWOu1q9Ha9/PTK3s9Hg//rfXr8e19Xo+3dm076Nfj8e47F1+PG1U/7Vid7sdzIqyTkzP9X4+b22zdda1rcqzv6/G9YTbC+X9NSAopF7WtneXWbdrX2Nh4uF9jcQ+d63R3x/bjIZs19/X0rutbp/ffW97WaLp3V63VOp3s2nbQ6zS9Xi23ThtVP327Pt2P50RYF7fv7r9Om9s8s2f1r52b4l/bXjs3VK3B8dENzWMeT4uwfL1f3BTX4IPFseJMcbKYbV26obWeGq19TT20sjW4Ify31q+VW/uswfu7th30Gkxfx5Zbe42xpXd+ALofz4mwLp56qP8abG7zpn2D/d71/vCZtE3b967dP19b7mded3Wdphv5M6/mcf7Nvv4/m21uc3L/tebM/ufpgfCZW3qcp+7n73LPqdlibc7T1nCcz+1f/jw1j6e5zRcPrHA9HSqK4uJHH279vDf8+8qfX/jO1zv+3aXXv+lc/OjDP7j1+N9ey/EDsP79tByby691bf8ytZJ//wcAAADWhZj7R8JM5H8AAACojZj74/8Vnsj/AAAAUBsx94+FmWSS/7e+6bn5n14sUjN/MYiXp9PwSLld7LjOhI8nF69qfv7hr879+C8vrmzfI0VR/OSR3+i5/dZH4nGVJsNxXnlz5+eXXvHiivZ/5LGr27X3178Ubj/en77LYHFx8WLYsFcFd6Yoim/e9vnWfiY/cLk1n3nkSGu+59KTTzS3ef5A+XG8/rMvKbf/g1D+PXT8aMf1nw3n4Xthzry99/mI1/va5dds2/e+q/uL12vc88LW3X7qg+Xtxt+T84Unyu3jeV7u+P/qc09/rbn946/qffwXR3of/9Phdr8a5n+/vNy+/TFofhyv95lw/HF/8XoPfuVbPY//ymfL7c++pdzuSJhx//eHj7e/5bn59vP1eONox/0q3lpuF/c/853fbl0eby/efvfxTxy+3HE+ovjxM/9c3s501/bx83E/0V907b95O+3rM+7/6d860nGeq/Z/5T3Pvrx5u937f6Bru9Gu63f/xqY//Mzne+4vHs+hPzvbcX8OvTs8j8P+n/pgWI/h8v+58vmO/UZH3t35+hO3/9KWix33J3rbj8r9X3n9idb8j8kf//4tL7j1hZde2Tx3RfHt95a3V7X/E390puP4v3zHjtbjES+PHf3u/S8n7v/cx6ZOn1m4MD/bdlZbvzvnHeXxbJzYtLl5vLeF19bujw+fOf+huXOTM5MzRTFZ31+hd92+EuYPynHpWq+/47HweN71e9/cfN8/fS5+/l8eLT9/+e3l161Xh+2+ED6/pXz8Fhur3P9Td9/Ren43nik/7uixD8C27f+5f0Ubhvvf/X1BXO9nX/qh1nloXtb6uhGf16s8/u/OlrfzjXBeF8NvZr7njqv7a98+/m6Ey+8tn++rPn/hZS4+rn8SHu93fq+8/Xhc8f5+N3wf862tna93cX184+JI9+23fovHpfB6UlwqL49bxfN9+fk7eh5e/D0kxaU7Wx//TrqdO6/pbi5n4eML0yfnT194fPr83ML56YWPf+LwqTMXTp8/3Ppdnoc/XHX9q69Pm1uvT7Nze/cUM5uKojhTzKzBC9aNOf7m31Z2/GcfOza7b+a+2bnjRy8cP//Y2blzJ44tLBybm1247+jx43Mfq7r+/OzBnbsO7N63a+rE/OzB/QcO7D4wNX/6TPMwyoOqsHfmI1Onzx1uXWXh4J4DOx96aM/M1Kkzs3MH983MTF2oun7ra9NU89q/PnVu7uTR8/On5qYW5j8xd3Dngb17d1X+NsBTZ48vTE6fu3B6+sLC3Lnp8r5Mnm99uvm1r+r61NPCv5Xfz3ZrlL+Ir3jXA3vT72dt+uqnlr2pcpOuXyD6XPhdNP/worP7V/JxzP3jYSaZ5H8AAADIQcz9G8JM5H8AAACojZj7N4aZyP8AAABQGzH3T4SZZJL/9f9X0f9vU//+f3m5/n9e/f+zHy17peu9/x/78/r/ebjJ/f9V71//X/+/fv3/lffn1/vx6//r/7PUsPX/Y+7fVBRZ5n8AAADIQcz9m8NM5H8AAACojZj7bwkzkf8BAACgNmLuf0GYSSb5X/9/Rf3/XVWFq/r3/73/v/5/sT77//HB0f/PxjX379/3aMeH+v+B/r/+v/6//r/+P6s2vuwlN6v/H3P/rWEmmeR/AAAAyEHM/S8MM5H/AQAAoDZi7r8tzET+BwAAgNqIuX9LmEkm+V//3/v/6//r/9e6/7/a9/9vOxj9//XB+//3p/9f4br7/xP6/+ux/z8+2OMf7v5/5eHr/3NDDNv7/8fc/6Iwk0zyPwAAAOQg5v4Xh5nI/wAAAFAbMfe/JMxE/gcAAIDaiLn/9jCTTPK//r/+v/6//r/+f+/9V7//f/k3/f/hov/fn/5/Be//n1f/f8DHP9z9/0G////4m7uvr/9PL8PW/4+5/6VhJpnkfwAAAMhBzP13hJnI/wAAAFAbMfe/LMxE/gcAAIDaiLl/a5hJJvlf/1//X/9f/1//v/f+q/v/Jf3/4aL/35/+fwX9f/1//f+V9f97fPOr/08vw9b/j7n/zjCTTPI/AAAA5CDm/rvCTOR/AAAAqI2Y+/9fmIn8DwAAALURc/+2MJNM8r/+v/6//n9e/f8HNuj/6//Xm/5/f/r/FfT/9f/1/1f4/v9LXUv/f2PVjVEbw9b/j7n/5WEmmeR/AAAAyEHM/a8IM5H/AQAAoDZi7n9lmIn8DwAAALURc/9kmEkm+V//v179/z/966deWej/6/9X7L+m/f+4DPT/M6f/35/+fwX9f/1//f816f+Tj2Hr/8fcf3eYSSb5HwAAAHIQc/89YSbyPwAAANRGzP33hpnI/wAAAFAbMfdvDzPJJP/r/9er/x/p/+v/99t/Tfv/if5/3vT/e2h7kur/V9D/1//Pvv8fv/vV/2cwhq3/H3P/q8JMMsn/AAAAkIOY++8LM5H/AQAAoDZi7n91mIn8DwAAALURc//9YSaZ5H/9f/1//X/9f/3/3vvX/1+f1mH/f7L9A+//r/+v/79+j78e/X/v/89gDVv/P+b+14SZZJL/AQAAIAcx9+8IM5H/AQAAoDbi/79Z/n+v8j8AAADUUcz9U2EmmeR//X/9/5z6/41c+//xE/r/+v8ZWIf9/w76//r/+v/r9/j1//X/WWrY+v8x9782zCST/A8AAAA5iLn/wTAT+R8AAABqI+b+6TAT+R8AAABqI+b+mTCTTPK//r/+f079f+//r/+v/19/+v/96f9X0P/X/69b/78o9P+5qYat/x9z/84wk0zyPwAAAOQg5v5dYSbyPwAAANRGzP27w0zkfwAAAKiNmPv3hJlkkv/1//X/9f/1//X/e+9f/399Wk/9/5Een9P/1//X/1+/xz+U/X/v/89NNmz9/5j7HwozyST/AwAAQA5i7t8bZiL/AwAAQG3E3L8vzET+BwAAgNqIuX9/mEkm+V//vyb9/9/8+4596//r//fb/2D6/5v0/8PU/x8u66n/38sy/fXup8V10/+voP+v/6//r//PQA1b/z/m/gNhJpnkfwAAAMhBzP2vCzOR/wEAAKA2Yu7//2Em8j8AAADURsz9PxNmkkn+1/+vSf+/i/6//n+//Xv/f/3/Oqtp/39g9P8r6P/r/+v/6/8zUDe+/x//trL+f8z9B8NMMsn/AAAAkIOY+382zET+BwAAgNqIuf/1YSbyPwAAANRGzP2Hwkwyyf/6//r/+v/6/zem///6otsw9v+bi0f/v170//vT/6+g/6//r/+v/89ADdv7/8fc/4Ywk0zyPwAAAOQg5v6Hw0zkfwAAAKiNmPvfGGYi/wMAAEBtxNz/pjCTTPK//r/+v/6//r/3/++9f/3/9Un/vz/9/wr6//r/+v/6/wzUsPX/Y+5/c5hJJvkfAAAAchBz/1vCTOR/AAAAqI2Y+98aZiL/AwAAQG3E3P+2MJNM8r/+v/6//r/+v/5/7/3r/69P+v/96f9X0P/X/9f/1/9noIat/x9z/8+FmWSS/wEAACAHMfc/EmYi/wMAAEBtxNz/9jAT+R8AAABqI+b+d4SZZJL/9f/1/9dD/79RFJeaj4n+v/5/of+v/19B/78//f8K+v/6//r/+v8M1LD1/2Puf2eYSSb5HwAAAHIQc//Ph5nI/wAAAFAbMfe/K8xE/gcAAIDaiLn/F8JMMsn/+v/6/+uh/+/9//X/V93/b15J/z8L+v/96f9X6NH/36j/r/+v/6//z3Ubtv5/zP3vDjPJJP8DAABADmLuf0+YifwPAAAAtRFz/3vDTOR/AAAAqI2Y+x8NM8kk/+v/Z9n/T3dZ/7+k/59B/9/7/2dD/78//f8K3v9f/1//X/+fgRq2/n/M/Y+FmWSS/wEAACAHMfe/L8xE/gcAAIDaiLn/F8NM5H8AAACojZj73x9mkkn+1//Psv/v/f/XrP8/1rE+cur/T7Q9nmld6v/r/68B/f/+9P8r6P/r/w9z/z+s5k3LXF//n2E0bP3/mPs/EGaSSf4HAACAHMTc/0thJvI/AAAA1EbM/b8cZiL/AwAAQG3E3P8rYSaZ5H/9f/1//X/v/+/9/3vvX/9/fdL/70//v4L+v/7/MPf/K+j/M4yGrf8fc/+vhplkkv8BAAAgBzH3fzDMRP4HAACA2oi5/3CYifwPAAAAtRFz/5Ewk0zyv/5/d/8/vqOq/r/+v/6//r/+/3o0uP7/y24tCv1//X/9f/1//X/9f1Zj2Pr/MfcfDTPJJP8DAABADmLu/7UwE/kfAAAAaiPm/mNhJvI/AAAA1EbM/bNhJpnkf/1/7/8/qP7/T/T/9f8D/f/e9P/Xhvf/70//v4L+v/6//r/+PwM1bP3/mPvnwkwyyf8AAABQY+nHwTH3Hw8zkf8BAACgNmLuPxFmIv8DAABAbcTc/6Ewk0zyv/6//r/3/78Z/f+xju31/0v6//r/g6D/35/+fwX9f/1//X/9fwZq2Pr/MffPh5lkkv8BAAAgBzH3fzjMRP4HAACA2oi5/yNhJvI/AAAA1EbM/SfDTDLJ//r/+v+59/8bRXHJ+//r//fav/7/+qT/35/+fwX9f/1//X/9fwZq2Pr/MfefCjPJJP8DAABADmLuPx1mIv8DAABAbcTcfybMRP4HAADg/9i7j2Y57yqP422PrLCYmnkJs57VLMcrNrwAtuyoYk0VYBMN2CZnMDkHk3POyeScc7SJJicTDVWiuDrnSFfdevpKt3X76f/5fDYHqyRuS74w8xvXd/4MI3f/veOWJvtf/6//797/L7by/v/+n6//P0P/r//fhKX+/tjF/foL9v//9//X3kP/r//X/0/S/+v/9f+cb279f+7++8QtTfY/AAAAdJC7/75xi/0PAAAAw8jdf03cYv8DAADAMHL3Xxu3NNn/+n/9v/5f/7+v/79F/7+t/v+E/n8jvP8/Tf+/hv5f/6//1/+zUXPr/3P33y9uabL/AQAAoIPc/fePW+x/AAAAGEbu/gfELfY/AAAADCN3/wPjlib7X/+v/9f/6/+9/7/663v/fzfp/6fp/9fQ/+v/9f/6fzZqbv1/7v4HxS1N9j8AAAB0kLv/wXGL/Q8AAADDyN1/Xdxi/wMAAMAwcvc/JG5psv/1/0fZ/8fPukH/r//f//P1/2fo//X/m3Dz4ux/J+j/l+n/11jT/y8W+v8pB+7nV//2dufzX4D+X//Psrn1/7n7Hxq3NNn/AAAA0EHu/ofFLfY/AAAADCN3//Vxi/0PAAAAw8jdf0Pc0mT/6/+9/6//1//r/1d/ff3/bvL+/7TD9///+9/3umff/t/7/4v9//vyebz/r//X/3O+ufX/uftvjFua7H8AAADoIHf/w+MW+x8AAACGkbv/EXGL/Q8AAADDyN3/yLilyf7X/7fp//dqF/2//l//r/8fnf5/mvf/19j7r7lT9Zf6/6Pt53f98+v/9f8sm1v/n7v/UXFLk/0PAAAAHeTuf3TcYv8DAADAMHL3PyZusf8BAABgGLn7Hxu3NNn/+v82/b/3//X/+n/9fwv6/2kH7P9v793/D/D+/yV+12y7nz+sbX/+Xv3/8aVfr/9nlbn1/7n7Hxe3NNn/AAAA0EHu/sfHLfY/AAAADCN3/xPiFvsfAAAAhpG7/4lxS5P9r//X/+9G/59fQf+v/9f/6/+n7Wb/f3X9x2gm/X/z9/8H6P8v0bb7+V3//L36/2X6f1aZW/+fu/9JcUuT/Q8AAAAd5O5/ctxi/wMAAMAwcvc/JW6x/wEAAGAYufufGrc02f/6f/3/bvT/3v/X/+v/9f8Hs5v9/1n6f/2//n93P7/+X//Psrn1/7n7b4pbmux/AAAA6CB3/9PiFvsfAAAAhpG7/+lxi/0PAAAAw8jd/4y4pcn+1//r//X/+n/9/+qvr//fTfr/afr/NfT/+n/9v/6fjZpR/3/Orzq5eGbc0mT/AwAAQAe5+58Vt9j/AAAAMIzc/c+OW+x/AAAAGEbu/ufELU32v/5/Nv3/Xs43Vv9/arFY6P8XTfv/U+f8/azvS/2//v8I6P+n6f/XGKb/v+qifttp2/38YV348x/s+0D/r/9n82bU/+/9de7+58YtTfY/AAAAdJC7/3lxi/0PAAAAw8jd//y4xf4HAACAYeTuf0Hc0mT/6/8vov+/5j8v+O/n/f/9n9/7/6u/Pzr1/97/X3aQ/v8/9P+Hpv+fpv9fY5j+/9KM2/97/1//z7bMrf/P3f/CuOn4pf2/TQEAAABmKHf/i+KWJv/8HwAAADrI3f/iuMX+BwAAgB1109KP5O5/SdzSZP/r/zf7/v/xc35M/6//P//7Q/+v//f+/+Wn/5928P7/ztP6f/2//l//r//nsObW/+fuf2nc0mT/AwAAQAe5+2+OW+x/AAAAGEbu/pfFLfY/AAAADCN3/8vjlib7X/+/2f7/XPp//f/53x/6f/2//v/yO8r+/9jQ/b/3//X/+v8t9P8nzv5L/T9juIj+//Tp09df9v4/d/8r4pYm+x8AAAA6yN3/yrjF/gcAAIBh5O5/Vdxi/wMAAMAwcve/Om5psv/1/037//xW1//v0f/r/1d9ff3/bvL+/zT9/xr6f/2/9//1/2zU3N7/z93/mrilyf4HAACADnL3vzZusf8BAABgGLn7Xxe32P8AAAAwjNz9r49bmux//X/T/t/7//p//f9R9/93LvT/R2In+v9TF/76c+//b9T/6/8ntOv/73b1vr/U/+v/WTa3/j93/xvilib7HwAAADrI3f/GuMX+BwAAgGHk7n9T3GL/AwAAwDBy9785bjrWZP/r//X/+n/9v/5/9dc/4vf/jy8WC/3/BuxE/z9h7v2/9//1/1Pa9f/n0f/r/1k2t/4/d/9b4pYm+x8AAAA6yN3/1rjF/gcAAIBh5O5/W9xi/wMAAMAwcve/PW5psv/1//p//b/+f/j+/8ad6P+9/78h+v9p+v819P/6f/2//p8jsa3+P3f/O+KWJvsfAAAAOsjd/864xf4HAACAYeTuf1fcYv8DAADAMHL3vztuabL/9f/6f/2//v/E7Pr/k/v+/Zq8/6//3xD9/zT9/xr6f/2//v8m/T+bNLf3/3P3vyduabL/AQAAoIPc/e+NW/+nW/sfAAAAhpG7/31xi/0PAAAAw8jd//64pcn+1//r//X/+v/h3//X/7ei/5+m/19D/6//1/97/5+Nmlv/n7v/A3FLk/0PAAAAHeTu/2DcYv8DAADAMHL3fyhusf8BAABgGLn7b4lbmux//b/+X/+v/9f/n/l7qP8fg/5/2tH0/6f0//r/6ueviP8U6P/1/+t+PWOaW/+fu//DcUuT/Q8AAAAd5O7/SNxi/wMAAMAwcvd/NG6x/wEAAGAnHVvxY7n7Pxa3NNn/+v+p/v+Y/l//vxv9f/4R6P/3eP+/N/3/NO//r6H/v8h+/n/2/dWuvf9//v/80v/r/9m8ufX/ufs/Hrc02f8AAADQQe7+T8Qt9j8AAAAMI3f/J+MW+x8AAACGkbv/U3FLk/2v//f+v/5/gP7f+//6f4r+f5r+fw39/1bfz9/1z6//1/+zbG79f+7+T8ctTfY/AAAAdJC7/zNxi/0PAAAAw8jd/9m4xf4HAACAYezt/ozLGu5//b/+X/+v/9f/r/76+v/dpP+fpv9fQ/+v/9f/6//ZqLn1/5/b+1UnF5+PW5rsfwAAAOggd/8X4hb7HwAAAIaRu/+LcYv9DwAAAMPI3f+luKXJ/tf/6/93o/8/ffr09fp//f/+38/Z/v82/T9F/z9N/7+G/l//r//X/7NRc+v/c/d/OW5psv8BAACgg9z9X4lb7H8AAAAYRu7+r8Yt9j8AAAAMI3f/1+KWJvtf/z+D/v+k/t/7//r/hff/9f8bov+fpv9fY8T+/+TBf/vb7ucPa9ufX/+v/2fZ3Pr/3P1fj1ua7H8AAADoIHf/N+IW+x8AAACGkbv/m3GL/Q8AAADDyN3/rbilyf7X/x9d///vP7su7/+fWqz+/Pp//b/+X/9/uen/p+n/1xix/78I2+7nd/3z6//1/yybW/+fu//bcUuT/Q8AAAAd5O7/Ttxi/wMAAMAwcvd/N26x/wEAAGAYufu/F7c02f/6/xm8/z9g/7+XO+Y3i/5f/5/fl/Pu/6/U/49B/z9N/7+G/l//r//fUP+f3836/+7m1v/n7v9+3NJk/wMAAEAHuft/ELfY/wAAADCM3P23xi32PwAAAAwjd/9tccs5+39V2z0K/b/+/7L1/97/X/r+0P/Puv/3/v8g9P/TDtr/n1gcrv9P+n/9v/6/a//v/X/OmFv/n7v/h3GLf/4PAAAAO+eqC/x47v4fxS32PwAAAAwjd/+P4xb7HwAAAIaRu/8nccsdV27rIx0p/b/+X/+v/9f/r/76+v/dpP+f5v3/NfT/m+jn76L/H6P/Xyz0/xze3Pr/3P0/jVv8838AAAAYRu7+n8Ut9j8AAAAMI3f/7XGL/Q8AAADDyN3/87ilyf7X/+v/D9n/76WZM+r/73rrmX+p/5/4+vp//f/I9P/T9P9r6P+9/6//9/4/GzW3/j93/y/ilib7HwAAADrI3f/LuMX+BwAAgGHk7v9V3GL/AwAAwDBy9/86bmmy/7fW/8cftf5/5/t/7//r//X/+v9Z0f9P0/+vof/X/+v/9f9s1Nz6/9z9v4lbmux/AAAA6CB3/2/jFvsfAAAAdtBVK380d//v4hb7HwAAAIaRu//3cUuT/e/9f/2//l//r/9f/fX1/7tJ/z9N/79a/Y0aof8/fpDf8Wrb7ucPa9ufX/+v/2fZ3Pr/3P1/iFua7H8AAADoIHf/H+MW+x8AAACGkbv/jrjF/gcAAIBh5O7/U9zSZP/r//X/2+7/jy/0//r/M7bX/193+5lfqf8fgf5/2jb7/7v/1/ov6/3/rb//nx9B/6//1/+zEXPr/3P3/zluabL/AQAAoIPc/X+JW+x/AAAAGEbu/r/GLfY/AAAADCN3/9/ilib7f03/f6J+ov5/kv5//+f3/v/q7w/9/1z7/9VfX/+/m/T/02b0/v8Vq/5w9P9b7/+9/6//1/+zUXPr/3P3/z1uabL/AQAAoIPc/XfGLfY/AAAADCN3/z/iFvsfAAAAhpG7/59xS5P97/1//b/+X/+v/1/99fX/u0n/P21G/f9K+n/9/y5/fv2//p9lc+v/c/f/KwAA//9dk1th")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3813009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

53.996120447s ago: executing program 4 (id=1902):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp\x00')
syz_fuse_handle_req(r0, &(0x7f0000000980)="5214aadb6fea8708350708a7000bf8ebc55438f6a2297ad81aaef475eac323c480be3bbbfa4d8c8f214f2bba038e4fa8460f7f043442b554b74b41a68625d393ac5e65253057bf16312727cfd8e93204bc2d56a68814d424ea5e3d3f31429f301e4119c89e7f250f0ebce73245292c6b3e37990e6274a4e9c9a0afa65e160825a4daf0256c5bbd5d8ff39ee07932f889e0a688e7b3f8186502f084c4f743d4ecf65210ab0eac0ff866b6fd98eb7ab12fc5cf8d4c43ee02b05fd1dbcbeb54bfa3751f370493982aa6b9d9be6f1772d52157d481f9ccfd29fdd0d7c0733fd57c0a45a1a9280e8c85dd758a8d0953758ff7e4e715a940762fc798e6c986dd2e4e70f537d1b3c40ae17a470fdbbf1b52212c08653536ab824d0cd53e4752c238753e15c90d60287aa63068549f2ab32b7b45e2fd1c538ff44617d55ae5526d5bccc7e482cebe9e6abdcf307aac46ff7cdd7f84328b46e5d96c0629fe775c5bf9770f9528f854563c2dd09dd33262efedbb22421e4e8695279877a50194d190b67b75761ef0e65fe98d6ce26e390a4979cf05932f42325f9af4f4297bfa31413b34f1de0931d981e34dc45fc4aec756ea32f84a69ecc357267d4d8392a2698788bd5b333331c7b8a41415cd28f5f7b820daf797b6236b51a32bc3b6ab729567ddbc27cd937418196bdd2824edfa7c72a5bc3ce40f26be559472b2d4ede2c148311a3d77b697b5c8d2825c0fa5f9cb0e460cb482932220cb325815f9f67103ec337eefa93412f4aab67c2a353e0578c5e43064bffe3412d4d354b7d2d6f07cc489f34544bbf0ce7dff75b7a8c3d9bbadbb01204269cf4ad84217071b837fab1660852f932e0efb306ce1a10e31a5786754e53c64ce1f9a7dd114477f91481c2513b23be17eda48d422b7bac6d1bc9860e05ec184f6222529153d44b82414c02f1d0c7b64f85473891eb1251b514ad31b7440f01f34afb9ee560838239d04df09f61b503964318a427d368c0a6bc5e792b4f3fb92cd41943b5d8ddeb67ccf540dc1457fd288db8fc60f00bbb6548cebc860679cce557a271131d0df18a9b1f1c04692b28ff4bb346b648dd969d286ce3bfa60df0c0502daa3ca83e12eea70e520cde982d4b998b6b9f6d911efb7658875c155d6c32a2ddff1d4b34c01f6b1454e42ee76056826429f5ab0ca4260e044f25380d82c5a643044adc70e9d714ab6e9fc2cf757131c9454b9bd5f17f6429bfe378d8d95c965ba7d7d79b6e0568468b0dc92fb06712e481424017d9c1ebcfb47a0589438fed1693d1b398c14ac2329f32ca7434353b5c18fe6e56ebf646a133c0d9d90aef03f3a4cf625da2492ada6cd9283d519178905f51b26a50c55fff3cdc5185e6f88ebc6b2dbf4db8d9f3c569d0e296a1a83b4a17dc9ca704cf08719cdddc7d9af15ba3a2aba032a36b186ce27fc5245a5ff2ffc0b5ff630a3c77007dcf23fdc1b7cb8125be8b2116c0b3b0e57f95594133eccbb7eb8e0500923e22905fac58139f725e959e5b98fbd614dcd6532e922693843474acefcd83afb7224eb0a7fd2862b267bd7120c85b8242229750c90f78ec30f2d03c609d6b3973d58fdf5b0ae8a7a34e8c6adcfb65688fa2ece7d2636c2a8bd0f70f9a7aff5e5cf4a4ce14051f93b84021b69dbd4548c9b81843be59d5028cc4f69b2d2e250ed67d0e5f54deaac129e8e04a6ee01f13e108073c13d30bfbceb6fa72d97330cc90b14fab2cfe7a439b207d70a63a637547225077f00fadc49d1bfe86995bbac4a379d36fccfae613da9ddb7bb0e829460b0b636d9582bd204884359dbe01f7b8184a14267ed727a54b81d52149719cda7a77afdf74379414d07fa909175bd7c31f2cec24bf5e86254d208180c9797cdd977f0ea4b7a98091487ecf95aa070e44a4d152ecccfb778e36054781bae1581ebed326b7dbd0fc7416092e065eb75583ef35e23d5ec9dfc909db3f886a837c0237c5d26e67884682330eedea0bfbe6ebb1170f02353ea61f087afe42346a9a5a62b1e8c3a5746b91f7e235dcc331e3535d08ed4051312f7b55911fc30c070539aa450cc12eca5fec9a6f348c10605f834d90fb7014fd2fa247669ed20e4778a9031bbf18daed659d281c72bd987ffc4f450b9c65f1438f9aeb20edb22f6a967cf742bcade3f120217fe38c39d29cde7fe74edc4d36a061b113ed4397eb604b229285134c63d0689035aad3879baa36fcd9b743f1655b2012c13bad6846d035cb9878fdcecb60f6c16f650d1e37ce38754f245cdb12529adc34fb1a6fc85d7226a187411801274b6a7df6bb36f4b52dcf2f3ca25aa5ad98b7f54bb7a93775781934d4a57786affdbc94b1b6cd8d7b15ba24c8258ec67b17b8d0c89d3982f7d1fbb8977a3d946bd22a437d17ee0fb80a517cb16280b0dde71e09b55366951eb42575e469b65fda2d507e35cd80606740790f3a1467cc0771f33b16da017775c8ef263a78dde37127ab834e66295cfd95d59da7e9c32dea711ddd59d3007aedb8c6075d4f4abfd6561c5fe1bc0ad044697ce9f5a2117c8ec25a0a503dfb29e1b0bf87fe8af01042ac20781e502d1b1c3cebd3e230403aee13f3c0a32b89c1ff1f8e1f2a2f43f1132fbd2ecfc236b3f194d9457be8bab9b174c15f3ae0bdf651144380b291f26ddf72e3606a88d871b0059a70c5bdcfef28cc96ec4327f4b8919f9836cf0c168249b26937ae44def50f38973620f954c61cc54aed164280370a58bd39237cdd28470c5037905e3730914c76dd0b8447290bea082f9b0ec2cf57c6c934a3693e61ad41fd1727cbb22dfa92a36b5811b8702fa3273badbe2803dc79784ee1988be01299a4f218f0d60d5e518a06353cbe1c9980301671809a93f7580887767b8f47898c78f0132696425e3115cee4ada08bef41abad7fa4b811d58e03c1f6c6c0dbcc7b5cc93edc4e5b79650e40837e9ffd3ff4e39706f06e6493b5300782fb0b2da07b4c103360b3f9be4e6489bb80209780ae0aee0c71f1915a6e8c2bf219ccbbe9d2f4b4eb74b35ac4d10b826cffd8a2cf9096c0b4026448ccd2a81f9402119057c90241cfdab39eef8e695f8ac07161b26c83a4d5068baf2acad11033ffc4c5ccee34afea247a4e6f7fa7d1860e9f2fc323415b42002684b2b7fdfe2e23956e6476580eeac1f387ed26f5f5d6fe1eebfa654748ded0f327a603d77800dfa8686dec37e8f27b4ba32986ae4064605f06f7db7a7d9f4273dddf5a1a117062d119eeb3d3ad2e6f90529e48d4b9fa073c6d2ea7963e5379cbb4f683b6fa289afd7aa93fbfd17af0052f525e9d3dd65e92d84dbfa663a34043c414689b38c951520114db7831fd305d6bfa7952e7e15618f5aebe4895e333db91b27445c1d9064ff6edacfdecaa1752460ad75881ce03865b7e43ed44e2d69e951b7468fa1d5d002b4ef008a520d11d8075a8b68a5fd44cffa44b99b57d499ca2be7dad938ecec184816f8b53671bca8d3404004cf8eeb9764a9e3d6f90a81adb62a3005a73886c6ea2a693bbe42a81e69a4d28b3abee12ce3b0b629b26ef8a8517855db501ed8058ae63ace58dadd5f2603d4a08716595c53da8c94e2b72a245fbd6bfd1cd3198a61358030adbd683151a462725a5b78bed03e6e36eabf12ee829678d78133868e9af2bcebdfa0597c657a9ef0f1be11b2d1dd07b6d9f92f3e198da9d7ed6623ea561f2b1bf54794da2259e6ec075876deb9154f1f9c297c444b402f0c95370ada27217be5bcc897639d2c8433a6f79922f48995a6d91623937c40e994f588eef52d6cb0d2c113132180a19c4fc68ad4a401032971fa58f45b145b5a039855b01ed6ae06bcd1631435af122f75913af5642229c5d97d568bd14ebc0200266c5aa93593f4318d443f2dfbc7e356d5a4c2b3bff397747be48634ec9426cccc5cd7e6a973d5d3275ea7e6a1380d4d885835f32c5220871fc194d00cd414d7df8362b62a36258a372a5c111b593a845d05c615bc954b3551af26b35cd084445493b25f0535bf5ce30af791c0f1f5d54762214634ef6649d9efd3d4dda3f21ffdeb459790945b96de8db461d68372af1df35693680dc604101d8572cfc3fbfef3346a14caf64f2205952ea629d88bcfac09fddcc4a085611d5983e7cbd89c27bd56ce43b6f087ac56da6819b86514c7fadeb573d027d2eb07c64f5467095529e4dcabe6f2b8864844ff2fb302a989d819fae50b0abb3864ef0f1c305cf46e4c06f53a643ff208907bf27aeb7ec4451ee15ed1118e7367435ff62e91e54156842ba6a676a3c07ee9818dbd8e8e77fccbca102bd22b620e2da8c029d3cd7b11453a74707e0a250757f9db6968114dd8e466ca1bc75f0d0d1e94b8d7123b4b5fe1bce3cbb14025d00978facd8f582f5cbf0336bf9510bc5f72cadbb3490916cd46f41f68ab2c6fbdbf24b74ff9d7b1437a35574898721c293e4d08b1141e42808e83367db7c9e93e73c1794ed7173235555a6bf33a53392c3ae11884b03ca1b00c02339798cf808c640277d5e8626ac98de6ce09a021bda760a6851881a6623c022d1ec90b92fb43c8339ca071ae4ef65c825bbb65fb41d82371c0437bf332b51f1023d40c2c86a0f42c8773ba5ce12815439f182eedd499e1a69e86f72c68583aa7cf54ff7e3f4629567218af3282901d0e004aa779cc32784276e8d1e9e97a94217a2f0280321ee090bcf5d8e5fdf1a38030d993a7cffe84ad84adb825134eff50c074505a533f9b63d4e6d2d91fa235867e978ba5d89a4beefe2eb9237efb281bda1d6809e68f86d072c255811764559e2a1294fe4df7dd81b8875bcdec8923fd980e72cf97a76068a919cd6d59c7dd934a4c3a4c141e9023e72caba79b778ae90ccbf86f12960f45d9aa45a13277f76f2379cb8736ca6654d54bb38c5489c7792b6699357c5385ee5ae7ef0519115af583b13218580054e6b80e6f35aa4de991ec70865b4b63deb89f666c537f0162280d0099adb2e8be4db06f3f92f908e56c12e2ce1e7480efbc0eb83e5d412f52195c422426512a4defa5c77fb888ac75fabae73d60001477777229eb7a73c2948e06853abdb9970ef0acec52cc5449f799ba941886af5f7a77286f2b7c6a322f5d22d202c4c2979e929165cc1430a3cddb2cf53a4c23c21cd9ab8dbd30204ac63947ac49cb17133747f9468fd0935d9ec90ea81cb906a4f0b8eb2198a9a6d0efee195f6d80dcb53c1940bc5519cd3b83c15ffb8d5f1d1e968af07784da045a7ac1a8a1dbb4cf8561ebf822b35c6e786c16d8cfa63b45f5ee1da3cf2265cfcebf1fc1c4d8b65ebba18da06e053185a89591723a7b1b57ccc1cd358f25a26affa7558426c4bf888645f63d50a30e048c0395c0a6cf193a16ea352399d1a95c86eeb475b3048bc6d52675d4905fa19a435c71e268d5206a195de9901775ceaee42ed1b61fe37e39238637bbed1d1d3093d2b76213b2c15eadc39663674933f4698d97b1e982ec1f910619fd209c94d5a5d9ffb22150410aebed11aa40984fa54eb2ce26d46f067e9c0492c17d77a7abb46b4069492d7be9f8a3f43dd22c8dc236ddcfa2a250ecb88b527465a346acf7a521b06369bac1bf771810ff139675bb02c20258eba065fa680c95b8aa9b03d62d7654de11aac1445655d4ad4da4cbc0c31696296dcdf3322277a7a5ff9d0feef3cc582d34936f5ebe244ba76ddc5ff9633cdfdeac878f3ae7efa9fae037c119f5e8b3207c96d75698cb1ea082f1d586fbfb270f8c2d05e4a16ac080d625263323001a1b0fe880df4bc3805cc39678b2f438e02214812d21bfff15f8004c1f1b98751a423c7b2ee217dc269e28409d1f92bce0b8fbc164a91dfb7405a2fa423bdad5a0798008f76c0f4d14d13c7dddc328be3642d648a26c58db92d829f920fb1b496cb563356f1bf51377bcadf8eb69404372c6a407e612f8e850e0909e80d6bacf9864bb28004c33027be49120b1df26034383662e7c585e09aa76cc27c71889deeff79337c4271642b82376dbbb4d9c66bd0127dcc2d47b9d4f1a3c1e37285f8d253f4526d39822db62c83ea843e0dee1e5b89ab470259ad76407fd87a99b7c259bdb6b0ca4add071df207ebb3c1c93b69155fc31655cb783c34154df5f4df212d4f6b6c773fbd2be0e8fa33bf4f5f243c1def3c5463c80d863ef62f51b204886ab1a9d30d8f9e28c34a51ea2b71fc2edf94106fc03b4280e1a764236452923287c868715fb7b94521e0dd74c56c92a8f4b537d0bcecc928522a530dd17202099a19f17f7b3bbc9416baa4df8a8052aecff8c98e26e93a22dcf64daca287f3bf8a68579656694d68f4cb72ac393ea64518181e6a74891524c009b8025f557b926b565d3a83867456fb4eb0f1bcd15cb5705c36799b6602ca804359a1d8770b8ddd0072ea3c6bb786fdb2146cae16e062e30c78f31df5eea9740050feba0e9028e444f725b74e83eaad7779e7243ac5d7f7e877cd1070dba662a8abb81926992e794a200be76bbb28c3011e5209f2364883b41c4aaf9957279640d2db32ae7c14b70f57263230560cc80d1cbc2ee7f5c276458a22d6abfe98b8615dcdfbbac08760e76d7dd539c7f47ae9d6717bd40254a3809b38df99ce654d2f532fd807ac944ab5a3bfeeb198f13e1e63ba9900c5900bcb620451872bbde3a6bf66d13407b442e3c07c7c58670c8ccf7a577e9bb3b1bb0a247de0f838f4a94efb16cff6ec004cb018add1458df671e3d185de91e15f0688cad76149142d847dde43016e85e380d68f9d7b5ac74a365b12d8586c7b32aa4740e15b5bfa4c8506bc0c6a09b3e9f92ebf08f7d1261657cd225c1cac7ed4511aa7deeb4d2f2e821a39f658bcd8b4c7711be40f81d4f7289a06577ce2ecf50e9bc7fc392f25901a66d2f1d49feb089c7806897421b70d442a2b6719308c9a7030ba9e389beddc5d47d59755d6ba4f803d06546db3a31c8ac05d018fc4e6399cc0aa83d390a1f4388037cc765af52f941eed02689cc5bf4e4763127f273bd8a229f20823b6cf2f30243dc57cad892051b5ae6f93ffbfef084580dad8dd62e758635380b7ced948a3f0e2eeaa00ce3b8a138b74259a3d5ae586c3c08352afe0b57490d58aaa7dd010c4e1b2f7e0ab8b78f7f846031ddd3ad8295d58d3540d45ec4a54b686a58da43073f7c5604c2bf59b01dda75a98b4ef07f7a2f54b004edbf2179923821d05f6200fcf71b1883eda3abe552b656f941a6d330be6c7a56249010deab75a125c653a824beede7870ca057175f457e0a613523ed37108b4f2de05157b247f62db3b1da528d565a95970df776671dcbc768b43c72f09c22bbea237f7fa16c5495a15b53678762828e36f83cccc81ff9eb9650546e231bebc9378d3b0598c9bcfb46bf0211295b0fb4be2e80950244879c3872c4ce05cbd72600f65dbe8850b8288785056037c95a954c3ceb5e128ba7fc344328a726eb2ac5571bc155c6b1df40f7a8a48a6abc82fe6ea9659248f8713ababee748f8ab3bd70a746dafc49dd2edbc0d197903e9cdb085039acc6d11eedb20a73badb6651140de70fbf7fce9f939d6e2e030e72fc27109b8c0ab56a79001377d9f195ae13a2e73552f585b664798d28984b860d554d98e31f90ab5612215c92b05d5aa45b49ab2b014662c150423d3b2a1e3b4d8acc9eec0cc41e7305a57932f83ff13581e48dba8b874641bf0beaf8a58dbd77b6aad0762343ebf9a8aa4072bfcb9de559151df20b4bb905b1153ed3dbe848b6c1a9c52ff0ea39ddbe52dd08962b882bd63d85cc1392a788c0265610cf01d4463367b1f03c7c205638be9f1338bd6793418bd2f1847949b4c96c740bd46a46e8b9b7dbf980a917c4f7e3b35dc1fd5b25d2f4089914886148365632dbd02c49fc284cddd26cf54a90398d1dd4065262690bffc250c38d3d7eafe826660b66a975772f5f980a8b33a568ccee82e4f1c381d59c17c6001cd03014e6d0343ccba48d9ebf2e503d4b4b98d441a46541f5a459616293753d7447220b9fd59d16a812cae0874f463ceeedbd6a15214522dd13765dd998810395f790900b9b9942c7b1b2bdb0beb868e0a2bbb14326583bb174852d18f3d1840dfb461bf50f8af4fbaa6c6dd9df1363714010f667388102af59517bc487ca457c1eb930898deaadbef0fdd52fbe65337a04844536b199d7fe0ba661e219e9e82682f59f82c45449a1239fbc34eb56ce510b394382d18952c6abf5a54d30bfa9ea35b394ac4fb37ed4830c111ed6e09274bca9c1f9dd6f28b088f76e984c43ae457a5622b1f57e3a19def81260c39116a4b5e7fe633c58e07dc55c21dca11bbd56e651a9684778cb9b9d9bb1cc86ae2f34ac6743b082ceb8cc46684b1f66653b399518c7a002760ce224313479c2cd11f455560fbdaa4957e21e73defe6e4f05acad7d40f7735f4831501fad6e65149bb90060a0a383759ad875c55594f601adfea717354e7bbe93b1bed9c2c60c13622f540d677897cfd85f9005b618f4e069c6429063239252af4dece42e0ab0849e53ef246eb9cc862aaef472d252ea49ec79cbb380302f57279575b24132683d3dd4202b9fdff5741fd7968ca4da26f6a28756bc4e7266bd619b7d6daf6a7d21a9e3b7e41661b4d5df07005949a6dafa8349fd7cc0181aac710cf6bc5f208878bfde9ba304b1c52e2b91bd1083e562580a60597f54626f10c327668f03fdc631b4d52bee355cb6096616b1608fba65ab36808cd2bd869c62eaf2c86ea518e1d35a75c9ce95e58408d86f5b303106da865a4f72f54e3623a5bff15785a32e9668da4952064a3f8a68511bc325bbc52465317be9154770d7b0314f56048473f5335cf9877b58e9a3cda4381b203c564b3987b9415fad4d15ae67eb1a808d055f21cf4783bca59468b53fb2b43abdb69bb42a85f47f3ffa430f4ddc51b233810b432a9f357d06a6886b089c2aa2db3503ec3b391a3c209f6afa7fca43f45683fd8a67e2a84d238703695cbafcf9322734b29db89cf87d945c5294dff4d588f80c0e7487ce42b371b1f29a7ca368ae791a70af42d43b25d9161edf5f2179457f4c20a905a9ad0235fbb1d76f2d0bdc34bd701bea88b09a850034edf922d27f66aaf81ff32a4edc9af5b52373ea36f6f16c9018d4cbec809b53be22a7676da0f497e12b003761588a9f0413755d7952443a43cfc09afb7e91b845f3eea774f2327343a9ddd33cd5da4f808c77a79123fae9206cf2024f2b6b6fa0afd8794f9a0f236d3ded1f511d47866d80866ef97efb5464de7cc4d4b428f3a0f68fc2619922db376d2ae69522b36fedd7c3a1b7473992b941d1b66abb72651c1cc765ed68d748760b9f3681a4b85f334a0fc00a1d5b746750ba730b60b5d9a2a749af1b03e2bbc3168cecfba24a2a76f19952d7286331f888404b4e72d2c8d998103ef49b06a64854cf7e640b2b5d25f675dbd6436c65eeb80fc1f82f68e35d5d54dcdc6649665753d3de9f124f6aef3bee527c795a612e421d7ffa66e73766b22a3049577f7a2c6eb477d0ae55c98f5fdfb7eb53035ca251848f9bd3c79b623b7a0461772875ff18ebaed05824ab2e6cb54f373f57dda9d426b090b3623d2a7344d65cba05ce43a626c0a824bf64381ffb08aa5664858dbca0d25d9730ed366ed80c022805542eae20831f143e8144ccb9b57e26cd980ca346403e160a73912d3dc8263b4c6cffa2c95d1f446f40195437e7a243b400d02f5cfee3ceca56c72e64804d0f6c7d43bee467189fd97b19556b846cc19f96d6490afc1cf5f5496843534b966833b66c97bdcd51f4fb4dd175b2b30a39aee2e1816f0b9f037615cce03a7a326a40f6cdc1505ce57f32d240184a4e1f039b0c041ff0cc5c336e920fbf30b3db648568e5b60050236c28d9d1e36582deb271f0196f32efada9b464a8de8148fd5a9f3405b7fb3191c1cf8972d16885d0a624a891e991ac3965585989179f87ceadea5ffdad0e758d2bb92760ae6d7bdd4e2695e71872134143886d86df8768b9aeee55b08df4123ae83644f0bbbc516e56525923ff492bf1b0cc748523642ea7b09a1131ea86831608558af018c4deec11246cd9e1b518787aa41fefe1cd8781a177114ecd3ebe1c2b5527e74d9d5e0f4853d15bb083b91b41837a619927dd1d8facd704013fa01ec065d3212be51a92c00afd083e4e2888d45a175a98db902be18214fe80b7f0b05762a96fdca034878ddea84788446bcdab48d57989b76541f1bf5e1280fcfc6ea65de593990207ec4ea67de126014ed306350261f2225a1dd568ca44e8dda6fac906da5b1eba679c69b08dfc0579e350faa51cd6c7be34ec2a0c7bfc65c830ce78c04795676a0c01290f08920b2cf8dc74632fd98adea6d35cb843049b9042b1970d17cd668772bbbd0b90a7451d8fe6027398707ab01dc886dc51621fae2974165bfae14a72ab6dff9e43e5589b17467845800e34ff2198f1ef6812f0a25d4d37deec3feafa77dde636f4cdefaf9c555d089b86bf599f76149c827f8c3392dd49c2d8371b5e95f3eb17b97a5a416db6194406f05ef41b45df3cfaafc19b5d6ce814636b92808de3dff262345b8fabcf7abe39d7c45cfd43f40b12672bff6cfb9716623ad50e1436e19895a72d8d19f253efc628f6d4986020051315aef35343ce44167824a53c93bcc85a4bb3e47caa60dec3ca8588ecc1ed508e4f4c526f5283cce5252105cd388726109bfd2224743d1acff6c62b45708681e4ce926b5065055e45134f1dad59454cd1b2478b3dfc65fbb5e65eaf84dd5af10148a276af41b58bf679d90090c3ed2f6e3b03bbd78edc7fd50270d24149484f8bf0e3ce2842ffafa62e7bb0cc6fbf87c6808513f3a0c59565bbb743a426bc4bf782b1f1ea748b9209474300b7e5d86dc071c8b8254399ce57fbab49f6569dfc4993f0dd57761ba4341fc53de03c7a4c06ec64da13c811080455391a022f6af1312f73099bc724a2958765126c35a7c556c2eae50aae8f0187fb52b22b93d3b8ac96d6cdabda582710f20e0167686b2d0d5153c77c379de5aeaf53b4d11e15d1c6db03b4a4d41d1a4ea06aca106a9085981693a8200aab69467eec8657cef7e5489188e990cad212be68f8ce07941704731acfe13e66aa07c03735992b82c21f91ba9fee85f7034056c490b63bee9de8ed06c285d7a9f6d262be281decbac0692bd403347a505f14154c7c7cd37a4840e1871ddcaaaca61f7930fd12841928029c6210d7c58abddd62cc433a0f61325ce33c9041e7ecf82412840760c94ec229cfd02fe22c4baf94bfa27e46a7f5e4e1d1923f1813dfbb9bb2791ee6c6d21bd25f079ec2174ba6fd37ef5fb0e7e8565fcf10cf0f5ee8cfb02954d1048880d22a44d3067db254715748a349f8a606bb8d22f6d84483c51e6f277ff62957469565ccdeeca134644c0151312fd1a8a1007806225aaf742f9246e202fd681e0465a2ecb405f0a3b7210da42b7d00bd39578d8c661ea2dbe4baa83ba53d912e37993a1a220e23250cbab07fe4ec623ce85b1c5b45af1c98e6d5c70aec5d7d78193f1c28396921e86b66ebf", 0x2000, &(0x7f0000004d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
lseek(r0, 0xffffffffffffffff, 0x1)

53.565908577s ago: executing program 4 (id=1907):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000040))
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000)
r1 = dup2(r0, r0)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040)=0x1)
read$FUSE(r1, &(0x7f0000002b00)={0x2020}, 0x2020)

53.416066062s ago: executing program 36 (id=1907):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000040))
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000)
r1 = dup2(r0, r0)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040)=0x1)
read$FUSE(r1, &(0x7f0000002b00)={0x2020}, 0x2020)

2.176427955s ago: executing program 7 (id=2533):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000000df00850000008600000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.176107197s ago: executing program 7 (id=2534):
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)

2.099762545s ago: executing program 7 (id=2535):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
rt_sigqueueinfo(0x0, 0x3a, &(0x7f00000001c0)={0x1a, 0x2000, 0x80})

2.048027239s ago: executing program 7 (id=2538):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000340)="1400000023003517d25a806f8b6394f90324fc60", 0x14}], 0x1, 0x0, 0x0, 0x2000000}, 0x0)

1.426955103s ago: executing program 0 (id=2541):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, 0x0, &(0x7f0000000300))

1.368348841s ago: executing program 0 (id=2542):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TCGETA(r0, 0x5405, &(0x7f00000004c0))

1.368112479s ago: executing program 0 (id=2543):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000005001000050000000500000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r0, &(0x7f0000000100), &(0x7f0000000180)=""/177}, 0x20)

1.306939529s ago: executing program 6 (id=2546):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010028bd7000ffdbdf2514000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)

1.306827482s ago: executing program 0 (id=2547):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x18)
inotify_rm_watch(0xffffffffffffffff, 0x0)

1.177038627s ago: executing program 0 (id=2548):
ioprio_set$uid(0x3, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@utf8}, {}, {@gid}, {@errors_remount}, {@fmask={'fmask', 0x3d, 0x80}}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@errors_continue}, {@allow_utime={'allow_utime', 0x3d, 0x8}}]}, 0x1, 0x14d1, &(0x7f00000015c0)="$eJzs3AlwlcW2KOBe3f1DiBG3EZl79fphiwGaiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBg5iIiIyCSTQL/C47ncczy3uO+8cy+vKuur6kqv/Hut3Z1VyT9UZf/UdViNxjWrNiAi8a9Qf5vAX78kCyFihBADhRC3CSECIUTZ+LLx147nUpD8L70J+x/SMPVmr4DdTNz/7I37n71x/7M37n/2xv3P3rj/2Rv3P3vj/jOWraUVuJ1H9h38/D874/N/9sb9z964/9kb9z974/5nb9z/7I37n71x/7M37j9j2dr/B8+gedzEwRhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM/S+44K/TQoi/zW/2uhhjjDHGGGOMMfbv43Pe7BUwxhhjjDHGGGPsfx4IKZTQIhA5RE4RI3KJWHGLiBO3itziNhERt4t4cYfII+4UeUU+kV8UEAVFIVFYGIHCChKhKCKKiqi4SxQTd4sEUVyUECWFE6VEorhHlBb3ijLiPlFW3C/KiQdEeVFBVBSVxIOisnhIVBEPi6riEVFNVBc1RE3xqKglHhO1xeOijnhC1BVPinriKVFfPC0aiIaikXhGNBbPiiaiqWgmmosWoqVo9S/lvyV6iLdFT9FLJIveoo94R/QV/UR/MUAMFO+KQeI9MVi8L4aIoWKY+EAMFx+KEeIjMVKMEqPFx2KMGCvGifFigpgoUsQnYpL4VEwWn4kpYqqYJqaLVDFDpInPxUwxS8wWX4g54ksxV8wT88UCkS4WikViscgQX4kl4muRKZaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdopdYrfYI/aKfWK/OCC+EVni2//L/PP/kN8NBAiQIEGDhhyQA2IgBmIhFuIgDnJDbohABOIhHvJAHsgLeSE/5IeCUBAKQ2FAQCAgKAJFIApRKAbFIAESoASUAAcOEiERSsO9UAbKQFkoC+WgHJSHClABKkElqAyVoQpUgapQFapBNagBNeBReBQeg9pQG+pAHagLdaEe1IP6UB8aQANoBI2gMTSGJtAEmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIAk6QkfoBJ2gM3SGLtAFukJX6AZvwpvwFrwFb8Pb0Auqyd7QB/pAX+gL/WEADIB3YRC8B+/B+zAEhsIw+AA+gA9hBJyDkTAKRsNoqCzHwjgYDyQnQgqkwCSYBJNhMkyBqTAVpkMqzIA0SIOZMAtmwRcwB76EL2EezIMFkA7psAgWQwZkwBI4D5mwFJbBclgBK2EFrIY1sBrWwXpYBxthI2yGzbAVtsJ22A47YSfsht2wF/bCftgPQyALsuAgHIRDcAgOw2E4AkfgKByFY3AMjsNxOAEn4CScgtNwCs7CWTgH5+ECXIBLcAkuw2W4Clev/fLLa7TUMofMIWNkjIyVsTJOxsncMreMyIiMl/Eyj8wj88q8Mr/MLwvKgrKwLCxRoiQZyiKyiIzKqCwmi8kEmSBLyBLSSScTZaIsLUvLMrKMLCvvl+XkA7K8rCDbukqykqws27kq8mFZVVaV1WR1WUPWlDVlLVlL1pa1ZR1ZR9aVdWU9+ZSsL3tDf2gor3WmsRwKTeQwaCabyxaypfwQnpOt5QhoI9vKdvIFOQpGQgfZ2iXJl2VHOQ46yVfleHhNdpEToat8Q3aTb8ru8i3ZQ7ZxPWUvOQV6yz5yOvSV/WR/OUDOhOryWsdqyPflEDlUDpMfyAXwoRwhP5Ij5Sg5Wn4sx8ixcpwcLyfIiTJFfiInyU/lZPmZnCKnymlyukyVM2Sa/FzOlLPkbPmFnCO/lHPlPDlfLpDpcqFcJBfLDPmVXCK/lplyqVwml8sVcqVcJVfLNXKtXCfXyw1yo9wkN8stcqvcJrfLHXKn3CV3yz1yr9wn98sD8huZJb+VB+Vf5CH5nTwsv5dH5A/yqPxRHpM/yePyZ3lC/iJPylPytDwjz8pf5Tl5Xl6QF+Ul+Zu8LK/Iq9JLoUBJpZRWgcqhcqoYlUvFqltUnLpV5Va3qYi6XcWrO1QedafKq/Kp/KqAKqgKqcLKKFRWkQpVEVVURdVdqpi6WyWo4qqEKqmcKqUS1T2qtLpXlVH3qbLqflVOPaDKqwqqoqqkHlSV1UOqinpYVVWPqGqquqqhaqpHVS31mKqtHld11BOqrnpS1VNPqfrqadVANVSN1DOqsXpWNVFNVTPVXLVQLVUr9ZxqrZ5XbVRb1U69oNqrF1UH9ZJKUi+rjuoV1Um9qjqr11QX9brqqt5Q3dSbqru6oq4qr3qqXipZ9VZ91Duqr+qn+qsBaqB6Vw1S76nB6n01RA1Vw9QHarj6UI1QH6mRapQarT5WY9RYNU6NVxPURJWiPlGT1KdqsvpMTVFT1TQ1XaWqGar/H5Vm/zfyP/0n+YN/f/fNaovaqrap7WqH2ql2qd1qj9qj9ql96oA6oLJUljqoDqpD6pA6rA6rI+qIOqqOqmPqmDqujqsT6oQ6qU6pi+qMOqt+VefUeXVeXVSX1CV1+Y+fgdCgpVZa60Dn0Dl1jM6lY/UtOk7fqnPr23RE367j9R06j75T59X5dH5dQBfUhXRhbTRqq0mHuoguqqP6Ll1M360TdHFdQpfUTpfSifqe/+f8G62vlW6lW+vWuo1uo9vpdrq9bq876A46SSfpjrqj7qQ76c66s+6iu+iuuqvuprvp7rq77qF76J66p07WybqPfkf31f10fz1AD9Tv6kF6kB6sB+sheogepofp4Xq4HqFH6JF6pB6tR+sxeowep8fpCXqCTtEpepKepCfryXqKnqKn6Wk6VafqNJ2mZ+qZeraerefoOXqunqvn6/k6XafrRXqRztAZeoleojP1Ur1UL9fL9Uq9Uq/Wq/VavVav1+v1Rr1RZ+oteoveprfpHXqH3qV36T16j96n9+kD+oDO0ln6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+gT+qQ+qU/r0/qsPqvP6XP6gr6gL+lL+rK+rK/qq9cu+wIZyEAHOsgR5AhigpggNogN4oK4IHeQO4gEkSA+iA/yBHcGeYN8Qf6gQFAwKBQUDkyAgQ0oCIMiQdEgGtwVFAvuDhKC4kGJoGTgglJBYnBPUDq4NygT3BeUDe4PygUPBOWDCkHFoFLwYFA5eCioEjwcVA0eCaoF1YMaQc3g0aBW8FhQO3g8qBM8EdQNngzqBU8F9YOngwZBw6BR8EzQOHg2aBI0DZoFzYMWQcug1b+1vvfn8j3veppeJtn0Nn3MO6av6Wf6mwFmoHnXDDLvmcHmfTPEDDXDzAdmuPnQjDAfmZFmlBltPjZjzFgzzow3E8xEk2I+MZPMp2ay+cxMMVPNNDPdpJoZJs18bmaaWWa2+cLMMV+auWaemW8WmHSz0Cwyi02G+cosMV+bTLPULDPLzQqz0qwyq80as9asM+vNBrPRbDKbzRaz1Wwz280Os9PsMrvNHrPX7DP7zQHzjcky35qD5i/mkPnOHDbfmyPmB3PU/GiOmZ/McfOzOWF+MSfNKXPanDFnza/mnDlvLpiL5pL5zVw2V8xV469d3F87vaNGjTkwB8ZgDMZiLMZhHObG3BjBCMZjPObBPJgX82J+zI8FsSAWxsJ4DSFhESyCUYxiMSyGCZiAJbAEOnSYiIlYGktjGSyDZbEslsNyWB7LY0WsiA/ig/gQPoQP48P4CD6C1bE61sSaWAtrYW2sjXWwDtbFulgP62F9rI8NsAE2wkbYGBtjE2yCzbAZtsAW2ApbYWtsjW2wDbbDdtge22MH7IBJmIQdsSN2wk7YGTtjF+yCXbErdsNu2B27Yw/sgT2xJyZjMvbBPtgX+2J/7I8DcSAOwkE4GAfjEByCw3AYDsfhOAJH4EgchaPxYxyDY3EcjscJOBFTMAUn4SScjJNxCk7BaTgNUzEV0zANZ+JMnI2zcQ7Owbk4F+fjfEzHdFyEizADM3AJLsFMzMRluAxX4ApchatwDa7BdbgON+AG3ISbcAtuwW24DXfgDtyFu3AP7sF9uA8P4AHMwiw8iAfxEB7Cw3gYj+ARPIpH8Rgew+N4HE/gCTyJJ/E0nsazeBbP4Tm8gBfwEv6Gl/EKXkWPMTaXjbW32Dh7q81tb7P/GOe3BWxBW8gWtsbmtfn+LkZrbYItbkvYktbZUjbR3vOnuLytYCvaSvZBW9k+ZKv8Ka5lH7O17eO2jn3C1rSP/l1c1z5p69lnbX3b1DawzW0j29I2ts/aJrapbWab2xa2pW1vX7Qd7Es2yb5sO9pX/hQvsovtGrvWrrPr7T67316wF+0x+5O9ZH+zPW0vO9C+awfZ9+xg+74dYof+KR5tP7Zj7Fg7zo63E+zEP8XT7HSbamfYNPu5nWln/SlOtwvtHJth59p5dr5d8Ht8bU0Z9iu7xH5tM+1Su8wutyvsSrvKrv6PtS63G+0mu9nusXvtNrvd7rA77S67+/f42j4O2G9slv3WHrU/2kP2O3vYHrdH7A+/x9f2d9z+bE/YX+xJe8qetmfsWfurPWfP/77/a3s/Y6/Yq9ZbQUCSFGkKKAflpBjKRbF0C8XRrZSbbqMI3U7xdAfloTspL+Wj/FSAClIhKkyGkCwRhVSEilKU7qJidDclUHEqQSXJUSlKpHuoNN1LZeg+Kkv3Uzl6gMpTBapIlehBqkwPURV6mKrSI1SNqlMNqkmPUi16jGrT41SHnqC69CTVo6eoPj1NDaghNaJnqDE9S02oKTWj5tSCWlIreo5a0/PUhtpSO3qB2tOL1IFeoiR6mTrSK9SJXqXO9Bp1odepK71B3ehN6k5vUQ96m3pSL0qm3tSH3qG+1I/60wAaSO/SIHqPBtP7NISG0jD6gIbThzSCPqKRNIpG08c0hsbSOBpPE2gipdAnNIk+pcn0GU2hqTSNplMqzaA0+pxm0iyaTV/QHPqS5tI8mk8LKJ0W0iJaTBn0FS2hrymTltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjtoJ+2i3bSH9tI+2k8H6BvKom/pIP2FDtF3dJi+pyP0Ax2lH+kY/UTH6Wc6Qb/QSTpFp+kMnaVf6Rydpwt0kS7Rb3SZrtBV8iRCCGWoQh0GYY4wZxgT5gpjw1vCuPDWMHd4WxgJbw/jwzvCPOGdYd4wX5g/LBAWDAuFhUMTYmhDCsOwSFg0jIZ3hcXCu8OEsHhYIiwZurBUmBjeE5YO7w3LhPeFZcP7w3LhA2H5sEJYMawUPhhWDh8Kq4QPh1XDR8JqYfWwRlgzfDSsFT4W1g4fD+uET4RlwifDeuFTYf3w6bBB2DBsFD4TNg6fDZuETcNmYfOwRdgybBU+F7YOnw/bhG3DduELYfvwxbBD+FKYFL4cdgxfueHx5LB32Cd8J3wn9P5xNT+6IJoeXRhdFF0czYh+FV0S/TqaGV0aXRZdHl0RXRldFV0dXRNdG10XXR/dEN0Y3RTdHPW+Zk7hwEmnnHaBy+FyuhiXy8W6W1ycu9Xldre5iLvdxbs7XB53p8vr8rn8roAr6Aq5ws44dNaRC10RV9RF3V2umLvbJbjiroQr6Zwr5RJdS9fKtXKt3fOujWvr2rkX3AvuRfeie8m95F52Hd0rrpN71XV2r7ku7nX3unvDdXNvuu7uLdfDve16ul4u2SW7Pq6P6+v6uv6uvxvoBrpBbpAb7Aa7IW6IG+aGueFuuBvhRriRbqQb7Ua7MW6MG+fGuQlugktxKW6Sm+Qmu8luipviprlpLtWlujSX5ma6mW62m+3muDlurpvr5rv5Lt2lu0VukctwGW6JW+IyXaZb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2uR1uh9vldrk9bo/b5/a5A+6Ay3JZ7qA76A65Q+6w+94dcT+4o+5Hd8z95I67n90J94s76U650+6MO+t+defceXfBXXSX3G/usrvirjrvUiKfRCZFPo1MjnwWmRKZGpkWmR5JjcyIpEU+j8yMzIrMjnwRmRP5MjI3Mi8yP7Igkh5ZGFkUWRzJiHwVWRL5OpIZWRpZFlkeWRFZGfG+0LbQF/FFfdTf5Yv5u32CL+5L+JLe+VI+0d/jS/t7fRl/ny/r7/fl/AO+vK/gK/qmvplv7lv4lr6Vf8639s/7Nr6tb+df8O39i76Df8kn+Zd9R/+K7+Rf9Z39a76Lf9139W/4bv5N392/5Xv4t31P38sn+96+j3/H9/X9fH8/wA/07/pB/j0/2L/vh/ihfpj/wA/3H/oR/iM/0o/yo/3Hfowf68f58X6Cn+hT/Cd+kv/UT/af+Sl+qp/mp/tUP8On+c/9TD/Lz/Zf+Dn+Sz/Xz/Pz/QKf7hf6RX6xz/Bf+SX+a5/pl/plfrlf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t9/j9/p9fr8/4L/xWf5bf9D/xR/y3/nD/nt/xP/gj/of/TH/kz/uf/Yn/C/+pD/lT/sz/qz/1Z/z5/0Ff9Ff8r/5y/6Kv8r/s8YYY4wx9t+ibnC89z/5nvxjXNNHCHHr9gJH/rHmhrx/nfeT+zpGhBAv9+ra8G+jYcPk5OQ/XpupRFB0nhAicj0/h7geLxXtxIsiSbQVpf/p+vrJikA3qB+9X4jY/5QTI67H1+vf+1/Ub7rwhvXnCZFQ9HpOLnE9vl6/zH9Rf3f7G9TP9V2KEG3+U06cuB5fr58onheviKS/eyVjjDHGGGOMMfZX/eSlbje6v712f15QX8/JKa7HN7o/Z4wxxhhjjDHG2M332pvdX3ouKaltZ57whCc8+Y/Jzf7LxBhjjDHGGPt3u37Rf7NXwhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZV//Gx8ndrP3yBhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjN1s/ycAAP//fMhn/w==")
r0 = open(&(0x7f0000000240)='./file2\x00', 0x145142, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x5, 0x6, 0x0, 0x3}, 0x0)
sendfile(r0, r0, 0x0, 0x800000009)

1.175563022s ago: executing program 6 (id=2549):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000100500000014000500200100000000000000000100000000001c00090008"], 0x4c}}, 0x40000)

1.14728909s ago: executing program 7 (id=2550):
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, 0x0, 0x0)

1.121623281s ago: executing program 0 (id=2551):
syz_usb_connect(0x5, 0x24, &(0x7f0000001340)={{0x12, 0x1, 0x201, 0x4c, 0x77, 0xa6, 0x40, 0x5ac, 0x243, 0x876e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0x1, 0x40, 0x14, [{{0x9, 0x4, 0xd6, 0x8, 0x0, 0x3, 0x4a, 0x2, 0x5}}]}}]}}, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0})

1.065795622s ago: executing program 6 (id=2552):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/timer_list\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000001500)=[{&(0x7f0000002980)=""/4084, 0xff4}], 0x1, 0xf73, 0x3)

962.718896ms ago: executing program 6 (id=2553):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
fchown(r0, 0x0, 0x0)

962.451218ms ago: executing program 6 (id=2554):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = syz_open_dev$sg(&(0x7f00000000c0), 0x5, 0x145d01)
ioctl$SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000100))
r1 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_int(r1, 0x29, 0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xffff, 0x0)
socket(0x200000100000011, 0x3, 0x3)
write$evdev(0xffffffffffffffff, &(0x7f0000000040), 0x373)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r6, &(0x7f0000000040)={0x1f, @any, 0x2}, 0xa)
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc8910610700fa6fa26fa7088c60897d4a6148a1c1e43f00001bde605cbeac671e8e8fdecb035865e362ead91b1979a5ae30705b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd21142525815b91076ccb7b37b41215c184e731fb13d100323b77f613af02b6f3259d6f3ac85da4fe304ecfca2be5f4a8b3910a8f0a88d082ac161c4a3c1132831a88f199f67aca8f4698996d076250b2b75cdc7776b8cab72716149f70efb190007832c6077da0df4c63a226284cd6a2e5ec5bb28f18dd44821065b9758fd159c490421901361244c01bfa0cddbc726f2b4ceace9f9309f507e6a7135b33f418af0a63bfb480c2feced947dae1d7dc19c4f1807b17c559c27be4d18b2e0a3cf26832d7fc97cea307de1852f90317b501bf66473eb6dac986d7b5682abc3a5ea1dabde56b9e3a56ba20a65dc0df39edd5f34ed22a8f0c6594a894901e455d0369e407dae0f4fb4e181415153000000b6b384cb4bbfd4edfd70cd7324de228e1047a61292abe63fc71063a9040bd927779d56ef0f4725dfb3822ce1e24632f7d51a0e65bd5664fcd3e4a0b0388b842115b5689769438f9763a55956288e78b6cad0ff3f310722b4a5cc4f25a69753fcc8ece189808e6f2f71ca2337d0de3a9feaa3f4cd2a2c69d21daec3751aca69f0a6f5b0af65aace6d04dad91c67e57a0f7b8accb3f8d9b787e002e56a7149c2d10a268884e695256ddb9c17853e29689f41667522e6932294"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x9}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4000000}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x14, 0x4, 0x4, 0x12, 0x8404, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x40000000}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r8, r7, 0x26}, 0x10)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
r9 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r9, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
shutdown(r6, 0x1)

920.076651ms ago: executing program 7 (id=2555):
r0 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000e00)='./file0\x00', 0x10000, &(0x7f0000000300)=ANY=[@ANYBLOB="7913c3b51f826faf00a905d234e43ec3ecd65a6baf25f95b1808735dc5afa30b5656832b9d1f1ae5ee845c7782210920ebd48234468fb143ffdf522e4b213048f03f3e9c06782909b402e67b21cd82c8846e2c44abcb2a11f0c8a5eb32f4d8112dc46be09c9641075ccc45b47ef3c4cdd63ae12d002ab185d3fa3ed3a23f8d0561060c3f8317056fb220e37d7110479ed1d4ec761fe68114f491eef2b0c3450906963813879dbcab9ae33b6d59adba2bdd0a3476cf09904039f80616fe866c86ac8a3c8e4cead278cd152e41123df0c5ed32744b6f344f429b62b6ad7c36435554ef776de19529b465b5f573527e", @ANYRESDEC=r0, @ANYRES64=r0, @ANYRESOCT, @ANYBLOB="ee2660c2c88df0013edbacc672bd36751ff99062667c2b501ffc9774e63215a8430f9285", @ANYRES32=r0, @ANYRES64=0x0, @ANYRES16=r0, @ANYRESHEX=0x0, @ANYRESDEC=r0], 0x0, 0xdc8, &(0x7f0000002a00)="$eJzs3c9vHNUdAPA3a28cktDYaajdNE1cQgL9ERtSN63ExUj0UIqQeuRI00DTOuFH6AGUQ8qhJ6RaQvwBRUjkUvVQ9cClijjRC6rUe4U49ZJKSDmgKODK9nvr9Te7nbVje73ez0d6+3bnOzPvvd3Z2dn59RIwtBorj3NzU1VK7374ztP/OvOLvy0POdkaY3rlcTS/mk8pNVvTpTQe5jc/tpp/+fm1C+35Vzmv0rlUpao1PD13qzXtwZTS9TSdbqbx9OTzt+9+sPjMs4sTp29Mvv3Jne1p/ZpquwsAAIBd4Iufv//qPx796bWJO385MZ/GWsPL9vl8fn0ob/fP5w3lsr1c/gdUbXnVYXt6XxhvNKdGGG+kw3jt5TRb41VVezyWvy/Mt9llvLGa8kfahnVqNwyytf/xVWNm3etGY2Zm9T/5sk9H9lUzVy4tvHi1TxUFttztk3kXnyRJQ5eWDvd7DQSwKh43LA6VJ9e39khda26j/7/84tZTjc7TwxaoW/62evlX/mCV//7vrXHYOnt1aSrtKt+jsv0QjyOMhuk2+v0v8xsJ82v2WM9uxxEG5fhCt3qO7HA9Nqtb/eNysVd9O+flfTgR4u3fn/iZDspnDHT2Rc3+/5Vfu12wn1KSpK1PS/1eAQG7Vjxvbikr8XheX4yP1cT318QfqIkfqIkfrInDMPvr639Mi9Xa//z4n36j+8PKfrYHc/61DdYn7o/caPnxvN+Nut/y4/nEsJv98uzHf779u5v/jOf/fxXO/z+Vf0vH8wqi7C+M+9Vb5/6HC4MbXcY7EurzYIfxV54fXT9edXRtPqltPXNPPabWT3e423jH1483HsY7kLdF9of6xu2TA2G6sv1R1qvl/RoN7W2GduwL9SifzETO94f2THRrV9iRvS+M18zp66FdR0O7HgrTfSO0q5pa3664/7zUZzIMj8dJynjhY7vndyl+FvG6jIdz/lbO38v5Rzn/rEO5w6gsj93O/y/L51RqVi9eWrj4eH5dltOPR5pjy8Of2OF6A/ev1+t/ptL6638OtYY3G+3rhcNrw6v29cJ4GH6uy/Af5tfl9+zXIw+sDJ+58PLCr7a68TDkrr7x5m9fWFi4+Jonnuy9J8t/E3ZBNQbxSb/XTMB2m3398iuzV9948+ylyy+8dPGli1fO/+RH5x6f+/H587Mrm/Wz7Rv3wJ6y9qPf75oAAAAAAAAAAAAAPase6Dw453X3ty3Xk5fr0+P18QyG8rmVpaHcx6Bc/9ntvi7l+s2JHagjW28nLifqdxuBzv6r/z9JGtq0tOQu/sDusNP9b8X+/8p9D0t+5e8/27+cymi3nlq/voz3L4T7sdv7n1P+3ur/r9X/Vc/rv9Bj1vjmyr1895EbbcWmY72WH9tf7gN7dGPlX8nll9acSb2Vv/SnUH68UWmPXg7lH+ix/Hvaf3xz5b+Syy9v22Onei1/tcZVY3094n7jch/AuN+4eDW0v9zbb8Pt32RHba/l8mGYDUo/kxs1KP1/dlPmW9aDefXcOk5X7r8d+zvorf5rn3q573f5HXgozL+q+X3T/+dgq+v/syx/s/r/hD3nU8f/JGlo09LSUl+7PhnWfld2i36///3ehux3+f1+/+vE/j/j/6XY/2eMx/4/Yzz2/xnjsX+tGI/9f8b3M/b/GeOTYb6xf9Cpmvg3a+LHauLfqokfr4nH/28xPl0TP1ETP1kTP1ITf7gmfqom/khN/HRN/NGa+GM18b3uOzkf1vbDMIv9Rvr+w/Aox3+6ff+P1sSBwRX7dY7f7zM1cWBwlfM8fL9hCFWd79gR97eX/bhv5fy9nH+U88+2rYLshO/m/Hs5/37Of5DzszmfyflsznUNOdj+8J9jJxartfP8Dod4r+fDxusB4n1inuixPvH43EbPx53ssZztKn+Tl4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIzGyuPc3FSV0rsfvvP0v8/+5sjykJOtMaZXHkfzq/mUUjOlVOXXo2F+18dW8y8/v3ahU16lcyuP5XV67lZr2oPL06fpdDONpyefv333g8Vnnl2cOH1j8u1P7mxP69dU210AAAAA9NH/AgAA//+jA+rE")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x0, 0x8000c62)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1080c, &(0x7f0000000440)=ANY=[@ANYRES64=0x0, @ANYRES8=0x0, @ANYRESOCT, @ANYBLOB="d1794da8c0ccda034276e28a25c45c8e1eb8b595a37ffdfe7d2a8c3972a6931d2cbb0d8dc920bbde15d8790d46ccb3a5f36ff412236251d86334f17545ccae88", @ANYRES32, @ANYRES32, @ANYBLOB="e5f0986a95b4a041c6140884aa3ee1b8a51a2f195aca4ce79a3b534f3fa12c4e1790181917f9b22d45f7d86339c33c4a5e4f7224ec19", @ANYRESOCT=0x0, @ANYRESHEX, @ANYRESDEC, @ANYRESOCT], 0x1, 0xa7a, &(0x7f0000000980)="$eJzs3UuMHEcZAODu3Z21nTh4HGxinJDYBJIIyG68a8zDgjiKL1gx4hYp4mI5TrBwDMKRIFEkbJ+4kcgyN8RDnHKJACGRC7Jy4hKJWOKSU+DAActIkThAgj1oZ6tmZ37PpGe9j97Z+T6ppqa7arqqZ3t6+1VVBTC2Jtqvjfbr5TcvHf3nQ//YtvD+8U6OZvt1qmtqIXeZpqfC8t6bXIxvvP/KyX5xWcy1X/P0ZNdn7yyK4nyxr7hSNIu9l6++9vbcU8cvHLu4/53XD19bg1UHAICx860rhw/u/ttf7t35wRv3Hym2dObn4/Nmmt6ejvuPpAP/hWiqzOcPS+cDZVfoNh3yTaUwEfJN9slXdOVr5Hxbez8Xy58Oy20MyLelovzJcI5ShvrAKMvbcbMoJ2Z6picmZmYWz8mL9nn9dDlz9vSZ587VVFFg1f37gaIo9gnCuIXWjs6PoPa61Be6vgWAWsX7hbc4H68srExnaVPDlX/9iYn+n+/VWM06Mj7We/tXflx+bz3Wu/yq9f/NhTVef8bK8FvT1jWtx2rL65V/R9vTdLyPEJ9fWu7+Jy9vMixv2AOAQfcRRuX+wqB6Tq5zPW7XoPrH7WKz+lqK8/fw9ZDe/fuJf9NR+RsD/f1nw13/37ZUudrrIgibO7Tq3PkA9ao4rY/PzbWSnB6f64vpWyrSt1akb6tIv6Mi/c6KdBhnv3/xp8WrZdG3PV6xeP7f/rEMez0sX2e7K8UfW2Z94vXI5V6Pi8/9LtdKy4/PE8NG9scTT5/68rPPXF18/r/sbP830/a+L00302/rSsqQrxfG6+qdZ/+bveVMDMh3d6jPXX3yt9/v6s1X7lpaTtG1n7mlHnt6P7djUL77evM1Q75tKcTDpXh8ckf4XD7+yPvV/H1NhfVthPWYDvXI+5WdKR6tuzFsVHl7HPT8f94+9xSN8rnTZ049lqbzdvrnycaWhfkH1rnewMoN2/5nT9Hb/md7Z35jonu/sGNpftm9X2iG+XMD5s+n6fx/7juT29rzZ05+78yzq73yMObOvfTyd0+cOXPqB9544403nTd175mAtTb74gvfnz330suPnn7hxPOnnj91dv7Qofm5uUNfmT842z6un+0+ugc2k6V/+nXXBAAAAAAAAAAAABjWD48dvfrXt7707mL7/6X2f7n9f37yN7f//0lo/x/byed28Lkd4M4+6e08oYPV6ZCvkcLHQ313hXJ2h899IsWdcfxS+/9cXOzXNdfnnjA/9t+b84XuBG7pL2U69EESxwv8dIovpvjXBdSo/Hn/2Smu6t86b+u5fwr9Uoym/HfL/Znkfkxy++9B/Trl/f/O/ov98WrXk9W1Hs0J615HoL9/bbj+v9ckLHX4WXtdus4Yaq+LsNHCjVartZ7ltVofNYqHsaaA9VP3+J/5umeOz/7pG1sXQs52/Yne/WXsvxRWou7xL2srP19YHNf1H7L81R7/szP+3dD7vzBiXvP2yv3vL66921VssXdg+VuKnvLj+ud+oHctr/wPUvl5bR4uBpXfu/6tX4Xy4w2hIX0Yyr9jyPLj+l9absGpwP+l8vPX9siDw5a/uIByorce8bpxvv8XrxtnN8L65749l7v+tztQ481UPoyzURlndrl6xv+90Fr/8X9XOMJQfA7ji2k67wjzcw5xvJPl1j8/X5H/D+wOyy8r/r8Z/3e0fTXFVb+HPP5v3h6bfaYnuqYbfb7bzbqvgVH13qrd/+t6Ym4D3EcRxieUtrnbDq1Wq9abfO4w1qvu77/u84S6y6/7+68Sx/+Nx/Bx/N+YHsf/jelx/N+Y3r6u+OHSoL3x+4rj/8b0OP5vTL8nlBvHB95Tkf7JivS9Fen3VqTfV5H+qYr0/RXp91ekP1CRfndF+oMV6Z8Jf/GY/tmKzz9Ukf7IR6fP/6ji85tdbo8yrusP4yy2z/P7h/GR7/8M+v3vqkgHRtfP3jjw5DO/+3Zzsf3/dOd6SL6PdyRNN9K5czxfitdPJlPaW2n67yF9o1/vgHES+8+I/98frkgHRld+zsvvG8ZQ2b/HnmH7rRp0nM9o+VyKP5/iL6T40RTPpHg2xQdSPLdO9WNtPPnbPxx+tVw6398R0od9njy2B4r9RM0PWZ94fWC5z7PHfvyWa6Xl32ZzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNpMtF8PHtxTFsXlNy8dffr46dmFOY93cjTbr1NdU43O54risRRPpviX6c2N91852R3fTHFZzBVlUXbmF9+83inpzqIozhf7iitFs9h7+eprb889dfzCsYv733n98LW1+wYAAABg8/t/AAAA//9N2hwq")
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x0)

0s ago: executing program 6 (id=2556):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000b00)=ANY=[@ANYBLOB="3c01000016000100000000000000000000000000000000000000000000000001ffffffff00000000000000000000000000000000000000080000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000004d66c00000000000000000000000000ffffac1e00010000000000000000040000000000000000000000000000000000000000000000000000000020000000000000000000000108000000000000feffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070000000000000000000010000000000000000000000000ff7f00001c001700000000002bbd700028bd700029bd70002bbd7000f25f403628001a"], 0x13c}}, 0x0)

kernel console output (not intermixed with test programs):

h 1)
[  219.454673][ T9796] EXT4-fs warning (device loop4): dx_probe:791: inode #2: lblock 0: comm syz.4.1469: error -117 reading directory block
[  219.460262][ T9796] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  219.469977][ T9796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.497941][ T7970] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.570743][ T9804] IPv6: NLM_F_CREATE should be specified when creating new route
[  219.573497][ T9804] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  219.575909][ T9804] IPv6: NLM_F_CREATE should be set when creating new route
[  219.579048][ T9804] IPv6: NLM_F_CREATE should be set when creating new route
[  219.582052][ T9804] IPv6: NLM_F_CREATE should be set when creating new route
[  219.613879][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  219.922037][ T9827] loop0: detected capacity change from 0 to 128
[  219.930323][ T9827] FAT-fs (loop0): Directory bread(block 414) failed
[  219.936116][ T9827] FAT-fs (loop0): Directory bread(block 415) failed
[  219.938986][ T9827] FAT-fs (loop0): Directory bread(block 416) failed
[  219.941929][ T9827] FAT-fs (loop0): Directory bread(block 417) failed
[  219.946643][ T9827] FAT-fs (loop0): Directory bread(block 418) failed
[  219.949512][ T9827] FAT-fs (loop0): Directory bread(block 419) failed
[  219.952439][ T9827] FAT-fs (loop0): Directory bread(block 420) failed
[  219.955463][ T9827] FAT-fs (loop0): Directory bread(block 421) failed
[  220.083611][   T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  220.233687][   T24] usb 5-1: Using ep0 maxpacket: 16
[  220.242448][   T24] usb 5-1: config 0 has an invalid interface number: 251 but max is 0
[  220.246603][   T24] usb 5-1: config 0 has no interface number 0
[  220.249286][   T24] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  220.260899][   T24] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  220.281588][   T24] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  220.285938][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.289432][   T24] usb 5-1: Product: syz
[  220.291205][   T24] usb 5-1: Manufacturer: syz
[  220.301441][   T24] usb 5-1: SerialNumber: syz
[  220.306599][   T24] usb 5-1: config 0 descriptor??
[  220.309137][ T9821] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  220.312099][ T9821] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  220.374502][ T9843] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  220.374502][ T9843] The task syz.0.1489 (9843) triggered the difference, watch for misbehavior.
[  220.533046][ T9821] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  220.536289][ T9821] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  220.653593][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  220.945575][   T24] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  220.949779][   T24] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71
[  220.954700][   T24] asix 5-1:0.251: probe with driver asix failed with error -71
[  220.960315][   T24] usb 5-1: USB disconnect, device number 11
[  221.606151][ T9865] loop4: detected capacity change from 0 to 512
[  221.641174][ T9865] EXT4-fs (loop4): 1 orphan inode deleted
[  221.647675][ T9865] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.653314][ T9865] ext4 filesystem being mounted at /240/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.664340][ T6426] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  221.668495][ T6426] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u9:6: Failed to release dquot type 1
[  221.704070][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  221.718487][ T7970] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.822310][ T9875] loop0: detected capacity change from 0 to 1024
[  222.389069][ T9892] loop4: detected capacity change from 0 to 32768
[  222.426597][   T33] audit: type=1800 audit(1756995339.805:136): pid=9892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1511" name="file1" dev="loop4" ino=4 res=0 errno=0
[  222.622287][ T9894] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  222.673389][ T9896] loop4: detected capacity change from 0 to 1024
[  222.689721][ T9896] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.696117][ T9896] ext4 filesystem being mounted at /248/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.708473][ T9896] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  222.717262][ T9896] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  222.723230][ T9896] EXT4-fs (loop4): This should not happen!! Data will be lost
[  222.723230][ T9896] 
[  222.729204][ T9896] EXT4-fs (loop4): Total free blocks count 0
[  222.731606][ T9896] EXT4-fs (loop4): Free/Dirty block details
[  222.734653][ T9896] EXT4-fs (loop4): free_blocks=4293918720
[  222.737005][ T9896] EXT4-fs (loop4): dirty_blocks=16
[  222.739163][ T9896] EXT4-fs (loop4): Block reservation details
[  222.741421][ T9896] EXT4-fs (loop4): i_reserved_data_blocks=1
[  222.743510][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  222.942324][ T9901] kAFS: No cell specified
[  223.513988][   T27] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 1: comm kworker/u10:0: lblock 1 mapped to illegal pblock 1 (length 3)
[  223.526827][   T27] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  223.773549][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  223.802194][ T9917] loop4: detected capacity change from 0 to 2048
[  223.806535][ T9917] EXT4-fs: Ignoring removed mblk_io_submit option
[  223.820334][ T9917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.930670][ T9922] loop0: detected capacity change from 0 to 512
[  223.948945][ T9922] EXT4-fs: Ignoring removed mblk_io_submit option
[  223.953018][ T9922] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  223.978918][ T9922] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.988773][ T7970] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.992803][ T9922] ext4 filesystem being mounted at /515/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.035961][ T5937] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.100128][ T9930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1524'.
[  224.109856][ T9930] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1524'.
[  224.305598][ T9938] loop4: detected capacity change from 0 to 1024
[  224.308667][ T9938] EXT4-fs: Ignoring removed oldalloc option
[  224.320893][ T9938] EXT4-fs: Ignoring removed bh option
[  224.331513][ T9938] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[  224.433186][ T9944] loop0: detected capacity change from 0 to 2048
[  224.439874][ T9944] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=66359, location=66359
[  224.452905][ T9944] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  224.813624][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  225.270482][ T9943] UDF-fs: warning (device loop0): udf_truncate_tail_extent: Too long extent after EOF in inode 1367: i_size: 2107777 lbcount: 2108928 extent 0+753664
[  225.651175][ T1095] kworker/u10:8: attempt to access beyond end of device
[  225.651175][ T1095] loop0: rw=1, sector=2048, nr_sectors = 1 limit=2048
[  225.656206][ T1095] buffer_io_error: 21 callbacks suppressed
[  225.656217][ T1095] Buffer I/O error on dev loop0, logical block 2048, lost async page write
[  225.661574][ T1095] kworker/u10:8: attempt to access beyond end of device
[  225.661574][ T1095] loop0: rw=1, sector=2048, nr_sectors = 1 limit=2048
[  225.667774][ T1095] Buffer I/O error on dev loop0, logical block 2048, lost async page write
[  225.671419][ T1095] kworker/u10:8: attempt to access beyond end of device
[  225.671419][ T1095] loop0: rw=1, sector=2049, nr_sectors = 1 limit=2048
[  225.677851][ T1095] Buffer I/O error on dev loop0, logical block 2049, lost async page write
[  225.863537][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  226.229677][ T9975] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1545'.
[  226.296023][ T9978] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  226.653000][ T9986] loop0: detected capacity change from 0 to 8
[  226.777530][ T9986] SQUASHFS error: xz decompression failed, data probably corrupt
[  226.802536][ T9986] SQUASHFS error: Failed to read block 0x108: -5
[  226.806039][ T9986] SQUASHFS error: Unable to read metadata cache entry [106]
[  226.808933][ T9986] SQUASHFS error: Unable to read inode 0x11f
[  226.903597][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  227.030885][ T5237] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  227.035146][ T5237] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  227.039963][ T5237] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  227.043253][ T5237] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  227.046594][ T5237] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  227.168488][ T9994] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1551'.
[  227.329885][ T9994] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  227.345584][ T9994] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  227.352700][ T9994] bond0 (unregistering): Released all slaves
[  227.554902][T10009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1557'.
[  227.589221][ T5946] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.607074][ T9990] chnl_net:caif_netlink_parms(): no params data found
[  227.767195][ T9990] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.770406][ T9990] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.777486][ T9990] bridge_slave_0: entered allmulticast mode
[  227.781362][ T9990] bridge_slave_0: entered promiscuous mode
[  227.832155][ T5946] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.843023][ T9990] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.846465][ T9990] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.849647][ T9990] bridge_slave_1: entered allmulticast mode
[  227.854095][ T9990] bridge_slave_1: entered promiscuous mode
[  227.943537][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  228.078180][T10016] loop0: detected capacity change from 0 to 256
[  228.099294][T10016] FAT-fs (loop0): bogus logical sector size 128
[  228.101539][T10016] FAT-fs (loop0): Can't find a valid FAT filesystem
[  228.207436][ T5946] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.219772][ T9990] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  228.229416][T10019] geneve2: entered promiscuous mode
[  228.238977][ T9990] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  228.321369][ T5946] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.351845][ T9990] team0: Port device team_slave_0 added
[  228.360056][ T9990] team0: Port device team_slave_1 added
[  228.392664][ T9990] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.395788][ T9990] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.409385][ T9990] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  228.429193][ T9990] batman_adv: batadv0: Adding interface: batadv_slave_1
[  228.434493][ T9990] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.444163][T10023] loop4: detected capacity change from 0 to 32768
[  228.447547][T10023] BTRFS warning: excessive commit interval 2147483647, use with care
[  228.451178][T10023] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1561 (10023)
[  228.456068][ T9990] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  228.467270][T10023] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  228.478664][T10023] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  228.486069][T10023] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  228.647489][T10023] BTRFS info (device loop4): rebuilding free space tree
[  228.698035][T10023] BTRFS info (device loop4): disabling free space tree
[  228.701051][T10023] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  228.734063][T10023] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  228.758788][ T9990] hsr_slave_0: entered promiscuous mode
[  228.764461][T10023] BTRFS info (device loop4): setting nodatasum
[  228.766946][T10023] BTRFS info (device loop4): enabling ssd optimizations
[  228.769658][T10023] BTRFS info (device loop4): turning off barriers
[  228.772241][T10023] BTRFS info (device loop4): turning on flush-on-commit
[  228.784178][ T9990] hsr_slave_1: entered promiscuous mode
[  228.787077][ T9990] debugfs: 'hsr0' already exists in 'hsr'
[  228.789447][ T9990] Cannot create hsr debugfs directory
[  228.798842][T10023] BTRFS info (device loop4): enabling disk space caching
[  228.801649][T10023] BTRFS info (device loop4): force clearing of disk cache
[  228.811116][T10023] BTRFS info (device loop4): doing ref verification
[  228.814240][T10023] BTRFS info (device loop4): max_inline set to 0
[  228.983543][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  229.031841][ T7970] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  229.081184][ T5946] bridge_slave_1: left allmulticast mode
[  229.092237][ T5946] bridge_slave_1: left promiscuous mode
[  229.103418][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.116502][T10052] loop0: detected capacity change from 0 to 64
[  229.134384][   T54] Bluetooth: hci3: command tx timeout
[  229.149925][ T5946] bridge_slave_0: left allmulticast mode
[  229.152243][ T5946] bridge_slave_0: left promiscuous mode
[  229.166567][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.407614][T10061] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1568'.
[  229.655598][ T5946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.662419][ T5946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.667715][ T5946] bond0 (unregistering): Released all slaves
[  229.772474][ T5946] bond1 (unregistering): Released all slaves
[  229.841598][T10065] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1569'.
[  230.013555][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  230.092779][T10075] loop4: detected capacity change from 0 to 1024
[  230.113270][T10075] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  230.200256][ T5946] hsr_slave_0: left promiscuous mode
[  230.202690][ T5946] hsr_slave_1: left promiscuous mode
[  230.217460][ T5946] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.221777][ T5946] batman_adv: batadv0: Removing interface: batadv_slave_0
[  230.233103][ T5946] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.237751][ T5946] batman_adv: batadv0: Removing interface: batadv_slave_1
[  230.249896][ T5946] veth1_macvtap: left promiscuous mode
[  230.252008][ T5946] veth0_macvtap: left promiscuous mode
[  230.257469][ T5946] veth1_vlan: left promiscuous mode
[  230.259148][ T5946] veth0_vlan: left promiscuous mode
[  230.323964][  T793] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  230.488177][  T793] usb 1-1: Using ep0 maxpacket: 32
[  230.500832][  T793] usb 1-1: New USB device found, idVendor=0d49, idProduct=7000, bcdDevice=26.2f
[  230.504868][  T793] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.507573][  T793] usb 1-1: Product: syz
[  230.509532][  T793] usb 1-1: Manufacturer: syz
[  230.511354][  T793] usb 1-1: SerialNumber: syz
[  230.515567][  T793] usb 1-1: config 0 descriptor??
[  230.521892][  T793] ums-onetouch 1-1:0.0: USB Mass Storage device detected
[  230.583368][  T793] usb 1-1: Found UVC 0.00 device syz (0d49:7000)
[  230.593760][  T793] usb 1-1: No valid video chain found.
[  230.727002][  T793] usb 1-1: USB disconnect, device number 20
[  230.746241][ T5946] team0 (unregistering): Port device team_slave_1 removed
[  230.787893][ T5946] team0 (unregistering): Port device team_slave_0 removed
[  231.053525][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  231.214334][   T54] Bluetooth: hci3: command tx timeout
[  231.288803][ T9990] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  231.361893][ T9990] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  231.377542][T10095] loop0: detected capacity change from 0 to 512
[  231.396751][ T9990] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  231.400838][T10095] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1579: casefold flag without casefold feature
[  231.417566][ T9990] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  231.425999][T10095] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1579: couldn't read orphan inode 15 (err -117)
[  231.456213][T10097] loop4: detected capacity change from 0 to 4096
[  231.457027][T10095] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.479510][T10097] NILFS (loop4): invalid segment: Checksum error in segment payload
[  231.482605][T10097] NILFS (loop4): trying rollback from an earlier position
[  231.577521][T10097] NILFS (loop4): recovery complete
[  231.585249][ T5937] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.609126][T10107] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  231.700386][ T5946] IPVS: stop unused estimator thread 0...
[  231.738807][ T9990] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.764153][ T9990] 8021q: adding VLAN 0 to HW filter on device team0
[  231.771222][ T6426] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.774109][ T6426] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.943010][ T5946] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.991375][ T6426] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.994530][ T6426] bridge0: port 2(bridge_slave_1) entered forwarding state
[  232.091439][ T5946] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.093589][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  232.193176][T10138] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1587'.
[  232.209389][ T5946] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.257573][    T9] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  232.402327][ T5946] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.423749][ T9990] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.516243][T10149] block device autoloading is deprecated and will be removed.
[  232.796855][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.800605][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  232.813576][    T9] usb 1-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00
[  232.817394][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.829494][    T9] usb 1-1: config 0 descriptor??
[  232.962450][ T5946] bridge_slave_1: left allmulticast mode
[  232.970975][ T5946] bridge_slave_1: left promiscuous mode
[  232.976771][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.992010][ T5946] bridge_slave_0: left allmulticast mode
[  232.994734][ T5946] bridge_slave_0: left promiscuous mode
[  232.997224][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.133560][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  233.294547][   T54] Bluetooth: hci3: command tx timeout
[  233.304131][    T9] wacom 0003:056A:0336.0009: hidraw0: USB HID v0.00 Device [HID 056a:0336] on usb-dummy_hcd.0-1/input0
[  233.452007][ T5946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  233.466057][ T5946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  233.486944][ T5946] bond0 (unregistering): Released all slaves
[  233.499541][   T51] usb 1-1: USB disconnect, device number 21
[  233.681654][ T5946] : left promiscuous mode
[  233.980323][ T9990] veth0_vlan: entered promiscuous mode
[  234.173554][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  234.197314][ T9990] veth1_vlan: entered promiscuous mode
[  234.350068][ T5946] hsr_slave_0: left promiscuous mode
[  234.358443][ T5946] hsr_slave_1: left promiscuous mode
[  234.369481][ T5946] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  234.373911][T10169] loop0: detected capacity change from 0 to 4096
[  234.376205][ T5946] batman_adv: batadv0: Removing interface: batadv_slave_0
[  234.382153][ T5946] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  234.391367][ T5946] batman_adv: batadv0: Removing interface: batadv_slave_1
[  234.442633][T10171] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  234.497937][ T5946] veth1_macvtap: left promiscuous mode
[  234.506157][ T5946] veth0_macvtap: left promiscuous mode
[  234.513702][T10169] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 648518346341351424
[  234.518152][ T5946] veth1_vlan: left promiscuous mode
[  234.520082][ T5946] veth0_vlan: left promiscuous mode
[  234.525377][T10169] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=12)
[  234.566131][T10169] Remounting filesystem read-only
[  234.573172][T10169] NILFS (loop0): error -5 truncating bmap (ino=12)
[  234.697619][ T5937] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  235.213560][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  235.373842][   T54] Bluetooth: hci3: command tx timeout
[  236.027989][ T5946] team0 (unregistering): Port device team_slave_1 removed
[  236.077834][ T5946] team0 (unregistering): Port device team_slave_0 removed
[  236.263548][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  236.501488][T10192] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1600'.
[  236.525216][ T9990] veth0_macvtap: entered promiscuous mode
[  236.563768][ T9990] veth1_macvtap: entered promiscuous mode
[  236.589135][ T9990] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.610579][T10200] loop4: detected capacity change from 0 to 16
[  236.618803][T10200] erofs (device loop4): mounted with root inode @ nid 36.
[  236.750723][ T9990] batman_adv: batadv0: Interface activated: batadv_slave_1
[  236.761149][   T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.774616][   T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.798426][T10202] erofs (device loop4): bogus lookback distance 1388 @ lcn 42 of nid 36
[  236.808990][   T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  236.812450][   T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  236.854856][T10202] erofs (device loop4): failed to decompress -29 in[58, 4038] out[1851]
[  236.860634][T10202] erofs (device loop4): read error -117 @ 43 of nid 36
[  237.293584][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  237.526881][  T783] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.554991][  T783] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.672278][T10211] loop0: detected capacity change from 0 to 256
[  237.762431][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.774976][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.782427][ T5946] IPVS: stop unused estimator thread 0...
[  238.333574][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  238.532465][T10247] loop0: detected capacity change from 0 to 128
[  238.548052][T10247] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  238.564598][T10247] ext4 filesystem being mounted at /568/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  238.672803][   T33] audit: type=1326 audit(1756995356.045:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10253 comm="syz.4.1616" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce2af8ebe9 code=0x0
[  238.712546][T10247] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  238.820643][ T5937] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  238.979359][T10272] vti0: entered promiscuous mode
[  238.983124][T10274] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1620'.
[  239.006108][T10274] batadv_slave_0: entered promiscuous mode
[  239.008993][T10274] batadv_slave_1: entered promiscuous mode
[  239.011493][T10274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.016056][T10274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.373820][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  239.754827][T10266] loop6: detected capacity change from 0 to 32768
[  240.413720][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  240.717758][T10292] loop4: detected capacity change from 0 to 4096
[  240.753198][T10292] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  240.889403][   T33] audit: type=1326 audit(1756995358.265:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10298 comm="syz.6.1628" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  240.906831][T10292] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  240.922612][   T33] audit: type=1326 audit(1756995358.265:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10298 comm="syz.6.1628" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  240.940038][T10302] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744073709510581)
[  240.944554][   T33] audit: type=1326 audit(1756995358.275:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10298 comm="syz.6.1628" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  240.944601][T10302] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  240.963855][   T33] audit: type=1326 audit(1756995358.295:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10298 comm="syz.6.1628" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  240.978465][   T33] audit: type=1326 audit(1756995358.305:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.6.1628" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc06f5c14a5 code=0x7ffc0000
[  241.003583][   T33] audit: type=1326 audit(1756995358.315:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10298 comm="syz.6.1628" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  241.011179][   T33] audit: type=1326 audit(1756995358.355:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10298 comm="syz.6.1628" exe="/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  241.083379][   T33] audit: type=1326 audit(1756995358.455:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.6.1628" exe="/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  241.097664][   T33] audit: type=1326 audit(1756995358.455:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10298 comm="syz.6.1628" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc06f52adb9 code=0x7ffc0000
[  241.252697][T10324] loop4: detected capacity change from 0 to 256
[  241.270841][T10324] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  241.374673][  T793] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  241.453665][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  241.523931][  T793] usb 7-1: Using ep0 maxpacket: 16
[  241.528331][T10344] loop4: detected capacity change from 0 to 512
[  241.529993][  T793] usb 7-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  241.553754][  T793] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.556608][  T793] usb 7-1: Product: syz
[  241.557764][T10344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.558366][  T793] usb 7-1: Manufacturer: syz
[  241.558377][  T793] usb 7-1: SerialNumber: syz
[  241.570668][  T793] usb 7-1: config 0 descriptor??
[  241.572610][T10344] ext4 filesystem being mounted at /303/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.582605][  T793] hub 7-1:0.0: bad descriptor, ignoring hub
[  241.597828][  T793] hub 7-1:0.0: probe with driver hub failed with error -5
[  241.617785][T10344] EXT4-fs (loop4): shut down requested (2)
[  241.658265][ T7970] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.663063][   T26] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  241.671461][   T26] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  241.675699][   T26] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  241.750495][T10359] validate_nla: 42 callbacks suppressed
[  241.750504][T10359] netlink: 'syz.0.1648': attribute type 2 has an invalid length.
[  241.757634][T10359] netlink: 'syz.0.1648': attribute type 8 has an invalid length.
[  241.761051][T10359] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1648'.
[  241.894408][  T793] usb 7-1: USB disconnect, device number 2
[  242.493698][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  242.549642][T10380] loop0: detected capacity change from 0 to 8192
[  242.589736][ T7259]  loop0: AHDI p1 p2 p4
[  242.606690][T10380]  loop0: AHDI p1 p2 p4
[  242.796038][T10387] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1659'.
[  242.815000][T10387] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1659'.
[  242.892869][T10391] netlink: 256 bytes leftover after parsing attributes in process `syz.6.1662'.
[  242.918943][T10393] loop4: detected capacity change from 0 to 512
[  242.957626][ T7259] udevd[7259]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  242.967835][ T5943] udevd[5943]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  242.986400][T10393] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.992227][T10393] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.019308][T10393] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  243.023741][T10398] openvswitch: netlink: Key type 29 is not supported
[  243.106813][ T7970] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.543508][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  243.670598][T10421] loop6: detected capacity change from 0 to 512
[  243.678619][T10421] EXT4-fs (loop6): 1 truncate cleaned up
[  243.691737][T10421] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.934256][    C0] vkms_vblank_simulate: vblank timer overrun
[  243.993276][T10427] EXT4-fs error (device loop6): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.6.1672: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  244.295284][T10435] ieee802154 phy0 wpan0: encryption failed: -22
[  244.376939][T10439] loop0: detected capacity change from 0 to 16
[  244.402646][T10439] erofs (device loop0): mounted with root inode @ nid 36.
[  244.584128][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  245.337347][T10452] loop4: detected capacity change from 0 to 128
[  245.370804][ T9990] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.471354][T10458] comedi comedi0: rti802: I/O port conflict (0xfffffffffffffbff,4)
[  245.613564][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  245.645323][T10472] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1693'.
[  245.648843][T10472] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1693'.
[  245.652472][T10472] netlink: 'syz.6.1693': attribute type 18 has an invalid length.
[  245.747093][T10481] bpf: Bad value for 'gid'
[  246.063674][    T9] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  246.171677][T10502] loop4: detected capacity change from 0 to 1024
[  246.173887][   T51] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  246.187623][T10502] EXT4-fs: Ignoring removed nomblk_io_submit option
[  246.213655][    T9] usb 1-1: Using ep0 maxpacket: 8
[  246.220587][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  246.226435][    T9] usb 1-1: config 4 interface 0 has no altsetting 0
[  246.232070][T10502] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.244237][    T9] usb 1-1: string descriptor 0 read error: -22
[  246.246518][    T9] usb 1-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  246.251430][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.262506][    T9] usb 1-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  246.275186][    T9] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  246.278966][    T9] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  246.281901][    T9] usb 1-1: media controller created
[  246.310654][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  246.365010][ T7970] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.373996][   T51] usb 7-1: Using ep0 maxpacket: 16
[  246.380580][   T51] usb 7-1: config 0 has an invalid descriptor of length 97, skipping remainder of the config
[  246.386631][   T51] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  246.390873][   T51] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[  246.395406][   T51] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 97, changing to 7
[  246.399616][   T51] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 24929, setting to 1024
[  246.405218][   T51] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  246.419042][   T51] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  246.422929][   T51] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  246.433601][   T51] usb 7-1: Manufacturer: syz
[  246.437570][   T51] usb 7-1: config 0 descriptor??
[  246.469293][    T9] zl10353_read_register: readreg error (reg=127, ret==0)
[  246.512446][    T9] usb 1-1: USB disconnect, device number 22
[  246.560753][T10513] loop4: detected capacity change from 0 to 128
[  246.567063][T10513] FAT-fs (loop4): Directory bread(block 414) failed
[  246.576460][T10513] FAT-fs (loop4): Directory bread(block 415) failed
[  246.584418][T10513] FAT-fs (loop4): Directory bread(block 416) failed
[  246.587036][T10513] FAT-fs (loop4): Directory bread(block 417) failed
[  246.589787][T10513] FAT-fs (loop4): Directory bread(block 418) failed
[  246.592380][T10513] FAT-fs (loop4): Directory bread(block 419) failed
[  246.596415][T10513] FAT-fs (loop4): Directory bread(block 420) failed
[  246.599000][T10513] FAT-fs (loop4): Directory bread(block 421) failed
[  246.647798][   T51] usb 7-1: USB disconnect, device number 3
[  246.663529][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  246.682960][   T33] kauditd_printk_skb: 8 callbacks suppressed
[  246.682973][   T33] audit: type=1326 audit(1756995364.055:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10517 comm="syz.4.1712" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce2af8ebe9 code=0x0
[  246.801020][T10522] trusted_key: encrypted_key: master key parameter is missing
[  247.315697][T10551] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1724'.
[  247.377916][T10554] netlink: 'syz.0.1725': attribute type 32 has an invalid length.
[  247.587295][T10566] loop0: detected capacity change from 0 to 1024
[  247.590137][T10566] EXT4-fs: Ignoring removed nomblk_io_submit option
[  247.622926][T10566] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.627627][T10566] ext4 filesystem being mounted at /601/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.657679][   T36] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  247.664126][T10546] loop6: detected capacity change from 0 to 32768
[  247.677884][   T36] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  247.686073][   T36] EXT4-fs (loop0): This should not happen!! Data will be lost
[  247.686073][   T36] 
[  247.690434][   T36] EXT4-fs (loop0): Total free blocks count 0
[  247.691813][T10546] XFS (loop6): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  247.693190][   T36] EXT4-fs (loop0): Free/Dirty block details
[  247.696689][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  247.705235][   T36] EXT4-fs (loop0): free_blocks=4293918720
[  247.707636][   T36] EXT4-fs (loop0): dirty_blocks=64
[  247.709779][   T36] EXT4-fs (loop0): Block reservation details
[  247.712376][   T36] EXT4-fs (loop0): i_reserved_data_blocks=4
[  247.716971][T10546] XFS (loop6): Log size 516 blocks too small, minimum size is 636 blocks
[  247.720401][T10546] XFS (loop6): AAIEEE! Log failed size checks. Abort!
[  247.724876][ T5937] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.776672][T10546] XFS (loop6): log mount failed
[  248.429122][T10615] loop4: detected capacity change from 0 to 256
[  248.447269][T10615] FAT-fs (loop4): Directory bread(block 64) failed
[  248.449349][T10615] FAT-fs (loop4): Directory bread(block 65) failed
[  248.451549][T10615] FAT-fs (loop4): Directory bread(block 66) failed
[  248.454055][T10615] FAT-fs (loop4): Directory bread(block 67) failed
[  248.456390][T10615] FAT-fs (loop4): Directory bread(block 68) failed
[  248.458413][T10615] FAT-fs (loop4): Directory bread(block 69) failed
[  248.460845][T10615] FAT-fs (loop4): Directory bread(block 70) failed
[  248.464507][T10615] FAT-fs (loop4): Directory bread(block 71) failed
[  248.467612][T10615] FAT-fs (loop4): Directory bread(block 72) failed
[  248.470009][T10615] FAT-fs (loop4): Directory bread(block 73) failed
[  248.534473][   T33] audit: type=1326 audit(1756995365.915:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.6.1749" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc06f58ebe9 code=0x0
[  248.743536][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  248.939451][T10628] loop4: detected capacity change from 0 to 4096
[  249.372158][T10633] loop4: detected capacity change from 0 to 32768
[  249.382665][T10633] XFS: noikeep mount option is deprecated.
[  249.422545][T10633] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  249.436510][T10646] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1754'.
[  249.467574][T10633] XFS (loop4): Ending clean mount
[  249.478632][T10633] XFS (loop4): Quotacheck needed: Please wait.
[  249.501196][T10650] loop0: detected capacity change from 0 to 136
[  249.534959][T10633] XFS (loop4): Quotacheck: Done.
[  249.596518][ T5937] iso9660: Corrupted directory entry in block 2 of inode 1472
[  249.607648][ T7970] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  249.629641][ T5937] iso9660: Corrupted directory entry in block 2 of inode 1472
[  249.785731][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  250.420650][T10674] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1766'.
[  250.425156][T10675] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1765'.
[  250.604623][T10685] loop0: detected capacity change from 0 to 2048
[  250.630949][T10688] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  250.631646][   T33] audit: type=1800 audit(1756995368.005:152): pid=10685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1770" name="file1" dev="loop0" ino=15 res=0 errno=0
[  250.723669][ T5998] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  250.822563][T10699] loop6: detected capacity change from 0 to 512
[  250.823562][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  250.828772][T10699] EXT4-fs: Ignoring removed orlov option
[  250.833221][T10699] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  250.839898][T10699] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  250.843904][T10699] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.1777: corrupted in-inode xattr: e_value size too large
[  250.850773][T10699] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.1777: couldn't read orphan inode 15 (err -117)
[  250.858509][T10699] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.891235][ T9990] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.915552][ T5998] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.920012][ T5998] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.936057][ T5998] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  250.957059][ T5998] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  250.961566][ T5998] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.972943][ T5998] usb 5-1: config 0 descriptor??
[  251.004913][    T9] kernel write not supported for file /input/mouse0 (pid: 9 comm: kworker/0:0)
[  251.219424][T10719] loop0: detected capacity change from 0 to 1024
[  251.382756][ T5998] plantronics 0003:047F:FFFF.000A: reserved main item tag 0xd
[  251.406441][ T5998] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  251.592165][T10677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  251.608866][T10677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  251.660193][T10746] loop6: detected capacity change from 0 to 2048
[  251.693538][ T5983] usb 5-1: USB disconnect, device number 12
[  251.695563][T10746] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.712240][T10746] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.730057][   T33] audit: type=1800 audit(1756995369.105:153): pid=10746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1792" name="file1" dev="loop6" ino=15 res=0 errno=0
[  251.806351][ T9990] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.853538][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  252.092030][T10765] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1795'.
[  252.134974][T10767] trusted_key: encrypted_key: insufficient parameters specified
[  252.150933][   T60] delete_channel: no stack
[  252.195547][T10771] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1798'.
[  252.339090][T10778] sctp: [Deprecated]: syz.6.1802 (pid 10778) Use of struct sctp_assoc_value in delayed_ack socket option.
[  252.339090][T10778] Use struct sctp_sack_info instead
[  252.744595][T10794] loop6: detected capacity change from 0 to 32768
[  252.751395][T10794] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1809 (10794)
[  252.762724][T10794] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  252.767437][T10794] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  252.841025][T10794] BTRFS info (device loop6): rebuilding free space tree
[  252.856645][T10794] BTRFS info (device loop6): allowing degraded mounts
[  252.860055][T10794] BTRFS info (device loop6): enabling ssd optimizations
[  252.863276][T10794] BTRFS info (device loop6): enabling free space tree
[  252.868967][T10794] BTRFS info (device loop6): force clearing of disk cache
[  252.872137][T10794] BTRFS info (device loop6): use zstd compression, level 3
[  252.875749][T10794] BTRFS info (device loop6): max_inline set to 0
[  252.893702][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  252.898282][ T5983] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  252.937298][ T9990] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  253.063968][ T5983] usb 5-1: Using ep0 maxpacket: 16
[  253.089401][ T5983] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  253.093189][ T5983] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.104124][ T5983] usb 5-1: Product: syz
[  253.105942][ T5983] usb 5-1: Manufacturer: syz
[  253.107863][ T5983] usb 5-1: SerialNumber: syz
[  253.151883][T10824] loop6: detected capacity change from 0 to 512
[  253.157251][T10824] EXT4-fs (loop6): Test dummy encryption mode enabled
[  253.161026][ T5983] r8152-cfgselector 5-1: Unknown version 0x0000
[  253.167334][ T5983] r8152-cfgselector 5-1: config 0 descriptor??
[  253.167486][T10824] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  253.185638][T10824] EXT4-fs (loop6): 1 truncate cleaned up
[  253.188732][T10824] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.232385][ T9990] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.246788][T10828] loop0: detected capacity change from 0 to 1024
[  253.278449][T10828] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  253.284183][T10828] ext4 filesystem being mounted at /642/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.312656][T10828] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: comm syz.0.1817: lblock 0 mapped to illegal pblock 0 (length 6)
[  253.342481][T10828] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 3: comm syz.0.1817: lblock 3 mapped to illegal pblock 3 (length 3)
[  253.348860][T10828] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  253.351297][T10836] vivid-000: disconnect
[  253.355874][T10828] EXT4-fs (loop0): This should not happen!! Data will be lost
[  253.355874][T10828] 
[  253.360284][T10835] vivid-000: reconnect
[  253.379655][ T5983] r8152-cfgselector 5-1: Unknown version 0x0000
[  253.382088][ T5983] r8152-cfgselector 5-1: bad CDC descriptors
[  253.388316][ T1092] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 8: comm kworker/u10:7: lblock 8 mapped to illegal pblock 8 (length 8)
[  253.395069][ T1092] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  253.400605][ T1092] EXT4-fs (loop0): This should not happen!! Data will be lost
[  253.400605][ T1092] 
[  253.408320][ T5937] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  253.582394][ T5983] r8152-cfgselector 5-1: USB disconnect, device number 13
[  253.641513][T10850] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1826'.
[  253.804612][ T5998] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  253.933536][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  253.970736][ T5998] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  253.974807][ T5998] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  253.978678][ T5998] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  253.982352][ T5998] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  253.986665][ T5998] usb 7-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  253.990123][ T5998] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.995696][ T5998] usb 7-1: config 0 descriptor??
[  254.023685][ T5983] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  254.275762][ T5998] hdpvr 7-1:0.0: firmware version 0x1e dated 
[  254.293559][ T5983] usb 1-1: Using ep0 maxpacket: 32
[  254.296979][ T5983] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 134, changing to 11
[  254.301314][ T5983] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 2047, setting to 1024
[  254.305564][ T5983] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  254.310673][ T5983] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  254.314128][ T5983] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.316779][ T5983] usb 1-1: Product: syz
[  254.318429][ T5983] usb 1-1: Manufacturer: syz
[  254.320310][ T5983] usb 1-1: SerialNumber: syz
[  254.689201][ T5998] hdpvr 7-1:0.0: device init failed
[  254.691501][ T5998] hdpvr 7-1:0.0: probe with driver hdpvr failed with error -12
[  254.694959][ T5983] cdc_ncm 1-1:1.0: bind() failure
[  254.701140][ T5983] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  254.705985][ T5983] cdc_ncm 1-1:1.1: bind() failure
[  254.710722][ T5998] usb 7-1: USB disconnect, device number 4
[  254.714728][ T5983] usb 1-1: USB disconnect, device number 23
[  254.974310][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  255.469004][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  255.667690][T10868] loop4: detected capacity change from 0 to 40427
[  255.681012][T10868] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  255.683869][T10868] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  255.765437][T10868] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  255.770849][T10868] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  255.777729][T10868] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  255.816820][ T7970] syz-executor: attempt to access beyond end of device
[  255.816820][ T7970] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  255.822594][ T7970] CPU: 1 UID: 0 PID: 7970 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  255.822609][ T7970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  255.822616][ T7970] Call Trace:
[  255.822621][ T7970]  <TASK>
[  255.822627][ T7970]  dump_stack_lvl+0x189/0x250
[  255.822648][ T7970]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.822661][ T7970]  ? __pfx_queue_work_on+0x10/0x10
[  255.822673][ T7970]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  255.822689][ T7970]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  255.822713][ T7970]  f2fs_handle_critical_error+0x37c/0x540
[  255.822735][ T7970]  f2fs_write_end_io+0x886/0xb60
[  255.822760][ T7970]  __submit_merged_bio+0x27a/0x6a0
[  255.822782][ T7970]  __submit_merged_write_cond+0x255/0x530
[  255.822804][ T7970]  f2fs_write_data_pages+0x261d/0x3000
[  255.822850][ T7970]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  255.822878][ T7970]  ? rcu_is_watching+0x15/0xb0
[  255.822918][ T7970]  ? __pfx___schedule+0x10/0x10
[  255.822950][ T7970]  ? preempt_schedule+0xae/0xc0
[  255.822967][ T7970]  ? preempt_schedule_common+0x83/0xd0
[  255.822983][ T7970]  ? preempt_schedule+0xae/0xc0
[  255.822998][ T7970]  ? __pfx_preempt_schedule+0x10/0x10
[  255.823011][ T7970]  ? do_raw_spin_lock+0x121/0x290
[  255.823038][ T7970]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  255.823057][ T7970]  do_writepages+0x32e/0x550
[  255.823110][ T7970]  ? do_raw_spin_unlock+0x4d/0x240
[  255.823130][ T7970]  filemap_fdatawrite+0x199/0x240
[  255.823146][ T7970]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  255.823202][ T7970]  ? do_raw_spin_unlock+0x4d/0x240
[  255.823220][ T7970]  f2fs_sync_dirty_inodes+0x31f/0x830
[  255.823245][ T7970]  f2fs_write_checkpoint+0x95a/0x1df0
[  255.823277][ T7970]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  255.823332][ T7970]  ? call_rcu+0x6ff/0x9c0
[  255.823344][ T7970]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.823361][ T7970]  ? kill_f2fs_super+0x298/0x6c0
[  255.823378][ T7970]  kill_f2fs_super+0x2c3/0x6c0
[  255.823395][ T7970]  ? __pfx_kill_f2fs_super+0x10/0x10
[  255.823404][ T7970]  ? radix_tree_delete_item+0x2b6/0x400
[  255.823426][ T7970]  ? shrinker_free+0x2ce/0x3e0
[  255.823460][ T7970]  deactivate_locked_super+0xbc/0x130
[  255.823477][ T7970]  cleanup_mnt+0x425/0x4c0
[  255.823492][ T7970]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.823508][ T7970]  task_work_run+0x1d4/0x260
[  255.823526][ T7970]  ? __pfx_task_work_run+0x10/0x10
[  255.823537][ T7970]  ? __x64_sys_umount+0x122/0x160
[  255.823556][ T7970]  ? exit_to_user_mode_loop+0x40/0x110
[  255.823575][ T7970]  exit_to_user_mode_loop+0xec/0x110
[  255.823591][ T7970]  do_syscall_64+0x2bd/0x3b0
[  255.823601][ T7970]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.823616][ T7970]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.823627][ T7970]  ? exc_page_fault+0x9f/0xf0
[  255.823645][ T7970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.823655][ T7970] RIP: 0033:0x7fce2af8ff17
[  255.823666][ T7970] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  255.823676][ T7970] RSP: 002b:00007fffbbefb608 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  255.823689][ T7970] RAX: 0000000000000000 RBX: 00007fce2b011c05 RCX: 00007fce2af8ff17
[  255.823697][ T7970] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbbefb6c0
[  255.823704][ T7970] RBP: 00007fffbbefb6c0 R08: 0000000000000000 R09: 0000000000000000
[  255.823710][ T7970] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbbefc750
[  255.823718][ T7970] R13: 00007fce2b011c05 R14: 000000000003e6be R15: 00007fffbbefc790
[  255.823741][ T7970]  </TASK>
[  256.008587][T10888] loop0: detected capacity change from 0 to 32768
[  256.016809][T10888] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1842 (10888)
[  256.023533][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  256.027236][T10888] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  256.031523][T10888] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  256.035176][T10888] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  256.087270][ T7970] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  256.245209][T10888] BTRFS info (device loop0): rebuilding free space tree
[  256.264503][T10888] BTRFS info (device loop0): disabling free space tree
[  256.267394][T10888] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  256.271364][T10888] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  256.284534][T10888] BTRFS info (device loop0): setting nodatasum
[  256.287236][T10888] BTRFS info (device loop0): setting nodatacow
[  256.289471][T10888] BTRFS info (device loop0): enabling ssd optimizations
[  256.292016][T10888] BTRFS info (device loop0): turning off barriers
[  256.294693][T10888] BTRFS info (device loop0): enabling disk space caching
[  256.297649][T10888] BTRFS info (device loop0): force clearing of disk cache
[  256.300564][T10888] BTRFS info (device loop0): doing ref verification
[  256.303337][T10888] BTRFS info (device loop0): max_inline set to 4096
[  256.318799][T10912] loop6: detected capacity change from 0 to 256
[  256.368033][ T5937] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  256.618995][T10918] loop4: detected capacity change from 0 to 1024
[  256.622051][T10918] hfsplus: Unknown parameter '01777777777777777777777'
[  256.654141][   T54] Bluetooth: hci0: unexpected event for opcode 0x2011
[  256.673581][   T60] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  256.769932][T10927] netlink: 'syz.0.1852': attribute type 30 has an invalid length.
[  256.806264][T10929] netlink: 'syz.0.1853': attribute type 29 has an invalid length.
[  256.810488][T10929] netlink: 'syz.0.1853': attribute type 29 has an invalid length.
[  256.834538][   T60] usb 7-1: Using ep0 maxpacket: 32
[  256.843959][   T60] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  256.855583][   T60] usb 7-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  256.874277][   T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.887924][   T60] usb 7-1: config 0 descriptor??
[  257.053574][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  257.303985][   T60] zydacron 0003:13EC:0006.000B: unknown main item tag 0x0
[  257.308383][   T60] zydacron 0003:13EC:0006.000B: unknown main item tag 0x0
[  257.313694][   T60] zydacron 0003:13EC:0006.000B: unknown main item tag 0x0
[  257.322014][   T60] zydacron 0003:13EC:0006.000B: hidraw0: USB HID v0.00 Device [HID 13ec:0006] on usb-dummy_hcd.6-1/input0
[  257.502897][T10194] usb 7-1: USB disconnect, device number 5
[  257.851224][T10970] loop4: detected capacity change from 0 to 32768
[  257.862323][T10970] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  257.880593][T10970] XFS (loop4): Ending clean mount
[  257.889582][T10970] XFS (loop4): Quotacheck needed: Please wait.
[  257.918814][T10970] XFS (loop4): Quotacheck: Done.
[  257.936394][   T33] audit: type=1800 audit(1756995375.315:154): pid=10970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1873" name="file1" dev="loop4" ino=6150 res=0 errno=0
[  257.966111][ T7970] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  258.103538][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  258.152769][T10985] loop6: detected capacity change from 0 to 256
[  258.177131][T10985] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  258.329471][T10989] loop4: detected capacity change from 0 to 8192
[  258.386185][ T6144] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  258.390356][ T6144] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  258.393888][ T6144]  loop4: unable to read partition table
[  258.398883][T10989] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  258.403000][T10989] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  258.408091][T10989]  loop4: unable to read partition table
[  258.412079][T10989] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[  258.425357][ T5296] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  258.429719][ T5296] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  258.435700][ T5296]  loop4: unable to read partition table
[  258.647744][T11006] loop4: detected capacity change from 0 to 2048
[  258.662324][T11010] netlink: 'syz.0.1887': attribute type 21 has an invalid length.
[  258.667472][T11010] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1887'.
[  258.672248][T11010] netlink: 'syz.0.1887': attribute type 1 has an invalid length.
[  258.677654][T11006] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  258.686633][T11006] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  258.726335][T11012] loop6: detected capacity change from 0 to 2048
[  258.750375][T11012] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  259.109886][T11014] loop0: detected capacity change from 0 to 32768
[  259.128415][T11014] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1889 (11014)
[  259.143530][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  259.169553][T11014] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  259.184515][T11014] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  259.265715][T11014] BTRFS info (device loop0): enabling ssd optimizations
[  259.268583][T11014] BTRFS info (device loop0): enabling free space tree
[  259.295115][   T33] audit: type=1800 audit(1756995376.665:155): pid=11014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1889" name="bus" dev="loop0" ino=263 res=0 errno=0
[  259.302933][   T33] audit: type=1800 audit(1756995376.675:156): pid=11014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1889" name="bus" dev="loop0" ino=263 res=0 errno=0
[  259.385633][T11045] random: crng reseeded on system resumption
[  259.618509][T11022] loop4: detected capacity change from 0 to 32768
[  259.634264][T11022] find_entry called with index = 0
[  259.650067][T11022] overlayfs: upper fs needs to support d_type.
[  259.653169][T11022] overlayfs: upper fs does not support tmpfile.
[  259.667926][T11022] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  259.719758][ T5937] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  260.014078][ T5983] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  260.076978][T11061] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.1905'.
[  260.080173][T11061] netlink: 6320 bytes leftover after parsing attributes in process `syz.0.1905'.
[  260.167808][ T5983] usb 7-1: Using ep0 maxpacket: 8
[  260.178183][ T5983] usb 7-1: unable to get BOS descriptor or descriptor too short
[  260.183528][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  260.192211][ T5983] usb 7-1: config 246 has an invalid interface number: 233 but max is 0
[  260.198212][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.204004][ T5983] usb 7-1: config 246 has no interface number 0
[  260.208391][ T5983] usb 7-1: config 246 interface 233 has no altsetting 0
[  260.218659][ T5983] usb 7-1: New USB device found, idVendor=0b05, idProduct=18f0, bcdDevice=af.9c
[  260.228189][ T5983] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.245244][ T5983] usb 7-1: Product: syz
[  260.246852][ T5983] usb 7-1: Manufacturer: ࠌ
[  260.248604][ T5983] usb 7-1: SerialNumber: syz
[  260.320417][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.427522][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.476450][ T5983] usb 7-1: USB disconnect, device number 6
[  260.531432][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.608590][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  260.616710][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  260.620541][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  260.627770][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  260.632241][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  260.887534][T11073] chnl_net:caif_netlink_parms(): no params data found
[  260.996930][T11073] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.000118][T11073] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.017222][T11073] bridge_slave_0: entered allmulticast mode
[  261.078983][T11073] bridge_slave_0: entered promiscuous mode
[  261.151169][T11073] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.166966][T11073] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.190707][T11073] bridge_slave_1: entered allmulticast mode
[  261.214339][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  261.266017][T11073] bridge_slave_1: entered promiscuous mode
[  261.317087][T11073] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  261.326615][T11073] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  261.369520][T11073] team0: Port device team_slave_0 added
[  261.375237][T11073] team0: Port device team_slave_1 added
[  261.406285][T11073] batman_adv: batadv0: Adding interface: batadv_slave_0
[  261.409267][T11073] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.420179][T11073] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  261.427164][T11073] batman_adv: batadv0: Adding interface: batadv_slave_1
[  261.430065][T11073] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.440966][T11073] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  261.474268][T11073] hsr_slave_0: entered promiscuous mode
[  261.477388][T11073] hsr_slave_1: entered promiscuous mode
[  261.480584][T11073] debugfs: 'hsr0' already exists in 'hsr'
[  261.483128][T11073] Cannot create hsr debugfs directory
[  261.553696][ T5849] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  261.640921][T11073] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  261.646103][T11073] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  261.651613][T11073] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  261.671585][T11073] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  261.748609][T11073] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.753629][ T5849] usb 7-1: Using ep0 maxpacket: 8
[  261.760827][T11106] loop0: detected capacity change from 0 to 16
[  261.766989][T11106] erofs (device loop0): mounted with root inode @ nid 36.
[  261.769660][ T5849] usb 7-1: unable to get BOS descriptor or descriptor too short
[  261.785672][ T5849] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  261.792458][ T5849] usb 7-1: config 1 has no interface number 1
[  261.801640][ T5849] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  261.802489][T11073] 8021q: adding VLAN 0 to HW filter on device team0
[  261.807185][ T5849] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[  261.816556][ T5849] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  261.820067][ T5849] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.825514][ T5849] usb 7-1: Product: syz
[  261.827373][ T5849] usb 7-1: Manufacturer: syz
[  261.829318][ T5849] usb 7-1: SerialNumber: syz
[  261.830007][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.834185][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.868069][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.870484][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.892657][T11108] veth0: entered promiscuous mode
[  261.895967][T11107] veth0: left promiscuous mode
[  262.035410][T11073] 8021q: adding VLAN 0 to HW filter on device batadv0
[  262.077181][ T5849] usb 7-1: 2:1 : no UAC_FORMAT_TYPE desc
[  262.095087][ T5849] usb 7-1: USB disconnect, device number 7
[  262.253542][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  262.268052][T11073] veth0_vlan: entered promiscuous mode
[  262.277800][T11073] veth1_vlan: entered promiscuous mode
[  262.329842][T11073] veth0_macvtap: entered promiscuous mode
[  262.333326][T11120] loop0: detected capacity change from 0 to 32768
[  262.354856][T11120] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1925 (11120)
[  262.401909][T11120] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  262.411722][T11120] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  262.411942][T11073] veth1_macvtap: entered promiscuous mode
[  262.424639][   T12] bridge_slave_1: left allmulticast mode
[  262.426934][   T12] bridge_slave_1: left promiscuous mode
[  262.437079][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.447870][   T12] bridge_slave_0: left allmulticast mode
[  262.450480][   T12] bridge_slave_0: left promiscuous mode
[  262.452949][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.545623][T11120] BTRFS info (device loop0): enabling ssd optimizations
[  262.548331][T11120] BTRFS info (device loop0): enabling free space tree
[  262.551097][T11120] BTRFS info (device loop0): use lzo compression, level 0
[  262.583580][   T33] audit: type=1800 audit(1756995379.945:157): pid=11120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1925" name="file1" dev="loop0" ino=260 res=0 errno=0
[  262.733669][   T54] Bluetooth: hci0: command tx timeout
[  262.987859][ T5937] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  263.293617][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  263.321842][T11073] batman_adv: batadv0: Interface activated: batadv_slave_0
[  263.331143][T11164] loop6: detected capacity change from 0 to 512
[  263.369856][T11073] batman_adv: batadv0: Interface activated: batadv_slave_1
[  263.403804][T11164] FAT-fs (loop6): error, corrupted directory (invalid entries)
[  263.424287][ T5708] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.427964][ T5708] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.457213][ T5708] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.460795][ T5708] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.570380][T11167] loop0: detected capacity change from 0 to 4096
[  263.613659][T11167] ntfs3(loop0): Unsupported bytes per MFT record 8192.
[  263.641377][T11167] ntfs3(loop0): try to read out of volume at offset 0x1ffe00
[  263.697487][T11167] ISOFS: Unable to identify CD-ROM format.
[  263.811587][   T12] batadv_slave_0: left promiscuous mode
[  263.814368][ T1095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  263.814398][ T1095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  263.832081][   T12] batadv_slave_1: left promiscuous mode
[  263.842863][   T12] hsr_slave_0: left promiscuous mode
[  263.848925][   T12] hsr_slave_1: left promiscuous mode
[  263.852410][T11175] loop6: detected capacity change from 0 to 16
[  263.854047][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  263.863699][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  263.875138][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  263.878039][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  263.910933][   T12] veth1_macvtap: left promiscuous mode
[  263.913340][   T12] veth0_macvtap: left promiscuous mode
[  263.916582][   T12] veth1_vlan: left promiscuous mode
[  263.918950][   T12] veth0_vlan: left promiscuous mode
[  264.082873][T11175] erofs (device loop6): mounted with root inode @ nid 36.
[  264.343703][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  264.370348][T11187] loop6: detected capacity change from 0 to 164
[  264.380199][T11187] rock: directory entry would overflow storage
[  264.383409][T11187] rock: sig=0x66, size=4, remaining=3
[  264.398366][T11187] rock: directory entry would overflow storage
[  264.413892][T11187] rock: sig=0x66, size=4, remaining=3
[  264.611029][   T12] team0 (unregistering): Port device team_slave_1 removed
[  264.649535][   T12] team0 (unregistering): Port device team_slave_0 removed
[  264.809358][   T54] Bluetooth: hci0: command tx timeout
[  265.131076][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  265.142526][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  265.351047][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  265.361672][T11205] loop0: detected capacity change from 0 to 8
[  265.422708][T11205] unable to read inode lookup table
[  265.432974][   T12] IPVS: stop unused estimator thread 0...
[  265.455278][T11210] loop6: detected capacity change from 0 to 256
[  265.460394][T11210] exfat: Deprecated parameter 'namecase'
[  265.471567][T11210] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d)
[  265.606434][ T5998] hid-generic 0005:15C2:3010.000C: item fetching failed at offset 0/1
[  265.610645][ T5998] hid-generic 0005:15C2:3010.000C: probe with driver hid-generic failed with error -22
[  265.699857][T11228] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1954'.
[  265.704712][T11228] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1954'.
[  265.713680][T11228] macvlan3: entered promiscuous mode
[  265.981414][T11236] loop6: detected capacity change from 0 to 4096
[  266.014534][T11232] loop0: detected capacity change from 0 to 4096
[  266.361141][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  266.747668][T11246] openvswitch: netlink: VXLAN extension 2 out of range max 1
[  266.828020][   T54] Bluetooth: hci0: command tx timeout
[  266.954291][T11251] netlink: 392 bytes leftover after parsing attributes in process `syz.6.1962'.
[  267.028825][T11254] sctp: [Deprecated]: syz.0.1963 (pid 11254) Use of struct sctp_assoc_value in delayed_ack socket option.
[  267.028825][T11254] Use struct sctp_sack_info instead
[  267.372816][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  267.551645][T11271] loop7: detected capacity change from 0 to 2048
[  267.585961][T11271] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  267.590814][T11268] loop6: detected capacity change from 0 to 32768
[  267.736852][T11268] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  267.736871][T11268]   allowing incompatible features above 0.0: (unknown version)
[  267.736879][T11268]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  267.755745][T11268] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  267.759072][T11268] bcachefs (loop6): initializing new filesystem
[  267.768363][T11268] bcachefs (loop6): going read-write
[  267.786220][T11268] bcachefs (loop6): marking superblocks
[  267.794044][T11268] bcachefs (loop6): initializing freespace
[  267.799116][T11268] bcachefs (loop6): done initializing freespace
[  267.803770][T11268] bcachefs (loop6): reading snapshots table
[  267.806403][T11268] bcachefs (loop6): reading snapshots done
[  267.892205][T11268] bcachefs (loop6): done starting filesystem
[  267.989226][T11291] loop0: detected capacity change from 0 to 512
[  268.396137][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  268.647753][T11291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.664622][T11291] ext4 filesystem being mounted at /706/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  268.711352][ T9990] bcachefs (loop6): shutting down
[  268.717868][ T9990] bcachefs (loop6): going read-only
[  268.743297][ T5937] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.749453][ T9990] bcachefs (loop6): finished waiting for writes to stop
[  268.795593][ T9990] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[  268.855304][   T54] Bluetooth: hci0: command tx timeout
[  268.924665][ T9990] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 3
[  268.951531][ T9990] bcachefs (loop6): clean shutdown complete, journal seq 4
[  268.958419][ T9990] bcachefs (loop6): marking filesystem clean
[  268.999844][ T9990] bcachefs (loop6): shutdown complete
[  269.411606][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  269.433930][T11323] loop7: detected capacity change from 0 to 2048
[  269.510940][T11323] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.528894][T11323] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  269.672181][T11073] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.090272][T11318] loop0: detected capacity change from 0 to 262144
[  270.093353][T11318] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1982 (11318)
[  270.100111][T11318] BTRFS info (device loop0): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  270.103842][T11318] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  270.221589][T11318] BTRFS info (device loop0): enabling ssd optimizations
[  270.224589][T11318] BTRFS info (device loop0): enabling free space tree
[  270.248076][   T33] audit: type=1800 audit(1756995387.776:158): pid=11318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1982" name="file1" dev="loop0" ino=260 res=0 errno=0
[  270.428261][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  270.532675][ T5937] BTRFS info (device loop0): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  270.642792][T11357] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1992'.
[  270.739725][T11361] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  270.752771][T11361] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  270.762148][T11361] bridge_slave_0: default FDB implementation only supports local addresses
[  271.228307][T11380] loop0: detected capacity change from 0 to 1024
[  271.282689][T11380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  271.300865][T11380] ext4 filesystem being mounted at /712/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.323584][T11380] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 3)
[  271.328478][T11380] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  271.342576][T11380] EXT4-fs (loop0): This should not happen!! Data will be lost
[  271.342576][T11380] 
[  271.354211][T11380] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 1)
[  271.372985][T11380] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 1)
[  271.378813][T11380] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 1)
[  271.387299][T11380] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 1)
[  271.393597][T11380] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 1)
[  271.400291][T11380] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 1)
[  271.408405][T11380] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 1)
[  271.414766][T11380] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 1)
[  271.421178][T11380] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.2002: lblock 3 mapped to illegal pblock 3 (length 1)
[  271.436897][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  271.679867][T11396] loop6: detected capacity change from 0 to 2048
[  271.711243][T11396] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  272.117357][   T28] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  272.127659][   T28] EXT4-fs (loop0): This should not happen!! Data will be lost
[  272.127659][   T28] 
[  272.141307][ T5937] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  272.198234][T11400] syzkaller1: tun_chr_ioctl cmd 2147767520
[  272.364014][T11403] loop0: detected capacity change from 0 to 128
[  272.466382][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  272.635075][T11409] loop0: detected capacity change from 0 to 32768
[  272.639698][T11409] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2011 (11409)
[  272.650726][T11409] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  272.654721][T11409] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  272.762433][T11409] BTRFS info (device loop0): rebuilding free space tree
[  272.776623][T11409] BTRFS info (device loop0): enabling ssd optimizations
[  272.779513][T11409] BTRFS info (device loop0): turning on sync discard
[  272.783855][T11409] BTRFS info (device loop0): enabling free space tree
[  272.786700][T11409] BTRFS info (device loop0): force clearing of disk cache
[  272.789682][T11409] BTRFS info (device loop0): enabling auto defrag
[  272.792396][T11409] BTRFS info (device loop0): max_inline set to 0
[  272.817463][T11431] loop6: detected capacity change from 0 to 1024
[  272.982163][ T5937] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  273.461460][T11447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2021'.
[  273.466434][T11449] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2023'.
[  273.477482][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  273.697574][T11472] hfsplus: unable to find HFS+ superblock
[  273.709425][T11474] loop0: detected capacity change from 0 to 128
[  273.727745][T11474] vxfs: unable to set final block size
[  274.509533][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  275.234484][T11538] ip6gretap1: entered promiscuous mode
[  275.237030][T11538] ip6gretap1: entered allmulticast mode
[  275.245458][T11542] loop0: detected capacity change from 0 to 512
[  275.274376][T11542] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  275.281351][T11542] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002]
[  275.284797][T11542] System zones: 1-12
[  275.286506][T11542] EXT4-fs (loop0): Can't support bigalloc feature without extents feature
[  275.286506][T11542] 
[  275.293605][T11545] loop6: detected capacity change from 0 to 64
[  275.306616][T11542] EXT4-fs (loop0): Skipping orphan cleanup due to unknown ROCOMPAT features
[  275.310076][T11542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  275.327511][T11545] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop6
[  275.352315][ T5937] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.408346][T11549] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2065'.
[  275.411699][T11549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2065'.
[  275.480696][T11554] loop0: detected capacity change from 0 to 512
[  275.496484][T11554] EXT4-fs: Ignoring removed bh option
[  275.509724][T11554] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  275.523268][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  275.532572][T11554] EXT4-fs (loop0): 1 truncate cleaned up
[  275.535711][T11554] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.773379][   T33] audit: type=1800 audit(1756995393.399:159): pid=11570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2068" name="bus" dev="loop0" ino=18 res=0 errno=0
[  275.839144][   T54] Bluetooth: hci3: command tx timeout
[  276.442257][ T5937] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.543038][   T33] audit: type=1326 audit(1756995394.181:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.7.2076" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4b4b38ebe9 code=0x0
[  276.544476][T11578] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  276.557419][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  276.730803][T11587] Bluetooth: MGMT ver 1.23
[  276.823943][T11590] loop6: detected capacity change from 0 to 16
[  276.836996][T11590] erofs (device loop6): mounted with root inode @ nid 36.
[  277.582969][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  278.377596][T11629] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2093'.
[  278.496935][T11633] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  278.609248][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  278.674096][T11642] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2099'.
[  278.744624][T11647] loop0: detected capacity change from 0 to 256
[  278.753257][   T33] audit: type=1800 audit(1756995396.421:161): pid=11647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2102" name="file1" dev="loop0" ino=1048701 res=0 errno=0
[  278.767096][T11647] FAT-fs (loop0): error, clusters badly computed (0 != 128)
[  278.770649][T11647] FAT-fs (loop0): Filesystem has been set read-only
[  278.773560][T11647] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  278.782050][T11647] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  278.838521][T11651] netlink: 'syz.6.2104': attribute type 3 has an invalid length.
[  278.924611][T11655] loop6: detected capacity change from 0 to 4096
[  278.936945][T11655] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512).
[  279.111166][T11667] loop6: detected capacity change from 0 to 512
[  279.116057][T11667] EXT4-fs: Ignoring removed oldalloc option
[  279.138177][T11667] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.2111: Parent and EA inode have the same ino 15
[  279.151518][T11667] EXT4-fs (loop6): 1 orphan inode deleted
[  279.155198][T11667] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.170769][T11667] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  279.174400][T11667] EXT4-fs: can't change dax mount option while remounting
[  279.194060][ T9990] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.274167][T11674] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2113'.
[  279.636511][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  280.113829][T11709] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2121'.
[  280.121167][T11709] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2121'.
[  280.132564][T11709] netlink: 332 bytes leftover after parsing attributes in process `syz.7.2121'.
[  280.457025][ T5983] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  280.617473][ T5983] usb 1-1: unable to get BOS descriptor or descriptor too short
[  280.624573][ T5983] usb 1-1: config 3 has an invalid interface number: 8 but max is 3
[  280.635321][ T5983] usb 1-1: config 3 has an invalid descriptor of length 70, skipping remainder of the config
[  280.639657][ T5983] usb 1-1: config 3 has 1 interface, different from the descriptor's value: 4
[  280.654720][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  280.713840][ T5983] usb 1-1: config 3 has no interface number 0
[  280.717552][ T5983] usb 1-1: config 3 interface 8 altsetting 6 endpoint 0x82 has an invalid bInterval 248, changing to 11
[  280.722583][ T5983] usb 1-1: config 3 interface 8 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  280.728022][ T5983] usb 1-1: config 3 interface 8 has no altsetting 0
[  280.736209][ T5983] usb 1-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=c2.be
[  280.741335][ T5983] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.746639][ T5983] usb 1-1: Product: syz
[  280.748245][ T5983] usb 1-1: Manufacturer: syz
[  280.751122][ T5983] usb 1-1: SerialNumber: syz
[  280.995349][ T5983] appledisplay 1-1:3.8: Error while getting initial brightness: -71
[  281.009525][ T5983] appledisplay 1-1:3.8: probe with driver appledisplay failed with error -71
[  281.022235][ T5983] usbhid 1-1:3.8: can't add hid device: -22
[  281.025999][ T5983] usbhid 1-1:3.8: probe with driver usbhid failed with error -22
[  281.042878][ T5983] usb 1-1: USB disconnect, device number 24
[  281.683480][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  282.713076][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  282.985572][T11776] loop6: detected capacity change from 0 to 32768
[  283.037031][T11776] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  283.073457][T11776] XFS (loop6): Ending clean mount
[  283.115222][ T9990] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  283.275292][T11801] overlayfs: failed to clone upperpath
[  283.743205][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  284.694041][T11819] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2166'.
[  284.774107][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  285.331597][T11836] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2173'.
[  285.383030][T11838] GUP no longer grows the stack in syz.6.2174 (11838): 200000004000-20000000a000 (200000002000)
[  285.387954][T11838] CPU: 1 UID: 0 PID: 11838 Comm: syz.6.2174 Not tainted syzkaller #0 PREEMPT(full) 
[  285.387971][T11838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  285.387979][T11838] Call Trace:
[  285.387984][T11838]  <TASK>
[  285.387990][T11838]  dump_stack_lvl+0x189/0x250
[  285.388011][T11838]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.388026][T11838]  ? __pfx__printk+0x10/0x10
[  285.388048][T11838]  ? find_vma+0xe7/0x160
[  285.388073][T11838]  __get_user_pages+0x24d0/0x2ce0
[  285.388104][T11838]  ? mtree_load+0x100/0x700
[  285.388130][T11838]  get_user_pages_remote+0x2f1/0xad0
[  285.388146][T11838]  ? __pfx_mtree_load+0x10/0x10
[  285.388168][T11838]  ? __pfx_get_user_pages_remote+0x10/0x10
[  285.388184][T11838]  ? __access_remote_vm+0x367/0x7d0
[  285.388203][T11838]  __access_remote_vm+0x211/0x7d0
[  285.388226][T11838]  ? __pfx___access_remote_vm+0x10/0x10
[  285.388245][T11838]  ? alloc_pages_noprof+0xbe/0x190
[  285.388265][T11838]  proc_pid_cmdline_read+0x430/0x810
[  285.388285][T11838]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  285.388299][T11838]  ? rw_verify_area+0x2a6/0x4d0
[  285.388319][T11838]  vfs_readv+0x5aa/0x850
[  285.388331][T11838]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  285.388346][T11838]  ? __pfx_vfs_readv+0x10/0x10
[  285.388368][T11838]  ? __fget_files+0x2a/0x420
[  285.388383][T11838]  ? __fget_files+0x3a0/0x420
[  285.388392][T11838]  ? __fget_files+0x2a/0x420
[  285.388409][T11838]  __x64_sys_preadv+0x197/0x2a0
[  285.388429][T11838]  ? __pfx___x64_sys_preadv+0x10/0x10
[  285.388444][T11838]  ? rcu_is_watching+0x15/0xb0
[  285.388461][T11838]  ? do_syscall_64+0xbe/0x3b0
[  285.388475][T11838]  do_syscall_64+0xfa/0x3b0
[  285.388485][T11838]  ? lockdep_hardirqs_on+0x9c/0x150
[  285.388500][T11838]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.388512][T11838]  ? exc_page_fault+0x9f/0xf0
[  285.388530][T11838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.388541][T11838] RIP: 0033:0x7fc06f58ebe9
[  285.388553][T11838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.388563][T11838] RSP: 002b:00007fc0703fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  285.388576][T11838] RAX: ffffffffffffffda RBX: 00007fc06f7c5fa0 RCX: 00007fc06f58ebe9
[  285.388585][T11838] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  285.388592][T11838] RBP: 00007fc06f611e19 R08: 0000000000000000 R09: 0000000000000000
[  285.388599][T11838] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  285.388606][T11838] R13: 00007fc06f7c6038 R14: 00007fc06f7c5fa0 R15: 00007ffe451da0b8
[  285.388626][T11838]  </TASK>
[  285.707756][T11858] loop6: detected capacity change from 0 to 512
[  285.715233][T11858] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  285.749895][T11858] EXT4-fs (loop6): 1 truncate cleaned up
[  285.768864][T11858] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.784195][T11858] fscrypt (loop6, inode 18): Can't use IV_INO_LBLK_32 policy on filesystem 'loop6' because it doesn't have stable inode numbers
[  285.807122][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  285.811308][ T9990] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.847049][T11872] netlink: 'syz.6.2190': attribute type 2 has an invalid length.
[  285.849475][T11872] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2190'.
[  286.481962][T11894] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551613)
[  286.486084][T11894] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647
[  286.533450][T11896] vxcan0: tx address claim with different name
[  286.837487][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  287.626099][T11928] netlink: 196 bytes leftover after parsing attributes in process `syz.7.2215'.
[  287.629826][T11928] netlink: 196 bytes leftover after parsing attributes in process `syz.7.2215'.
[  287.639861][T11928] netlink: 19 bytes leftover after parsing attributes in process `syz.7.2215'.
[  287.815712][T11940] loop6: detected capacity change from 0 to 256
[  287.826696][T11940] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  287.830552][T11940] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  287.838847][T11940] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  287.871822][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  287.948589][T11949] overlayfs: failed to resolve './file1metacopy=off': -2
[  288.043140][T11956] A link change request failed with some changes committed already. Interface veth1_to_hsr may have been left with an inconsistent configuration, please check.
[  288.241973][ T5849] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  288.431944][ T5849] usb 7-1: Using ep0 maxpacket: 8
[  288.435753][ T5849] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  288.439412][ T5849] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.455105][ T5849] pvrusb2: Hardware description: Terratec Grabster AV400
[  288.458075][ T5849] pvrusb2: **********
[  288.459761][ T5849] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  288.464150][ T5849] pvrusb2: Important functionality might not be entirely working.
[  288.468280][ T5849] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  288.473203][ T5849] pvrusb2: **********
[  288.760753][ T2396] pvrusb2: Invalid write control endpoint
[  288.799227][ T2396] pvrusb2: Invalid write control endpoint
[  288.801399][ T2396] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  288.808644][ T2396] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  288.811015][ T2396] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  288.814902][ T2396] pvrusb2: Device being rendered inoperable
[  288.820458][ T2396] cx25840 3-0044: Unable to detect h/w, assuming cx23887
[  288.824887][ T2396] cx25840 3-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  288.833966][ T2396] pvrusb2: Attached sub-driver cx25840
[  288.836329][ T2396] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  288.840026][ T2396] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  288.911811][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  288.964739][ T5849] usb 7-1: USB disconnect, device number 8
[  289.031125][T11985] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2241'.
[  289.312512][T10194] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  289.462712][T10194] usb 1-1: Using ep0 maxpacket: 8
[  289.466121][T10194] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  289.469234][T10194] usb 1-1: config 179 has no interface number 0
[  289.471250][T10194] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  289.475410][T10194] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  289.487492][T10194] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  289.492321][T10194] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  289.497271][T10194] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  289.507698][T10194] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  289.511352][T10194] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.518670][T11987] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  289.620084][T12004] netlink: 'syz.6.2250': attribute type 4 has an invalid length.
[  289.772807][T10194] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input13
[  289.778300][T12010] loop6: detected capacity change from 0 to 4096
[  289.822377][T12011] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  289.948840][T11987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.952549][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  289.955942][T11987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  290.181085][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  290.184443][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  290.188588][T10194] usb 1-1: USB disconnect, device number 25
[  290.699735][T12045] loop6: detected capacity change from 0 to 512
[  290.746697][T12045] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.762276][T12045] ext4 filesystem being mounted at /217/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  290.845510][ T9990] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.991826][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  291.090629][T12067] loop0: detected capacity change from 0 to 128
[  291.095534][T12067] vfat: Unknown parameter 'uni_xlat'shortname'
[  291.383667][T12077] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2281'.
[  291.392207][T12077] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2281'.
[  291.583119][T12081] netlink: 52 bytes leftover after parsing attributes in process `syz.7.2283'.
[  292.031903][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  292.129703][T12089] loop6: detected capacity change from 0 to 512
[  292.140221][T12089] EXT4-fs: Ignoring removed orlov option
[  292.150823][T12089] EXT4-fs: Ignoring removed mblk_io_submit option
[  292.256188][T12089] EXT4-fs (loop6): orphan cleanup on readonly fs
[  292.264043][T12089] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -13
[  292.297888][T12089] EXT4-fs error (device loop6): ext4_clear_blocks:876: inode #13: comm syz.6.2287: attempt to clear invalid blocks 2 len 1
[  292.325698][T12089] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  292.365389][T12089] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.2287: invalid indirect mapped block 1819239214 (level 0)
[  292.376567][T12089] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.2287: invalid indirect mapped block 1819239214 (level 1)
[  292.408199][T12089] EXT4-fs (loop6): 1 truncate cleaned up
[  292.441373][T12089] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  292.710103][ T9990] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.071899][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  293.119148][T12094] loop6: detected capacity change from 0 to 32768
[  293.132112][T12094] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  293.165776][ T9990] ocfs2: Unmounting device (7,6) on (node local)
[  293.287467][T12107] loop6: detected capacity change from 0 to 2048
[  293.292528][T12107] UDF-fs: warning (device loop6): udf_fill_super: No fileset found
[  294.112405][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  294.160461][T12140] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2307'.
[  295.151819][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  295.484654][   T24] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  295.656104][   T24] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  295.665328][   T24] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  295.674569][   T24] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  295.685341][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  295.697099][   T24] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  295.702759][   T24] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  295.708038][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  295.766377][   T24] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  295.790305][   T24] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  295.794804][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  295.803201][   T24] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  295.806754][   T24] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  295.811180][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  295.830199][   T24] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  295.835510][   T24] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  295.840886][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  295.852879][   T24] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  295.856544][   T24] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  295.860615][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  295.864569][   T24] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  295.869250][   T24] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  295.875927][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  295.883452][   T24] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  295.887035][   T24] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  295.891143][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  295.901604][   T24] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  295.910995][   T24] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  295.914960][   T24] usb 7-1: Product: syz
[  295.916875][   T24] usb 7-1: Manufacturer: syz
[  295.922417][   T24] usb 7-1: SerialNumber: syz
[  295.928713][   T24] usb 7-1: config 0 descriptor??
[  295.943528][   T24] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  296.191929][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  296.220799][    C1] usb 7-1: yurex_control_callback - control failed: -71
[  296.226989][   T24] usb 7-1: USB disconnect, device number 9
[  296.245850][   T24] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  296.317979][T12187] loop0: detected capacity change from 0 to 32768
[  296.323287][T12187] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2327 (12187)
[  296.333018][T12187] BTRFS info (device loop0): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  296.336969][T12187] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  296.414046][T12187] BTRFS info (device loop0): enabling ssd optimizations
[  296.416866][T12187] BTRFS info (device loop0): enabling free space tree
[  296.445577][   T33] audit: type=1800 audit(2000000008.840:162): pid=12187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2327" name="file1" dev="loop0" ino=260 res=0 errno=0
[  296.549816][ T5937] BTRFS info (device loop0): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  296.666434][T12214] syzkaller1: entered allmulticast mode
[  297.156129][   T33] audit: type=1400 audit(2000000009.540:163): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED838C49D3A pid=12235 comm="syz.6.2342"
[  297.221502][T12241] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2346'.
[  297.225935][T12241] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2346'.
[  297.229141][T12243] loop0: detected capacity change from 0 to 512
[  297.232596][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  297.250772][T12243] FAT-fs (loop0): bogus number of FAT sectors
[  297.262656][T12243] FAT-fs (loop0): Can't find a valid FAT filesystem
[  297.411647][T12254] batadv0: entered promiscuous mode
[  297.416091][T12254] macvtap1: entered promiscuous mode
[  297.419977][T12254] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  297.426234][T12254] batadv0: left promiscuous mode
[  297.679281][T12274] netlink: 84 bytes leftover after parsing attributes in process `syz.7.2356'.
[  298.271805][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  298.624795][T12287] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.628850][T12287] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.763669][T12287] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.777347][T12287] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.812074][ T5983] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  298.937946][T12287] hsr0: left allmulticast mode
[  298.939531][T12287] hsr_slave_0: left allmulticast mode
[  298.941563][T12287] hsr_slave_1: left allmulticast mode
[  298.960633][   T13] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  298.965552][ T5983] usb 7-1: Using ep0 maxpacket: 32
[  298.967849][   T13] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  298.974826][   T13] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  298.978548][   T13] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  298.990494][ T5983] usb 7-1: config 0 has an invalid interface number: 74 but max is 1
[  299.010292][ T5983] usb 7-1: config 0 has no interface number 1
[  299.020486][ T5983] usb 7-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa
[  299.027402][ T5983] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.032304][ T5983] usb 7-1: Product: syz
[  299.034031][ T5983] usb 7-1: Manufacturer: syz
[  299.035920][ T5983] usb 7-1: SerialNumber: syz
[  299.049118][ T5983] usb 7-1: config 0 descriptor??
[  299.119018][ T5983] snd-usb-audio 7-1:0.74: probe with driver snd-usb-audio failed with error -22
[  299.157785][ T7259] udevd[7259]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.74/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  299.308564][    T9] usb 7-1: USB disconnect, device number 10
[  299.311836][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  299.359379][T12316] mac80211_hwsim hwsim18 wlan1: entered promiscuous mode
[  299.370311][T12316] macvtap1: entered promiscuous mode
[  299.375873][T12316] mac80211_hwsim hwsim18 wlan1: left promiscuous mode
[  299.651918][ T5983] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[  299.897054][ T5983] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  299.920395][ T5983] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  299.946780][ T5983] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  299.965581][ T5983] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.993466][ T5983] usb 1-1: config 0 descriptor??
[  300.005075][ T5983] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  300.019203][ T5983] dvb-usb: bulk message failed: -22 (3/0)
[  300.038073][ T5983] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  300.046854][ T5983] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  300.051580][ T5983] usb 1-1: media controller created
[  300.059485][ T5983] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  300.073533][ T5983] dvb-usb: bulk message failed: -22 (6/0)
[  300.078605][ T5983] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  300.090366][ T5983] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input14
[  300.105085][ T5983] dvb-usb: schedule remote query interval to 150 msecs.
[  300.111297][ T5983] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  300.206310][ T5983] usb 1-1: USB disconnect, device number 26
[  300.247561][ T5983] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  300.351801][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  301.081963][ T5849] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  301.234261][ T5849] usb 1-1: Using ep0 maxpacket: 16
[  301.240338][ T5849] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  301.246212][ T5849] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  301.250359][ T5849] usb 1-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  301.256204][ T5849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.268410][ T5849] usb 1-1: config 0 descriptor??
[  301.391761][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  301.990093][T12375] netlink: 'syz.7.2405': attribute type 2 has an invalid length.
[  302.004990][T12375] : entered promiscuous mode
[  302.291948][ T5849] letsketch 0003:6161:4D15.000D: Device info: ఁ
[  302.432061][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  302.523705][ T5849] usb 1-1: Max retries (5) exceeded reading string descriptor 201
[  302.527015][ T5849] letsketch 0003:6161:4D15.000D: probe with driver letsketch failed with error -71
[  302.533922][ T5849] usb 1-1: USB disconnect, device number 27
[  303.065459][T12404] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2419'.
[  303.109320][T12408] overlayfs: failed to clone upperpath
[  303.290118][T12422] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  303.471906][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  303.512095][ T5983] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  303.710900][ T5983] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  303.737578][ T5983] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  303.769833][ T5983] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  303.776475][T12427] loop6: detected capacity change from 0 to 4096
[  303.779069][ T5983] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.785334][T12427] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512).
[  303.793877][ T5983] usb 1-1: config 0 descriptor??
[  303.808367][ T5983] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  303.818967][ T5983] dvb-usb: bulk message failed: -22 (3/0)
[  303.833025][ T5983] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  303.838167][T12427] ntfs3(loop6): ino=0, attr_set_size
[  303.838455][ T5983] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  303.845430][T12427] ntfs3(loop6): ino=0, attr_set_size
[  303.848112][ T5983] usb 1-1: media controller created
[  303.848957][T12427] ntfs3(loop6): ino=0, attr_set_size
[  303.851597][ T5983] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  303.859780][T12427] ntfs3(loop6): no free space to extend mft
[  303.862016][ T5983] dvb-usb: bulk message failed: -22 (6/0)
[  303.864902][ T5983] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  303.875506][ T5983] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input15
[  303.886591][ T5983] dvb-usb: schedule remote query interval to 150 msecs.
[  303.889337][ T5983] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  303.999889][T12432] loop6: detected capacity change from 0 to 128
[  304.015339][T12432] EXT4-fs: Ignoring removed nobh option
[  304.027021][T12432] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  304.033699][T12432] ext4 filesystem being mounted at /251/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  304.049510][ T5983] dvb-usb: bulk message failed: -22 (1/0)
[  304.059875][ T5983] dvb-usb: error while querying for an remote control event.
[  304.068553][   T33] audit: type=1800 audit(2000000016.460:164): pid=12432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2432" name="file1" dev="loop6" ino=12 res=0 errno=0
[  304.224037][ T5983] dvb-usb: bulk message failed: -22 (1/0)
[  304.249613][ T5983] dvb-usb: error while querying for an remote control event.
[  304.268287][ T5983] usb 1-1: USB disconnect, device number 28
[  304.511786][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  304.582015][ T5983] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  304.694304][ T9990] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  305.202026][   T33] audit: type=1326 audit(2000000017.530:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12449 comm="syz.0.2438" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0453b8ebe9 code=0x0
[  305.551792][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  305.620605][T12456] batman_adv: batadv0: Adding interface: dummy0
[  305.622808][T12456] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.636853][T12456] batman_adv: batadv0: Interface activated: dummy0
[  305.651334][T12456] batadv0: mtu less than device minimum
[  305.655904][T12456] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  305.661089][T12456] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  305.665568][T12456] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  305.670027][T12456] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  305.783590][T12462] loop6: detected capacity change from 0 to 128
[  305.798765][T12462] affs: No valid root block on device loop6
[  305.827306][   T33] audit: type=1326 audit(2000000018.220:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12468 comm="syz.6.2445" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  305.849088][   T33] audit: type=1326 audit(2000000018.230:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12468 comm="syz.6.2445" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  305.863172][   T33] audit: type=1326 audit(2000000018.230:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12468 comm="syz.6.2445" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  305.879839][   T33] audit: type=1326 audit(2000000018.240:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12471 comm="syz.6.2445" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc06f5c14a5 code=0x7ffc0000
[  305.895437][   T33] audit: type=1326 audit(2000000018.240:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12468 comm="syz.6.2445" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  305.908126][   T33] audit: type=1326 audit(2000000018.250:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12468 comm="syz.6.2445" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  305.920124][   T33] audit: type=1326 audit(2000000018.260:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12468 comm="syz.6.2445" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  305.929285][   T33] audit: type=1326 audit(2000000018.260:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12468 comm="syz.6.2445" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06f58ebe9 code=0x7ffc0000
[  306.042405][T12484] netlink: 130984 bytes leftover after parsing attributes in process `syz.6.2450'.
[  307.631355][T12532] netlink: 'syz.6.2471': attribute type 1 has an invalid length.
[  307.634728][T12532] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2471'.
[  307.643060][    C1] net_ratelimit: 16 callbacks suppressed
[  307.643074][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  308.090067][T12558] netlink: 'syz.6.2485': attribute type 4 has an invalid length.
[  308.241110][T12560] loop0: detected capacity change from 0 to 4096
[  308.246712][T12560] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  308.289109][T12560] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  308.512672][T12583] loop0: detected capacity change from 0 to 256
[  308.519738][T12583] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  308.533481][T12583] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  308.555581][T12583] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  308.671824][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  308.738043][T12594] loop0: detected capacity change from 0 to 16
[  308.768704][T12594] erofs (device loop0): mounted with root inode @ nid 36.
[  309.654599][T12612] loop6: detected capacity change from 0 to 1024
[  309.711846][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  310.147558][T12627] netlink: 'syz.7.2517': attribute type 9 has an invalid length.
[  310.201313][T12632] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2520'.
[  310.217102][T12632] bridge0: entered promiscuous mode
[  310.220845][T12632] macvlan2: entered allmulticast mode
[  310.225287][T12632] bridge0: entered allmulticast mode
[  310.230447][T12632] bridge0: port 3(macvlan2) entered blocking state
[  310.234168][T12632] bridge0: port 3(macvlan2) entered disabled state
[  310.244444][T12632] bridge0: left allmulticast mode
[  310.246557][T12632] bridge0: left promiscuous mode
[  310.433063][T12639] loop0: detected capacity change from 0 to 2048
[  310.454449][T12639] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  310.751810][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  311.595569][T12666] loop0: detected capacity change from 0 to 8
[  311.624474][T12666] SQUASHFS error: zlib decompression failed, data probably corrupt
[  311.627236][T12666] SQUASHFS error: Failed to read block 0x9b: -5
[  311.629256][T12666] SQUASHFS error: Unable to read metadata cache entry [99]
[  311.644351][T12666] SQUASHFS error: Unable to read inode 0x127
[  311.670556][T12668] loop6: detected capacity change from 0 to 4096
[  311.681280][T12668] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  311.780521][T12668] ntfs3(loop6): Failed to initialize $Extend/$Reparse.
[  311.791772][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  312.185731][T12674] loop0: detected capacity change from 0 to 4096
[  312.255517][T12677] geneve2: entered allmulticast mode
[  312.431389][T12689] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2546'.
[  312.468092][T12693] loop0: detected capacity change from 0 to 256
[  312.476217][T12693] exfat: Deprecated parameter 'utf8'
[  312.537477][   T33] kauditd_printk_skb: 5 callbacks suppressed
[  312.537492][   T33] audit: type=1800 audit(2000000024.900:179): pid=12693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2548" name="file2" dev="loop0" ino=1048703 res=0 errno=0
[  312.831796][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  312.883924][    T9] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  313.343610][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  313.353180][    T9] usb 1-1: config 4 has an invalid interface number: 214 but max is 0
[  313.355955][    T9] usb 1-1: config 4 has no interface number 0
[  313.358144][    T9] usb 1-1: config 4 interface 214 has no altsetting 0
[  313.368093][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=0243, bcdDevice=87.6e
[  313.371346][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.381787][    T9] usb 1-1: Product: syz
[  313.383230][    T9] usb 1-1: Manufacturer: syz
[  313.384740][    T9] usb 1-1: SerialNumber: syz
[  313.568856][T12710] ceph: No mds server is up or the cluster is laggy
[  313.696957][    T9] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:4.214/input/input16
[  313.709594][ T5281] bcm5974 1-1:4.214: could not read from device
[  313.719491][    T9] usb 1-1: USB disconnect, device number 29
[  313.754522][T12719] ==================================================================
[  313.757895][T12719] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x570/0xf30
[  313.761106][T12719] Read of size 4 at addr ffff88801f78c0c4 by task syz.6.2556/12719
[  313.764362][T12719] 
[  313.765987][T12719] CPU: 0 UID: 0 PID: 12719 Comm: syz.6.2556 Not tainted syzkaller #0 PREEMPT(full) 
[  313.766004][T12719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  313.766012][T12719] Call Trace:
[  313.766018][T12719]  <TASK>
[  313.766024][T12719]  dump_stack_lvl+0x189/0x250
[  313.766043][T12719]  ? __kasan_check_byte+0x12/0x40
[  313.766060][T12719]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.766074][T12719]  ? lock_release+0x4b/0x3e0
[  313.766093][T12719]  ? __virt_addr_valid+0x4a5/0x5c0
[  313.766108][T12719]  print_report+0xca/0x240
[  313.766121][T12719]  ? xfrm_alloc_spi+0x570/0xf30
[  313.766134][T12719]  kasan_report+0x118/0x150
[  313.766149][T12719]  ? xfrm_alloc_spi+0x570/0xf30
[  313.766164][T12719]  xfrm_alloc_spi+0x570/0xf30
[  313.766176][T12719]  ? xfrm_alloc_spi+0x2a0/0xf30
[  313.766194][T12719]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  313.766207][T12719]  ? xfrm_find_acq+0x87/0xa0
[  313.766221][T12719]  xfrm_alloc_userspi+0x70b/0xc90
[  313.766238][T12719]  ? apparmor_capable+0x137/0x1b0
[  313.766253][T12719]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  313.766268][T12719]  ? __nla_parse+0x40/0x60
[  313.766285][T12719]  xfrm_user_rcv_msg+0x7a3/0xab0
[  313.766300][T12719]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  313.766322][T12719]  ? __pfx___mutex_trylock_common+0x10/0x10
[  313.766337][T12719]  ? rcu_is_watching+0x15/0xb0
[  313.766348][T12719]  ? trace_contention_end+0x39/0x120
[  313.766361][T12719]  ? __mutex_lock+0x335/0x1350
[  313.766374][T12719]  netlink_rcv_skb+0x208/0x470
[  313.766390][T12719]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  313.766405][T12719]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  313.766425][T12719]  ? netlink_deliver_tap+0x2e/0x1b0
[  313.766440][T12719]  ? netlink_deliver_tap+0x2e/0x1b0
[  313.766458][T12719]  xfrm_netlink_rcv+0x79/0x90
[  313.766471][T12719]  netlink_unicast+0x82f/0x9e0
[  313.766488][T12719]  ? __pfx_netlink_unicast+0x10/0x10
[  313.766504][T12719]  ? netlink_sendmsg+0x642/0xb30
[  313.766514][T12719]  ? skb_put+0x11b/0x210
[  313.766526][T12719]  netlink_sendmsg+0x805/0xb30
[  313.766547][T12719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.766559][T12719]  ? aa_sock_msg_perm+0xf1/0x1d0
[  313.766594][T12719]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  313.766608][T12719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.766621][T12719]  __sock_sendmsg+0x21c/0x270
[  313.766637][T12719]  ____sys_sendmsg+0x505/0x830
[  313.766648][T12719]  ? __pfx_____sys_sendmsg+0x10/0x10
[  313.766664][T12719]  ? import_iovec+0x74/0xa0
[  313.766677][T12719]  ___sys_sendmsg+0x21f/0x2a0
[  313.766690][T12719]  ? __pfx____sys_sendmsg+0x10/0x10
[  313.766711][T12719]  ? __fget_files+0x2a/0x420
[  313.766721][T12719]  ? __fget_files+0x3a0/0x420
[  313.766735][T12719]  __x64_sys_sendmsg+0x19b/0x260
[  313.766746][T12719]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  313.766762][T12719]  ? rcu_is_watching+0x15/0xb0
[  313.766774][T12719]  ? do_syscall_64+0xbe/0x3b0
[  313.766786][T12719]  do_syscall_64+0xfa/0x3b0
[  313.766794][T12719]  ? lockdep_hardirqs_on+0x9c/0x150
[  313.766810][T12719]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.766820][T12719]  ? exc_page_fault+0x9f/0xf0
[  313.766837][T12719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.766848][T12719] RIP: 0033:0x7fc06f58ebe9
[  313.766860][T12719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.766871][T12719] RSP: 002b:00007fc0703fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  313.766884][T12719] RAX: ffffffffffffffda RBX: 00007fc06f7c5fa0 RCX: 00007fc06f58ebe9
[  313.766892][T12719] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  313.766901][T12719] RBP: 00007fc06f611e19 R08: 0000000000000000 R09: 0000000000000000
[  313.766907][T12719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  313.766913][T12719] R13: 00007fc06f7c6038 R14: 00007fc06f7c5fa0 R15: 00007ffe451da0b8
[  313.766926][T12719]  </TASK>
[  313.766931][T12719] 
[  313.911761][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  313.912463][T12719] Allocated by task 11251:
[  313.928804][T12719]  kasan_save_track+0x3e/0x80
[  313.930846][T12719]  __kasan_slab_alloc+0x6c/0x80
[  313.932964][T12719]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  313.935273][T12719]  xfrm_state_alloc+0x24/0x2f0
[  313.937289][T12719]  __find_acq_core+0x8a7/0x1c00
[  313.939321][T12719]  xfrm_find_acq+0x78/0xa0
[  313.941193][T12719]  xfrm_alloc_userspi+0x6b3/0xc90
[  313.943256][T12719]  xfrm_user_rcv_msg+0x7a3/0xab0
[  313.945253][T12719]  netlink_rcv_skb+0x208/0x470
[  313.947250][T12719]  xfrm_netlink_rcv+0x79/0x90
[  313.949703][T12719]  netlink_unicast+0x82f/0x9e0
[  313.951788][T12719]  netlink_sendmsg+0x805/0xb30
[  313.953838][T12719]  __sock_sendmsg+0x21c/0x270
[  313.955783][T12719]  ____sys_sendmsg+0x505/0x830
[  313.957828][T12719]  ___sys_sendmsg+0x21f/0x2a0
[  313.959876][T12719]  __x64_sys_sendmsg+0x19b/0x260
[  313.961979][T12719]  do_syscall_64+0xfa/0x3b0
[  313.963915][T12719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.966352][T12719] 
[  313.967383][T12719] Freed by task 9:
[  313.968941][T12719]  kasan_save_track+0x3e/0x80
[  313.970939][T12719]  kasan_save_free_info+0x46/0x50
[  313.973063][T12719]  __kasan_slab_free+0x5b/0x80
[  313.975098][T12719]  kmem_cache_free+0x18f/0x400
[  313.977165][T12719]  xfrm_state_gc_task+0x52d/0x6b0
[  313.979239][T12719]  process_scheduled_works+0xae1/0x17b0
[  313.981522][T12719]  worker_thread+0x8a0/0xda0
[  313.983404][T12719]  kthread+0x711/0x8a0
[  313.985165][T12719]  ret_from_fork+0x3fc/0x770
[  313.987172][T12719]  ret_from_fork_asm+0x1a/0x30
[  313.989187][T12719] 
[  313.990173][T12719] The buggy address belongs to the object at ffff88801f78c000
[  313.990173][T12719]  which belongs to the cache xfrm_state of size 928
[  313.995742][T12719] The buggy address is located 196 bytes inside of
[  313.995742][T12719]  freed 928-byte region [ffff88801f78c000, ffff88801f78c3a0)
[  314.001106][T12719] 
[  314.002072][T12719] The buggy address belongs to the physical page:
[  314.004551][T12719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801f78d680 pfn:0x1f78c
[  314.008483][T12719] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  314.011833][T12719] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  314.014860][T12719] page_type: f5(slab)
[  314.016549][T12719] raw: 00fff00000000040 ffff88801c356b40 dead000000000122 0000000000000000
[  314.020067][T12719] raw: ffff88801f78d680 00000000800e000a 00000000f5000000 0000000000000000
[  314.023604][T12719] head: 00fff00000000040 ffff88801c356b40 dead000000000122 0000000000000000
[  314.027225][T12719] head: ffff88801f78d680 00000000800e000a 00000000f5000000 0000000000000000
[  314.030788][T12719] head: 00fff00000000002 ffffea00007de301 00000000ffffffff 00000000ffffffff
[  314.034423][T12719] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  314.037885][T12719] page dumped because: kasan: bad access detected
[  314.040594][T12719] page_owner tracks the page as allocated
[  314.043033][T12719] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6495, tgid 6494 (syz.0.260), ts 88327463264, free_ts 88309478553
[  314.050601][T12719]  post_alloc_hook+0x240/0x2a0
[  314.052510][T12719]  get_page_from_freelist+0x21e4/0x22c0
[  314.054812][T12719]  __alloc_frozen_pages_noprof+0x181/0x370
[  314.057156][T12719]  alloc_pages_mpol+0x232/0x4a0
[  314.059169][T12719]  allocate_slab+0x8a/0x370
[  314.061028][T12719]  ___slab_alloc+0xbeb/0x1410
[  314.062998][T12719]  kmem_cache_alloc_noprof+0x283/0x3c0
[  314.065247][T12719]  xfrm_state_alloc+0x24/0x2f0
[  314.067171][T12719]  xfrm_add_sa+0x17d1/0x4070
[  314.069063][T12719]  xfrm_user_rcv_msg+0x7a3/0xab0
[  314.071199][T12719]  netlink_rcv_skb+0x208/0x470
[  314.073190][T12719]  xfrm_netlink_rcv+0x79/0x90
[  314.075201][T12719]  netlink_unicast+0x82f/0x9e0
[  314.077287][T12719]  netlink_sendmsg+0x805/0xb30
[  314.079371][T12719]  __sock_sendmsg+0x21c/0x270
[  314.081421][T12719]  ____sys_sendmsg+0x505/0x830
[  314.083382][T12719] page last free pid 6144 tgid 6144 stack trace:
[  314.085930][T12719]  __free_frozen_pages+0xbc4/0xd30
[  314.088099][T12719]  __slab_free+0x303/0x3c0
[  314.090036][T12719]  qlist_free_all+0x97/0x140
[  314.091961][T12719]  kasan_quarantine_reduce+0x148/0x160
[  314.094180][T12719]  __kasan_slab_alloc+0x22/0x80
[  314.096212][T12719]  __kmalloc_noprof+0x224/0x4f0
[  314.098242][T12719]  tomoyo_realpath_from_path+0xe3/0x5d0
[  314.100604][T12719]  tomoyo_path_perm+0x213/0x4b0
[  314.102715][T12719]  security_inode_getattr+0x12f/0x330
[  314.105005][T12719]  vfs_fstatat+0xb1/0x170
[  314.106867][T12719]  __x64_sys_newfstatat+0x116/0x190
[  314.109096][T12719]  do_syscall_64+0xfa/0x3b0
[  314.111043][T12719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.113598][T12719] 
[  314.114642][T12719] Memory state around the buggy address:
[  314.116894][T12719]  ffff88801f78bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  314.120198][T12719]  ffff88801f78c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  314.123520][T12719] >ffff88801f78c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  314.126877][T12719]                                            ^
[  314.129490][T12719]  ffff88801f78c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  314.132797][T12719]  ffff88801f78c180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  314.136284][T12719] ==================================================================
[  314.139794][T12719] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  314.142904][T12719] CPU: 0 UID: 0 PID: 12719 Comm: syz.6.2556 Not tainted syzkaller #0 PREEMPT(full) 
[  314.146812][T12719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  314.150916][T12719] Call Trace:
[  314.152347][T12719]  <TASK>
[  314.153702][T12719]  dump_stack_lvl+0x99/0x250
[  314.155706][T12719]  ? __asan_memcpy+0x40/0x70
[  314.157705][T12719]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.159906][T12719]  ? __pfx__printk+0x10/0x10
[  314.161863][T12719]  vpanic+0x281/0x750
[  314.163528][T12719]  ? __pfx_vpanic+0x10/0x10
[  314.165478][T12719]  ? irqentry_exit+0x74/0x90
[  314.167491][T12719]  panic+0xb9/0xc0
[  314.169125][T12719]  ? __pfx_panic+0x10/0x10
[  314.171069][T12719]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  314.173596][T12719]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  314.176245][T12719]  ? xfrm_alloc_spi+0x570/0xf30
[  314.178332][T12719]  check_panic_on_warn+0x89/0xb0
[  314.180462][T12719]  ? xfrm_alloc_spi+0x570/0xf30
[  314.182515][T12719]  end_report+0x78/0x160
[  314.184355][T12719]  kasan_report+0x129/0x150
[  314.186322][T12719]  ? xfrm_alloc_spi+0x570/0xf30
[  314.188373][T12719]  xfrm_alloc_spi+0x570/0xf30
[  314.190386][T12719]  ? xfrm_alloc_spi+0x2a0/0xf30
[  314.192601][T12719]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  314.194831][T12719]  ? xfrm_find_acq+0x87/0xa0
[  314.196745][T12719]  xfrm_alloc_userspi+0x70b/0xc90
[  314.198881][T12719]  ? apparmor_capable+0x137/0x1b0
[  314.201033][T12719]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  314.203324][T12719]  ? __nla_parse+0x40/0x60
[  314.205251][T12719]  xfrm_user_rcv_msg+0x7a3/0xab0
[  314.207418][T12719]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  314.209752][T12719]  ? __pfx___mutex_trylock_common+0x10/0x10
[  314.212288][T12719]  ? rcu_is_watching+0x15/0xb0
[  314.214375][T12719]  ? trace_contention_end+0x39/0x120
[  314.216720][T12719]  ? __mutex_lock+0x335/0x1350
[  314.218722][T12719]  netlink_rcv_skb+0x208/0x470
[  314.220702][T12719]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  314.223184][T12719]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  314.225466][T12719]  ? netlink_deliver_tap+0x2e/0x1b0
[  314.227590][T12719]  ? netlink_deliver_tap+0x2e/0x1b0
[  314.229650][T12719]  xfrm_netlink_rcv+0x79/0x90
[  314.231625][T12719]  netlink_unicast+0x82f/0x9e0
[  314.233635][T12719]  ? __pfx_netlink_unicast+0x10/0x10
[  314.235914][T12719]  ? netlink_sendmsg+0x642/0xb30
[  314.238038][T12719]  ? skb_put+0x11b/0x210
[  314.239858][T12719]  netlink_sendmsg+0x805/0xb30
[  314.241884][T12719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.244107][T12719]  ? aa_sock_msg_perm+0xf1/0x1d0
[  314.246319][T12719]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  314.248444][T12719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.250771][T12719]  __sock_sendmsg+0x21c/0x270
[  314.252839][T12719]  ____sys_sendmsg+0x505/0x830
[  314.254904][T12719]  ? __pfx_____sys_sendmsg+0x10/0x10
[  314.257211][T12719]  ? import_iovec+0x74/0xa0
[  314.259123][T12719]  ___sys_sendmsg+0x21f/0x2a0
[  314.261077][T12719]  ? __pfx____sys_sendmsg+0x10/0x10
[  314.263253][T12719]  ? __fget_files+0x2a/0x420
[  314.265287][T12719]  ? __fget_files+0x3a0/0x420
[  314.267377][T12719]  __x64_sys_sendmsg+0x19b/0x260
[  314.269493][T12719]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  314.271757][T12719]  ? rcu_is_watching+0x15/0xb0
[  314.273762][T12719]  ? do_syscall_64+0xbe/0x3b0
[  314.275692][T12719]  do_syscall_64+0xfa/0x3b0
[  314.277511][T12719]  ? lockdep_hardirqs_on+0x9c/0x150
[  314.279699][T12719]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.282257][T12719]  ? exc_page_fault+0x9f/0xf0
[  314.284210][T12719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.286647][T12719] RIP: 0033:0x7fc06f58ebe9
[  314.288479][T12719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.296058][T12719] RSP: 002b:00007fc0703fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.299282][T12719] RAX: ffffffffffffffda RBX: 00007fc06f7c5fa0 RCX: 00007fc06f58ebe9
[  314.302819][T12719] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  314.306071][T12719] RBP: 00007fc06f611e19 R08: 0000000000000000 R09: 0000000000000000
[  314.309194][T12719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  314.312269][T12719] R13: 00007fc06f7c6038 R14: 00007fc06f7c5fa0 R15: 00007ffe451da0b8
[  314.315377][T12719]  </TASK>
[  314.317370][T12719] Kernel Offset: disabled
[  314.319108][T12719] Rebooting in 86400 seconds..

VM DIAGNOSIS:
14:17:11  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000032 RBX=0000000000000032 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001477 RDI=0000000000001478 RBP=00000000000003f8 RSP=ffffc900066be9f0
R8 =ffff8880215f8237 R9 =1ffff110042bf046 R10=dffffc0000000000 R11=ffffffff854f3b00
R12=dffffc0000000000 R13=ffffffff99afd8d2 R14=ffffffff99df2420 R15=0000000000000000
RIP=ffffffff854f3b7c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc0703fe6c0 ffffffff 00c00000
GS =0000 ffff8880b8618000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000280 CR3=000000010e67e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fc06f797498 00007fc06f797470 XMM03=00007fc06f7974a8 00007fc06f7974a0
XMM04=00007fc0702fd100 00007fc06f797460 XMM05=00007fc06f797478 00007fc06f7974c0
XMM06=00007fc06f7974b8 00007fc06f7974b0 XMM07=00007fc06f7974a8 00007fc06f7974a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fc06f612fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff81b44f7b RBX=1ffff11009608341 RCX=ffff88810016b980 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=ffffc900006af7e0 RSP=ffffc900006af660
R8 =ffffffff8fa39037 R9 =1ffffffff1f47206 R10=dffffc0000000000 R11=fffffbfff1f47207
R12=ffff88804b041a08 R13=dffffc0000000000 R14=ffff88813663b1c0 R15=0000000000000000
RIP=ffffffff81b44f63 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c18000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055c6ae17d000 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fc06f612fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
