last executing test programs:

11m41.703878771s ago: executing program 1 (id=364):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000003c0)={'ip6tnl0\x00', &(0x7f0000000400)={'syztnl0\x00', r1, 0x0, 0x10, 0x0, 0x4, 0x43, @mcast2, @loopback={0xfec0ffff00000000, 0xffff8881114a4aa8}, 0x40, 0x0, 0x0, 0x6}})

11m41.53058236s ago: executing program 1 (id=366):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getrlimit(0xa, &(0x7f0000000180))

11m41.48355672s ago: executing program 1 (id=367):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaa436a2ddcf6177a8864"], 0x0)

11m41.431384073s ago: executing program 1 (id=369):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0)
chroot(&(0x7f00000001c0)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00')

11m41.430701641s ago: executing program 1 (id=370):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x118, 0x2b, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x107, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c", @typed={0x4, 0xe9}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)

11m40.335426261s ago: executing program 1 (id=377):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc00000002090108000000000000000000000000480002002c0001"], 0xfc}}, 0x0)

11m40.247849423s ago: executing program 32 (id=377):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc00000002090108000000000000000000000000480002002c0001"], 0xfc}}, 0x0)

10m28.93417956s ago: executing program 3 (id=1062):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0)
ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f0000000200)={0x5, 0x408000, 0xfffffffe})

10m28.84776586s ago: executing program 3 (id=1063):
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x258a, 0x33, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}}}]}}]}}, 0x0)
r0 = timerfd_create(0x0, 0x800)
timerfd_settime(r0, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec21, 0x1000, 0x400001, 0x40000333}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

10m27.478516399s ago: executing program 3 (id=1071):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20040768, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='veno\x00', 0x5)
sendto(r0, &(0x7f0000000780)='p', 0x1, 0x24000011, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000700)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba1e9bb7ec30de54e3d82d4e023f9a336ec7e55fefd0d3c8f30eea40e40a6e32d6873837bb90f2fafc91", 0xffffffffffffff29, 0x80, 0x0, 0x0)

10m26.637599959s ago: executing program 3 (id=1081):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
umount2(&(0x7f0000000280)='./file0/file0/file0\x00', 0xa)

10m26.573616947s ago: executing program 3 (id=1083):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f0000000000)={[{@user_xattr}, {@errors_remount}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x802, 0xa2)
ioctl$FIBMAP(r1, 0x1, &(0x7f0000000000)=0x4)

10m26.31626956s ago: executing program 3 (id=1086):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff0000000071100d000000000095"], &(0x7f0000000480)='GPL\x00'}, 0x94)

10m26.185965275s ago: executing program 33 (id=1086):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff0000000071100d000000000095"], &(0x7f0000000480)='GPL\x00'}, 0x94)

8m35.920352307s ago: executing program 4 (id=2350):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810000850000007d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000100)='sys_exit\x00', r0}, 0x10)
clock_settime(0x0, 0x0)

8m35.838744754s ago: executing program 4 (id=2352):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r0, 0x0, 0xb)

8m35.78677523s ago: executing program 4 (id=2354):
syz_emit_ethernet(0x12, &(0x7f00000003c0)={@link_local, @link_local, @void, {@llc={0x4, {@llc={0x42, 0x0, "97", '\x00'}}}}}, 0x0)

8m35.730582253s ago: executing program 4 (id=2355):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4080, &(0x7f0000000540)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRESDEC], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
socket$key(0xf, 0x3, 0x2)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000000), 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x6, 0x9, 0x2, 0x0, 0x0, 0x8}, 0x0, &(0x7f0000000200)={0x3ff, 0x0, 0x0, 0x9, 0x1, 0x0, 0x7fffffff, 0x100002}, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')

8m34.912262346s ago: executing program 4 (id=2376):
syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000340)=ANY=[], 0x2, 0x634, &(0x7f0000000480)="$eJzs3c1rXNfdB/DvHcmyxgZHeWI7fkogIoa0VNTWC0qrbuqWUlQIJaSLroUtY+Gxk0pKUUJp1De67SJ/QLrQrqtCN4WCIV23u2y1DBS6yUpdTbl37oxGtjwdxZJGTj8fc+ecM+fec3/nN/dlZoyYAP+zlmcy/ihFlmfe3CrbuzsLrd2dhQfdepLzSRrJeKdI8TApPklupbPk/8sn6+GKp+3no7Wltz/9fPezTmu8Xqr1G4O2G852vWQ6yVhdHtd4t595vKI3wzJh17uJg1E7l6R9wE+v7vcMduGZz1vgLCg6982edn1mT1WneSbr9wGdu2Lnnv1c2x51AAAAAHAKXtjLXrZyadRxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPOk/v3/6lf/J3tPpZhO0f39/4luf5KLIwx1sInhVnvUOOlAAAAAAAAAAODkvbqXvWzlUrfdLtJI8lrVuFw9Xsx72chq1nMjW1nJZjaznrkkU30DTWytbG6uzw2x5fyhW84PGXDz2ecMAAAAAAAAAF9Cv8ry/v//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAWVAkY52iWi5361NpjCeZTDJRrred/KNbf549GnUAAAAAcApe2MtetnKp224X1Wf+q9Xn/sm8l4fZzFo208pq7lTfBXQ+9Td2dxZauzsLD8rlyXG/+68jhVGNmM53D4fv+Vq1RjN3s1Y9cyO3805auZNGtWXpWjeew+P6ZRlT8Z3akJHdqcty5r+vy5M3NsQ6U1VGzvUyMlvHVmbjxcGZOPjqbB91T3Np9L75uXwCOb9Ql0Vy8YenlvNh1Jl4NXUm5vuOvquDM5F89c9//Mm91sP79+5uzJydKR3B+Xa73a0/fkws9GXi5S99JvrNVpm40msv5wf5cWYynbeynrX8LCvZzGqm8/2qtlIfz+Xj1OBM3TrQeqt6bD49kon6delcPY4W02vVtpeylh/lndzJat6o/s1nLt/MYhaz1PcKXxnirG8c7ay//rW6Uk7wd4MnesrKvL5Y5/XD5MA1d6rq639mP0spctzXxvGv1JVyH7+uy7Ph8UzM9WXipcHHyx+qy8pG6+H99Xsr7w65v9frsjyPfnum7hLl8fJ/5YtVtQ4eHWXfS4f2zVV9l3t9jSf6rvT6/tuZOlG/h3typPmq7+VD+xaqvmt9fYe93wLgzLvw9QsTzX82/978uPmb5r3mm5PfO/+t869M5Nzfzn17fHbs9cYrxZ/ycX6x//kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD44jbe/+D+Squ1uv5Ypd1uf/iUri9aGctRtvrrX45z793fIzrG6RxvZfIoK7fPRsxHqfy73W4fy4DbAw7aY6u0a2cidSOqjPjCBJy4m5sP3r258f4H31jr3iIXF5dmlxbfWLh5d621Ott5HHGQwInYv+mPOhIAAAAAAAAAAABgWKfx5wSjniMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwfFueyfijFJmbvTFbtnd3Flrl0q3vrzmepJGk+HlSfJLcSmfJVN9wxdP289Ha0tuffr772f5Y4931G4O2G852vWQ6yVhdHtd4t595vKI3wzJh17uJg1H7TwAAAP//UOQPsQ==")
open(&(0x7f0000000140)='./file1\x00', 0x141242, 0x40)

8m34.781068262s ago: executing program 4 (id=2377):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
mount(&(0x7f0000000080)=@filename='./cgroup\x00', &(0x7f00000000c0)='./cgroup\x00', 0x0, 0x1004, 0x0)
unshare(0x22020400)

8m34.720043086s ago: executing program 34 (id=2377):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
mount(&(0x7f0000000080)=@filename='./cgroup\x00', &(0x7f00000000c0)='./cgroup\x00', 0x0, 0x1004, 0x0)
unshare(0x22020400)

4m33.473729644s ago: executing program 2 (id=5718):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001803000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000001f0000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4m33.472257984s ago: executing program 2 (id=5719):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./file2\x00', 0x8, &(0x7f0000000240)={[{@autodefrag}, {@autodefrag}, {@barrier}, {@max_inline={'max_inline', 0x3d, [0x6d]}}, {@clear_cache}, {@discard}, {@noenospc_debug}, {@space_cache_v2}, {@thread_pool={'thread_pool', 0x3d, 0x1}}]}, 0x1, 0x55a3, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x20042, 0x45)
r1 = open(&(0x7f0000000200)='./file2\x00', 0x100, 0x123)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)
pwrite64(r2, &(0x7f00000000c0)='#', 0x1, 0x709d)
copy_file_range(r1, 0x0, r0, 0x0, 0x3df1, 0x0)

4m33.016628168s ago: executing program 2 (id=5723):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000000)="3c00000058001f000307f4f9002304000a04d65f0800010002010002170003800500000099db973b91aa057972513500b0406700912deb5b85932234", 0x3c)

4m32.75800869s ago: executing program 2 (id=5729):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2, &(0x7f0000000740), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)

4m32.010137295s ago: executing program 2 (id=5733):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000001c0)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10000, 0x0, 0x401, 0x100, 0x400008, 0x0, 0x0, 0x1, 0x4}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000061c0)="c0f61a5fb77193bea0c6599de09cf570067192ff7d5bf191681878eb121895cd4c4052feb0a5196b61ab6e28d35aec54bb2aee6802a27f50c4e8f36a2b1bb12d93dbcd320ed338fd1a8ed43a2dcb2bf11c773ae982800321c7dcd67fa8930472eee2990090cc2a92f3373d898573a2cd1712c18ea624e82422c96f0d8895bfc4541911ff3662cd28fd55d795d1a5f31c92defbed88d48db688f899fe88997b057ce3e898eaf9eb2e76a59c1d2c10610768b3296595221c2b063ca2aa664fa0a5456c4e2bcddc7f856e2e29ce1b8852997a4d24f918408bfa9969074de495dd4cc9591e48287d78a2b3e0de09b48eb5b6bf78c6afd134b09770c164000d1f300c92877afe8be5d381c38da3b5fb9bd540c2f43c7dd2ec8dcff2af3517ba839c827866d10608964445bdead091df1264f5591e91d2f31b2015dff1b3b7ff0a5dc8b15748278849ddf4389ca7112ec1ca45957e2809b3d763e336f7051ac4e832ec61d1b95b9266565293806933dd8e3b65eaa1b4fe7946056703426674379ccec7abff1c459b91248f3a1d9e8103ae395aa86dd4235a5c16d9bd12dcb1ea9565a7c3d58d247a51db6d9077ecf47152d0733d79a5c449480c40b1cf8e115df4de3404b73ad06ac4c0d03f3b51d1b89b05ded082a5db1f5fbd8d351015b93862b2cc0995fb318609237e404e8d78d8982af761c27ad1fbc8f4693194c5e6b99edcb7a6e9dd261a386d8ed4420a7c12cbdcc86ab19f4e7a6c0c9b80fa3f0549ae57b38a93f669a87584b81e56211b34263db87c2d244e422878aa93e2c24260c71d06f75da33079b48b7072859669c128ba03d1487336a4a04167f2a3fa928d002c8b3cafdedf7a479604aa8f94e6b7ba58395df3d136b783f7be6b0b6b7b4b735c88a53da064a493b16713726b39ce23f08af19a671fe81be1e9772d87ca9cb5dccc35759fe3f7935a3167924d0a7d1586821ffebe0fa57e72a24967f7958875c4bf56d779369074db0077ee58138400c2f646c645e0f453e9e39aaf48da67775f59f8e282db3dec88bbe20ca6e65e2c7e44ab0583840513bfab76d94d1512549ea6db4a5a64cbe6f76b0ecdb2f1f71aa6446bcf4f7249366474cb77ed70ccb2702134b9dc6c2bfaf27ac9a9c85b8d9c48d100ae8c0eaa34701d2125a405b1117307119b754ccbbbcb2c8b71eb76d1157ddc7fbe0c75652a4cfc31d785a489f2344d8b4c47ff1b772104f49658f62d6241ef7f782db0cc071788b3dfa74e69533cd0a02ffadacdfbc8b5a83b9d4b8db068b5a7370f947fc4a99158c6296a442beba2e23ac1ef68c50f19851f3fb68b67fb714a5e7e53bb5a7690286cac12f2b002e854d8595075fbd00622b29bd423c3dbaf600ad6f37c96dcde43de6290b053c76df5620ce17118e2230039304c88a0d207c7cd05dd3854c545cdbebe907cc4d3411a382afed5e080502363cebe68e2c8dc1f800ea4add827a83a9cdf0fe6d54eabfca5a0ba370a06a4af1c49a60cd19141a4d994fbcce888278ade6300bd40685267fcdf1317cdb3b06cae9e7d9edb08d5c98b6d7115c025fcc05058a515adcc23c65ce526aed3b8203f3c54986f65ba9ffe2a9bc26b2813a1fe339ba2a58515cb8375e2d62550bf35dfd4fbdb75a70bb9fdc47d3d0346a65b986b7efd12aab760124b6888480b341b16ef2fea93fe2fbdeb55706690aa2c02bd80b1ccb7b8f23720283df89b515e2020bc5364cc4aea5fdc250f10d46db93c128e2de7477f4c80ec016f7a872efdef50ae1730b3a1deb8085d82f4fd53015a518803cd02646c087d67b0fd7092852dd81ac93ca60346f23fd847cf7c4883cab81af956342da21fb399b69e1988d89f9693b0630fa8cc95714285940d20eda153f8f7b01e6b2b892327b5d1e754a36a3430c5c22c3b841357eb80e526d7792a8ab9c4b1d23d82e31f23ef38580c2b33ca72424fbfbbf237f315cf2e5d134783982cad204be087ef58da96c6bc5da2dc4bc78f293eed56157a10848c0a956de15b83daacede9ae1c54731149f9ce7231cd84e14f128f87361e1fc0cdb2940766f39c93b9ddc74bba0a32548cddb1ae20981576de2ef8a772b04ed90900b2da11ffc70bbdb7091b8b8ed600dc0c9d236277afd9bb97b035f3b8fc95ef3f30c056b67a195c5c9f44c0f2ca4debba0d6d8779903e8e34fdd6b766fbba6b57e722ad9a852dbbeca8eb9acb9929bdcb4d4fa57d54ef1c1a0fdc032a898d3334f5671c7df82361b7d616c1f87e23f7adf043edda83458051f073f2562904ed25ad9a7129f3c14286007c9e4c81ea56c6a7289d8e58782d949a19a2642dc89d107fb465d0a98128250e66eedd93cf063963b7f7a0e1d3b9f1dd212cc9edd662af45852dbbaec84c69a640be115a239b5abd46d990fa007988f6be78a8c1e426091ecb33822529f7fddfb34d9304466ea06bb546a34735021e98674ae4a5f5c0b4f153ad5434b81c6343c42ae79224fe5abfe8b9e6fba38164c3c318500c130323b2f9bbcdf6aceb664e10483e2084defa744cd745e565ac5a8b5c30166330dd95e70f2a072a5cf5462635f7e0a4f455bcb607426aede9fa06d708c7c0daaafe2b84896134ab3b379c6690c9049903156232e5b7ca9529d602968f1e1f7a73214aaf4a9575dd5147e5bef8f05907267580abdb728cf32f6845cdf3bc779451669e4972e0b787afac5a36bacc3c1bcce125e91e4bf9810d91d1f1a3d8316328dd2626040af09892f1241c6645537ebfbeb752afba5e8171f487edba97aa92404973d4e8d09254abd2b70bdadd9b98fa3c33355295a5c474e9b2f017a6636233a382e8ef4e73506880e2a588bf257b6bb11e57cd9e75e45ef609ba583f3a6b1f2f94c7a0443dc0a8906a13e0188b61550cd296e4c63faf45bf7aed852f68ffed377302da3f73d89e4274a64667636bf00e8e4408a8407e098aeeed98e545b9aef40896c8070a76aaa0042162979ec0b7b69b4ee701100d66d3e7d25a48c59989424522889b32e4f18676475782e86d652d2eb836c326b46b8544bb755eeb14727e5ca25875f7b9ae1c113068be55a1521cb4edefef34a7a4cabc3639e456c94f01d78c059c441ce2c468e7b39b56555ad5cd6a14df8e3518e4e1970fbd6f586ce46c51c4d9ad20c3f7f5048c071994e807f19b7176290a82406dd0ad3f0b64350bbce79b223f27ed99f819def43a33696c0739e09030460a5a5d04d251adfbde1af7a485894d3d30c79d49796a9a5e077aeddba1303f3e3a3187298c88da70885e2a9dc966eb69a6439e2d3b1934ae6e8ea328497d87a9dbbddbdbf12b0c582ca4ffe1f25cdcf89a6ccdb31880776ab808b4f050ae02adf70f64c73ab2a3b1c4da69950ab4f7bcf9cc22f81b99694a7783b792facd8197904c12d3776de5184afa143ee23eee82aab2ac79b25503e0692f3463e5c363e0b4b5f31af82898009f7da13d4f249a70de40314c003e7e59dfb233bc44d0316df3e45af806d216ca76a58417ff8abcdf7cfea2da8868c496cdec8f47c451ccdc8908c5e8c1039b6bfa8751637c29fdd9b7dc76279dea5ad7455af4db3394a34cb9be8b9bf1105862108f920c44d029c3372e77c44a25d06cba956da65ee40abe32b8b557e123fddaa87b4ed5ab3485eb11f13c61072720d4adbb937c336f2b60525933b6d49e7c6751f0769377bdcef02abe63639b17a6780a4afccc8067403aeea42726f253ec97994dcf55358e6faa3e622344dfc613f8be96714d5c49633d7b74b9a72883985782ea8691d26da620d905f3583adbd9d527d93f1ce623bcf70d98a0455ff80fb1d472c6fc6bf0390e81b8d755b196e94fb73bcc883f5f310043c5138c95c5d7079c24d5bc5876b422f46a2bb17aee407bf7a55dbbdb253e2865c1b91839737c37142a8fe8bdbc0a7bf89a392da717a5ed87af754052b1d0a1a37313b00cf3b4aad91ce7fa7777b1851121a63e374865b238ddf9a7ebd20641a719c68682b97e3c5126e732800c04cdb627bd415efbb7e5e19917bf4bd53f072b7ec2eaa0128b56e069a32e9f729718fa4a7212ab0fd1e5d3582a5723a704d84a88c235b44812849301ee8155cea471028beea1918cb1f4118728718674cca9dcc58bafcdb9379c57e9333ab348b30a801aa2f5c05c3107e52613cf0f591781ddb5e1e4844633057a26bb3179c31b5664db4bb8c6d762c7b9886317ab6e9e301de67f12085547ad2a20d1d63d361c2bcd66be2e25fe104f8b53b7cf89d90d456f063da31f60078b760ce340f9c9a8e8da113b6c6e3c53e666488d75ab209dbe31ecb531553f17446a29edc465ed22aee2d4c013ee8a4d935c0cd92bcba9e5a56a6c19ac114d12db58bcf5f931a7b282404af34fee464f4c28e16dab834de98dd57b107e45fa66b26c32fd94e848aef6e4a2a65fd4fbead1b1d445d6c343bf50d785e664220371e27566646e284c6a3b07c14c0c5b84b5cd1a01a84d655f8dd72ab8e3d0c48e67596f605cd4a50b5fde9b182792d7ee8ee457eb6666aadea80563b4d176933cc482f75cb98a8dde4a414041187cfb2abe3e5077f23c98bafd0afb8b023e0cb26efc1488dd98a51a19dc93412b5fd91c4e06439b6d2d20a174989f860de6b1be55923a11e5893d30fae74a625f777ef9362e64b529c964b5c0b5817a579a647ded28582c45f965e52e1f76084267c73f8fce8037b22c2496ee6674f56056d9c691eab831c831a27fccd90f961e949a51c90a80b677d11e70d01744f9632cc26b7e6476b8c92a688ec8e1280ea8b795eae7ee61e2735045b9ea516af752b35388a6c3ed98cfbc4e74c8d0717dc31eac87b6a9c06f0d4f412e8e1155ce48cec6d9c106f3013329596a2d43ffe7f942cb7b7449f38620a8a9e5138b5d5d03c8a563446e4dfb1905d841f7a350d6c67d85652297db21b3dd3291b795c90276ccc50eaf513f3ff9480b3d2c0096e92c93cbbea680833cfa630d72c4f5a21ef0f81910b8a5ef77d62175d3abf5b3417cce43e3c53bb84ee1f5e354b2d79c2b46e3bdb2ffb15420e7a28c800c2591cd331d71c645a6b1bc43f06703164c05f61b4abc0fecbaee510def6340c2bbcc32248655e9161c3e6f01520bb0c53be04c3a3ef4a2dc401663f6719ac758aa297f65d1681652e4ad042d754b054df9cede3ffef7ad2f52184ea6d93d6867cc262b0a413da11c02d0c7c49a663319333d8b29d56cbf630e66b6683ff7f3b1ce5c481d37151626eae761adb77642f802bf0f663f3c322ee17cf01a09f058dbf82d04bdd7c48f34f54392d1dd489891ce28373ae980f74897fe3f90db2a9ccdbe56160fd2517adbc953e88c5fa8981456b87ab9f122321816e0df119f6f6c505f0dcab1c8e6a7f4109055dd80001dd90ea984b80f0b0766bd9772d96ed42d95f219b4a8420d7cf04f28475d7f5d8a8a07b0930c40d0dfc2592f8f54e90a80e0a98d3055f4660b1530565c7f2d91d7d96142da19d644aa7c512e24f83e8305970f9d3fc3b9382ad141f63f2d5b265b7cda258119ca4f553fab11f2fd925a7a24c4021045073d867bb089ca7bcb702bcedbc28781e408cf8bd43498f8661a320d28c95c1fc42635c9e4c4de8787afc70bf5c8bf75e0a2937a9ca2b08c15453f24211168c7fb2a24218fc3f04160c2daaa46ef7fb710606a53228e134f20511169034cec55e77037a108060b8fd10ab9ae228d9ee4d5ab1380cfcb8611e6c9d5dc143db2bc856d967b0b9d0187ba8483f7adbd1092562b2b16420baa5ab6c1f7c02ae56f013e752d9f41df4b4f0b008bc25ff58f816e50bdce308e219068bc898a21f1dd26d7fe7760459629f3615bcf7582c87d296f041fb005a72c7ef4013ccd8ca3bea85db90ae6349f101adb9235dd343be423816b37db2661dde2b9db33800da7599e8a9194fcf06755e2659670c62aba1d5a01172a416a0296bade0b32e69b0ee60dd6cd1eecca4335eb0416df6ded75049a14660276df47bb4f224e087235742e90ddf6f57827a0cf26d71b9338f2ff5166bea85a7639de6ac97ec829a7d071fac1f4b27c6c23e952adb5536b45a68e75c1c1a6d44508be6f4b87c5bb880a6baad5faecd1fd6730783d8729c2d89b23a3f2f9b79b78f7fcb70a7812607b25b17ae857e65f205ad5dd87a34e52c6e9611f588236bdc59d816f277aa8cd4a19750461d3e82c8621181b803900d1df439babcf4909168d4125a7c962ceac2f834d79460f17f92f415a85ad7e12da4b76105bceb4641fc87da7797fee092828f6e9e42631fd5c87046ebe5c4044663a31a1b39a6f6a53ee2b7fbc3eede57619535b1011c10d2d5a97c781c44bb6e493287528bc5281496f1aee3c746e09aeef0b2d38bdd33e37446c1f7516767ecbe298b78ef8e03336a08a1a9e62805140573b034459a445240aff04593539aa97056957f3dec9c43e50a1bce1b9c8e860940e03ae39e8f76fb80ae746f7fa4ed0b050c9e08a788e666e9f18bc8e83c64ee3ea04eb9f1c1dd92b3be73d18cc53bca76ba4688b48c13982ae6d25fdd9b5b85612d5b706c9b9d7c6cca91141313356f0d7b859da0de669fb52a829014a0fdde51df658303ce085222a42ad624ee6c659ec94e0d0713b2d3c3becb53c6f76d30530e6129943e20361a7c9f7847f79cb871d866b5277eecc8c1626fe2719c9cf872c0fc78a98e6ca998555721e9abd5bf9e2d1848016e0bd3202c44575c688837136e71e85765d677e0f2b081707a4e7e22bef50b9280a1a5ea549022ef2a9fed989f156198975302608dffd03f8f1186a12585d4670ce868f0c96be37416b9132144f65c9abe8b00894d7a7e6d0a8554e09139ec2a0eb6d4f00c637684602c106257f5abe816e068e0f6f3e94a916ff41e23b6baa4876931209a6b0bce1f6fa8d1965665d3dc42e5c6b011bdb5144fa5fe4879779ac9dffe0843cf49806ecbb615b818e54c6dfe4d12ccae5b12b0ce87909c1e852e8d7587d1ee24c2575af61eb0b667c37b6d15b88121974598ac23cbc66503f95cf01a7a1e217f0712c4cc4e5fc22e83e3aa375eda531a73828eba91223d7de1194af730bbf2c1ed5ec47ecdf465b1794971010ff8c8771c488a1d3f98292b5d2ea9625e52589aaf7212fcdddcc0f1681b785911fcc64a6427358e4307a3d8bc583dd635ba5c41eeae96e0b6bc5236a1f539d291e568d5a0aee25ffbaa73d0cb84bf558cbf6d04b16ef7e97617b42d07100d82fda6f75dcade611e459bdb4773bf2b70e90a8add2bfe6ea6d3a4427940fef6c81931762dbea6678fc63e50c4430227b15cf184dbae4c3b2d8096292c17f701c560ac7cb33efe7d79d0c2a3c0c06e22d4e84e9e959697879f0d27df460046fc20394655cfa19793256cd9074f1c5f8ef530af537164e0e43184f921d56094fa7c7744af35821a5833c9b9d56fcf525a39fc795cf33f14705d0c7087c081bf11ad29e4d6c8f6cbbb3a0d873262b89cfc54d4cec42c3e13a5ba604df942bf8b4eef7cdae1c0e2970edb7ea6437618e6f8312a745ca8bbf0c42df103f42c824ab4e77e8b118e2b9a84568ed3d4aa3800011d02be29c032192719635a1c6c28315b27368f6ffe852bbd661c351cbfbf97b1b36d52371a4ce57e5eb6e4b13cd01b022de1770a5b1cab0fe548092a16e04de76fb8d29d69a1c55f8aa11b34bd6f018d283a9a7c0338b8c1900e21c0054616ade6b56d0fe3379f1a8dec38b85fa8e74e9bb5df4287d037f77bad30de89ea87b03d40c3a1618db1073c07032f6d22f8a264cbf0c1113689308a2fcd7299603a64f884cb03f8c5f0e61e4981d2baac3d50975cb917b815efe2f7eda88f1cef1f34997f0819a92051c1d9eac3ef05de25a2b4d5f65619b4ea377180c541f2afbfa5c8fdae59f8e3a7635d2b30c4c759c32e570b8d9ec03b4aab65503e81e545dd41f593615cfedcf009424ae4854de3a9111115cb254608bc2666b18c85698ac193a9799f1a1f6098288b42dd2684db37e0d3b023ac9b417263b1566acd6d951df147e83db8e909b39bb6a1aa3fcc1c1a20795521b84e0884254b2524ebf0321e5709e7a79f2d62309247b7b24ec71553a9ab9daccacac1a8bd6019b7703c0ed468379640ac6e764ededb2fefaa2f88e15fc97ec6f16007f540cd7a57c7726f4aa9ff6640cc7f5d71a6c12048f98a9071ffd594f17e42e7336ab6d0fd429328df1238e5eb4ebe4f9d8ef01fbcfe8f53eb3f6defd4c7cb40b3772ea2f2130b655d2ad3643977cafa991bbc6aa2aaa2879a3c2d1dace3ec034beb3d06f0a09429b3fd1ac06870dde4ab97b7d5d7ff1394577a6bea7a3a53ca883a16c98d574ddad00de5dfe9f75369be7686a4badf44f4d9b110846b6ffca67f63973186433f6bc3691b580cdc689c159064c55a974fb849f56fd2f9cbe4738e0a1a8a764467dc1d3723278ee1ea573fad98a5318104218d359d89579614592fa6ae7cc4720e6ed71706fdc4c707b03ff77454daf4505700f249aea0abc909763416d44a069a6d605118ac0c20a325577fe1d8af053673fc72e489d24405281f01b4e2e05e4fa14e68a53294e4b5d201c146ff994cfb7a776ad80828732ee647092c20fe46d917142880318136557c47ff7e31d26f35f407c1e6d4254aae442b233b89dd4c0adcfc92b0f821a5a9dce95a24bed9bb5cd17a5b59d3e82086cdd7a3755064e4de22d8f0f973f4235aa58c6214dab89325638d94d3dc25f3ac4d912ff74be6ad8ef49aa2becede5453a409cc8ed8065dacf28a1a7498f6dd07a3478af093574fdd2d0a4f98d12fe898e47cd0550f1fc42810ed2e4cfe5cc4faa67d965f252aab1bd5c536bf2c936706bc71aae98b93494d364faac72a9a60188a23f15ddf1238896e4848da876789b57ca53cd5b1041612a49de9a64a545a39375aa2a516c4af4744daf65a9c28ffb635ba56b96731b763934afa0651fd6fb65e9f71eb0e6fd54bcfd2bf0118b486e97db512290bdb1dcfca76ed974722e13e5acd0569d5f944de70adf728379094981ffaec43848367ec8cdcc227b266649ced47a03b22016ce42be3a33135229670244cc7b3325ee448c95236d0de4bbf641e1cbb0516edb3f8829e60f91d43f0fe45595d8a99e699252930c7b05ba2ba679f8f46c38f789a7750ffa4eaed19c4c1a33aff60c8926ae42497662a130b83b3211e9399e2565d9f082ec30e26e5b02ea91cf43b0a046f9fe596e5bb2a9c800d761008dc7fced2a510af6b02d3f702fc3e1a98c6a87661f0d353b81bc4435c0d4376cfc74c057bf23febb101252c4eb168d4e347e697c8d0c48a687fb2224d58e5dc68c38de930164aba51e7cb19051fe64603c6b602c02c5cc22c6da1c47d906fa1cbf67312658b201b8f89a377d61695daaeee18eb2fb8caf38280fa8b95cca721afdf33d2c3092af57204bca72c46aeae9e9fc46f0ce76b96bbbb59a8517cb72d68f8b189280b6ce1e2686204913bac1d9aecd77623b7f05475352e57f245197894d767e5f17611bbf1bfe2015c9750e9b3f5ad4ad57be1ac4988c30d90829946b05fc5bd709dbd2590da2e3666294f83336e52758bc12c9d02af342a91fdcfc9144021a783643a9845a4898ee03417329ee0e2dd7bd53f3b23f3f9a10ea643b91b3c2df8438efb22fc894bbcdc408a13dbded7002d9cef6e38bf6dfa16f52f0f24087281a3ae95fb4995131938f9ca80c5f466c7367665e5717c823b318f43e7a3e2e8fe9c2e74959ca3d53b79fa45ac778d0a99351a1919b1c9ddfda10d61487fc5a2b8227493b14e2ea9fa41db870deb1700eb46665424fbc3f21c5d7ad61089ad0f99aadcca2a97d46fd091cf21d95674c3cf48f2724a89299b5342ebf8b18770e61c449455f77cacc5b2e0123005cc296acfc28e42e3d3b426469e39def114d6071a3f015f94dd8eab597dc4cf6109f2aeba0639ffe3f66f15ddaa74460a884a5c067e1e6f8d961ff32518e7571d53ae36badcaca50258a15743e67fb35e062e697d44ccd4e416010dbe62a1d13319d3ce88dc7826514d0f84cf7ffd5f1dbdbe3534af35bba26c5f951e18b012234a3e1cd22199358ba66421a326af09d36d45c3497c4725c0e8557395376fa9dcbe4c595aef7f822cb160e72138cd610563c382769b64f5da2ae6f62cbf09d24490565d7b88f6fefc30f050e74327b7efc168f040f18110a61cc6ecf73c43c0e9e73fafcfc6079ee68839a8ed710160fdcfd987394a790e01c42c916169e8c6a7af905c15d51f87e88877386b8f8743efe4fffc2dc8fd73b4e8905b428d4cd87d90e93513f19a981b5037370cd634f23859cb7bd6b5632bd25c6873b7195691e0f76fb07fce6e72d4b2b467e57a325febf4bb842820fe6896b23aa2a3eb37697753a3693ee936692e6cd91eae410bf89192df913f2689adc73b7b35eaf8bf80928c0023b105cbd2be51a08a371be88926636bd590466c218b203fe311d73dd1a8b440133f1ebb8249b4e1f6723b7b18b508dc34acd9da927ea60d2dc361c2d14cd43ad3b0137ac32e8988d11d11de19065d02e8012a2ee24891541989d11da87de4383036b757769222af022e86803b64ccd03e4bfe3a9d3b8a5d6522d7b6ade88aca72bc436382cfcba22a426ecb21366d42588e9a68c0d61722617a4706852ef6e5eb42842d127f88dabcb8cd635d621a9082efe0cbb52fffb017c8cbf80e48ad1d8ac4c927bda50be7bbb6a302081951dd7c05142465ef8188774807ba482c155f7b56b663d24c4ad88140ddba388e4d6abda83048db46ad18328c63006d02844189a769167d94265148e06f3eca08dcd81691df655968de44c5931e62f5dcc4aa16b24ceb6e7a2c8783d9918a9be7c72dcd57fbf39f985ac29069241cbe3298d7651124f03bef8e2adcadb0c0e08efb096f72e5df2d3f8e2ea6f9cd2401533469e5099a6faa98acc2f73028eae115b3a771bc7ddd186ee7a634398e206ce9b1262b1dbb80575eac718eade048bc01ac1d410e21393dada6c1ced94c411fc19ccacdd175996501d66819b491fef65697f736ecc3a4c32f3675d1f90c8e4d44a1ba6048e77fa24d6998ad88da3cf5de223446d53dd72981c19d5915af69b9a7b9bdf35114ac1cee66b9f3f6df4b9a2d2c017d44443a28badca61b1e8db627d967827ebf32c8642b7de41508c15538b6cdf0284f1a94e8d9fcaa086236f11fb1689d57d500423a0c1d362a4fd57e5efa8858c237a0b58210b4df2b6f10fb01ff8b305cb69e65120c716970e1752cae51022a068b9ac2b7775ac415c56d31536c9f1eca654ec89d7ed00855b2d2564a74bf1a0a3b75cbeadad89fd4ce7e0a83a565c6d69077f026dd40ee186fb496d575c5f5d2f4f84e0efd6bca34f070b185903c7fcd6478f467b73687dee0b765477cc474cbe7f067d1f655efe1fac24a6cda9ed82dee343a36f5ce3894587937f31a14dff66e8384bb3c9adebb753f782570a894e09a38c096f523fbdfb7e0c09026fa023c8dc9e5822410d8343afd647a91130744017166a9b195996ee871eb284279fa725f7af7f853eb85bce100cfade5d458c4e166c839e4c1a86", 0x2000, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0x78, 0x0, 0x0, {0x7, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x5, 0xc000, 0x0, r2, 0x0, 0x0, 0x857f}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
chmod(&(0x7f0000000080)='./file0\x00', 0x1)

4m31.635510139s ago: executing program 2 (id=5741):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@typedef={0x3}, @var={0x4, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x0, 0x0, 0x61, 0x2e]}}, 0x0, 0x3a, 0x0, 0x1}, 0x28)

4m31.474677935s ago: executing program 35 (id=5741):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@typedef={0x3}, @var={0x4, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x0, 0x0, 0x61, 0x2e]}}, 0x0, 0x3a, 0x0, 0x1}, 0x28)

1m21.728860429s ago: executing program 6 (id=8908):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000003680)=""/4098, 0x1002}, {&(0x7f00000009c0)=""/112, 0x70}, {&(0x7f0000000200)=""/165, 0xa5}], 0x3}, 0x0)

1m21.625066336s ago: executing program 6 (id=8909):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x6, &(0x7f0000006680))
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

1m21.579414945s ago: executing program 6 (id=8911):
r0 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
r1 = fanotify_init(0xf00, 0x2)
fanotify_mark(r1, 0x105, 0x8971, r0, 0x0)
rename(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file1\x00')
readv(r1, &(0x7f00000005c0)=[{&(0x7f0000000000)=""/88, 0xfffffdf1}], 0x1)

1m21.53113313s ago: executing program 6 (id=8912):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[], 0x85, 0x677, &(0x7f0000002100)="$eJzs3c1vHGcdB/DvrNdONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+Mit0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387szu422gD/t65dSPNhily78MZyub62OtNeW52526snOZakkTS7RYr/dDqdj5Or6S55udxYD1fsdJwHC7NvffLZ2qfdtWa9VPs3xnbpN5yVesm5JGN1+bjGu77XeMf3Gq7oZ6ZM2Ple4mDUxpN0Kv960N3yk789028Z0Nqu955nPnAEFN3XzS0mkxP1hV7eB3RfFbs3AkfayqgDAAAAgAPw7HrWs5yTo44DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjpL69/+Lemn06udS9H7/f6Lelrp+uJzd3+4Pn1QcAAAAAAAAAHCAzq5nPcs52VvvFNV3/q9WK6eqv1/Ku7mf+SzmYpYzl6UsZTHTSSYHBppYnltaWpzu9+z9nwFbe17etuflPQI9VpetxzFrAAAAAAAAAHjq/DLXNr7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAw6BIxrpFtZzq1SfTaCY5nmSi3G8l+UevfpQ9HHUAAAAA8AV0htzv2fWsZzkn+/2K6j3/i9X7/uN5N/eylIUspZ353Kg+C+i+62+src6011Zn7pbL1nG/++99hVuNmO5nD9sf+Uy1Rys3s1BtuZjreTtFcSONqmfpTC+e7eP6RRlT8XrX+JCR3ajLcuYf1uUWH+xrsjvZ54cpk1VGxvsZmapjK7Px3O6Z2Oejs/lI02n0gz216UibJvFIzl8f8ngn6rKcz293yvlIbM7E5YGz78Xdc5587c9/+PHt9r07t2/ev3B4pjScsbrsPq+0tmZiZiATLz3NmdhiqsrE6f76tfwgP8qFnMubWcxCfpq5LGU+5/L9qjZXn8/FwCW/Q6auPrL25l6RTNRnaPfBejSm7BHTq1Xfk1nID/N2bmQ+r1X/Xc50vpUruZLZgUf49BDPtI0drvrOl7cN/vzX60orye/qsnKrudfEn7Ayr88N5HXwOXeyahvcspGl5/fxetTL0h93D6X5lbpSHuNXdXk4bM7E9EAmXtg9E7+vnlbut+/dWbw9985wh3v+w7pSXke/OVSvEuX58nz5YFVrj54dZdsLddt4tWzka6L+xqXbr7Gl7XS/rXulrux4pU7U93BbR7pctb20bdtM1XZmoG3z/Va7fz/0NHz5A/DUOvGNExOtf7b+3vqo9evW7dYbx7937NvHXpnI+F/Hv9OcGvtq45XiT/koP994/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx+9997/85cuz2/uKnS6XQ+2KHpKFd6P2d2gAd9+ZlkVFOeSHI4Mv/fTqdTbykOQzy7VzqlY+l8zu5/STLczs0k2zWdHX0SRvzEBDxxl5buvnPp/nvvf3Ph7tyt+Vvz92avXJmdmr3y2sylmwvt+anu31FHCTwJGy/6o44EAAAAAAAAAAAAGNZB/HOCnY9+/CCnCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxR1y6k+TBFpqcuTpXra6sz7XLp1Tf2bCZpJCl+lhQfJ1fTXTI5MFyx03EeLMy+9clna59ujNXs7d/Yrd9wVuol55KM1eXjGu/6Fx6v6M+wTNj5XuJg1P4XAAD//wBtBiI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_ext_remove_space_done\x00'}, 0x10)
ptrace$cont(0x21, r1, 0x80000001, 0x4)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x69000}], 0x1)

1m21.351904715s ago: executing program 6 (id=8916):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000001480)="3b5250dd8df768c581177cc96346a125c5baecd7e46618851e723e8ef1628f8e5c9fff1954ad6617c17fd0658b4c494ab4b9c82de21662a0d7c3cafc01b397ad6c398c755561984e8ba92704585396a2101125bb2a4d000000611bc84796c8015747ffc90dcf9341cd76ab4a14b4973cd160e90aafad5742f47771132af6fdeea669adfd5eda144f72d4f76ac61d22b1ce9a50ea03ad3da013f422f4c9d2006f36a603d147d1b1c9f9a3335bbacf2456a4920edc91cfcb61407f83881444c6396a739081370c528ca8efb700563cb11c552daba453eef0e91c42289fe8543030c836ae13990c8a5f19ad7fc4dca5c45eed6845ecbf867615b443f9a67d9b83837adc5d0ae8ae1fab0dc484f3f5cb6e3ac7e77682defd54b04a8dc1361308af48b1d77fb5eda8d4f3424ae903ddeb9928cf0954f332dd999da4783cd367f937253281c57270b2fcc760c42adaa6b01aaf2d6034505076b5d30a9c98f826fe36e4572850db87fe73f500957d2f5a251dc779c50da665aef5482435d5d6103fb8e2478e39bf0652b8873e9c04ef76c6d4447643839412be0cba352feeff1c72c4bf5523f320d6425ea6b151f022ee69a755817e6cd8d82734d9cf086be941b91d35f1c73dfc4388b15e445c21b602797362799ed6e0fe1f79728577733c7d5ddec1a4b7ce77c200f7934cccdfaa7cc779b183d298116469183427d1ff2eed6bd724855ebdc083762d2a79e6b75056ef9c4f8494e2bb5c30105cf516df6426", 0x21d, 0x20000080, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0)

1m20.157561554s ago: executing program 6 (id=8926):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=ANY=[@ANYBLOB="38010000000101040000000000000000020000002c0001801400018008000100ac14143208000200ac1414000c00028005000100000000000600034000020000240002801400018008000100e000000108000200e00000010c0002800500010000000000080007"], 0x138}}, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x32}}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x4}]}, 0x68}}, 0x0)

1m20.000340628s ago: executing program 36 (id=8926):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=ANY=[@ANYBLOB="38010000000101040000000000000000020000002c0001801400018008000100ac14143208000200ac1414000c00028005000100000000000600034000020000240002801400018008000100e000000108000200e00000010c0002800500010000000000080007"], 0x138}}, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x32}}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x4}]}, 0x68}}, 0x0)

3.208710566s ago: executing program 7 (id=10327):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r1=>0x0})
sendto$packet(r0, 0x0, 0x0, 0x20008801, &(0x7f0000000200)={0x11, 0x8100, r1, 0x1, 0x40, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3d}}, 0x14)

3.135170819s ago: executing program 7 (id=10328):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha512\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56", 0x2)

3.066139621s ago: executing program 7 (id=10330):
setresuid(0xee00, 0xee00, 0x0)
setfsgid(0xee01)

3.00047333s ago: executing program 7 (id=10332):
syz_emit_ethernet(0x6e, &(0x7f0000000180)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x38, 0x6, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x1d, 0x12, "bb9b69de4386bf2ae6a3b321505c68cd"}, @md5sig={0x1d, 0x12, "c52a2d43d2c85500"}]}}}}}}}}, 0x0)

2.925113863s ago: executing program 7 (id=10335):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$unix(0x1, 0x1, 0x0)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r4, 0x5760, 0x3c)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x3, 0x3ffdcf, 0xaf0}, 0x50)
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0xdb, 0x2b, 0xec, 0x20, 0xab4, 0x10, 0x612f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xde, 0x0, 0x0, 0xeb, 0xc8, 0xa}}]}}]}}, 0x0)
r5 = dup(0xffffffffffffffff)
sendmsg$inet(r5, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0}, 0x0)

1.011561719s ago: executing program 5 (id=10358):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00405202000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="01"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000340)={0x0, 0x1}, 0x8)

1.011246035s ago: executing program 5 (id=10359):
r0 = memfd_create(&(0x7f0000000540)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\a\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0Fd\x81\xbe\xbf\by\x7f\xd8X?\n\xf8P&!\x9d0F\x8dp\xf9:?1\xe8T\x13\xfb\x89\xac\\\xd4\xa9\xa3\xac\x80\xddd\xed\xb1I\xfcz\x9aQ\x03\xcdO\xdfn^\xb4\x97\xd1\x8a\x17\x8d\xce\xafg\xa2W|v\xc2\x99\x97X\xd7\x8b\x82Z\xa7\xac\xa4\xb1P\x8c\xfd^\xb8=\xd6Q\x8a\xe2\xed\xaaR\xd9\x1a\xd8\x92\xc8\x1b\xe6f\xd6\xb7rp\x8e\xd7I\xd0lN\xbd\x89\xac&)<\x9d\x8b\xcb\x93p\x90a\xef\xd0?\x02\x93\x83\xb9\xe4b\xfc1@\xde\xd8&\xd0\x8f\xa6G\xe0\xc9\xe9Z\xb4PG\xcf\xed\xf5\x94\x89\x9a\x02\xac\x9d\x1b\x9am\x82L\a,;\xcd\x11,\xf9\xe6\xe1\fa\xfe\xdc\xc0A\xc3\xda\x8f$\x87<\xef\xe2\xc2xP\xfc\xd4\xefX\x8doK\x8aa\x98.\x82!\xf9\rS\x04\xd2\xb4I\x1d=\xf9<\xb0?l\xa5\t\xd1j\"\x1e\xe5\xe0\xad\x14\x97\xde\xa3\x97\x9a\x9bp\'\xd4\xbc', 0x3)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

953.268719ms ago: executing program 5 (id=10361):
r0 = syz_open_dev$media(&(0x7f0000000000), 0x8000009, 0x8800)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000280)={0x0, 0x8, 0x0, &(0x7f0000001d40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x0, 0x0})

896.367173ms ago: executing program 5 (id=10363):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x4, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)

895.997924ms ago: executing program 5 (id=10365):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700"], 0x50)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={r2, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e20, @private=0xa010100}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000002c0)={r2}, 0x8)

849.166902ms ago: executing program 0 (id=10367):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f00000001c0)={0xa, 0x4e20, 0x80000, @private2={0xfc, 0x2, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=[@pktinfo={{0x24, 0x29, 0x32, {@mcast1}}}], 0x28}, 0x4000045)

767.122537ms ago: executing program 0 (id=10368):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000201005)

716.145128ms ago: executing program 0 (id=10369):
syz_usb_connect(0x0, 0x24, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x6, 0x17, 0xd0, 0x20, 0xdba, 0x5000, 0x11bf, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x12, 0x10, 0x89}}]}}]}}, 0x0)

192.426308ms ago: executing program 0 (id=10370):
r0 = socket(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'ip_vti0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)

192.268085ms ago: executing program 0 (id=10371):
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x48e01)
r0 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x11100, 0x3, 0x17d}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000140)="8d376f7b8644126747cb39ecdb9209fb5823ddad01338a2a28a8d11229c8d306d167a92f2dee459030928193239f", 0x2e}], 0x1, 0x0, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r0, 0x4d10, 0x2, 0x2, 0x0, 0x0)

124.416726ms ago: executing program 0 (id=10372):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0x0, 0x10}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x84, &(0x7f0000000000)={0x40, 0x1, 0x9, "ec0b0b4a65177e3a49"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

405.245µs ago: executing program 5 (id=10373):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff", 0x3f}], 0x2}}], 0x1, 0xc2)
r0 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xfffffffffffffddf, &(0x7f0000000000)=ANY=[])
syz_usb_control_io(r0, 0x0, 0x0)

0s ago: executing program 7 (id=10374):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x25dfdbfe, {{@in=@broadcast, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x2, 0x0, 0x0, 0x0, 0xff}, {@in6=@private2, 0x4d6, 0x6c}, @in=@private=0x8010101, {0x0, 0x192, 0x9ba3, 0x2, 0x251c, 0x3, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0xfffffffc}, 0x80, 0x3502, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x800}, 0x0)

kernel console output (not intermixed with test programs):

et for FAT filesystems, filesystem will be case sensitive!
[  589.619682][T22606] loop6: detected capacity change from 0 to 22
[  589.633437][T22606] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  589.668196][T22606] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  590.128546][T22610] loop6: detected capacity change from 0 to 32768
[  590.154468][T22610] XFS (loop6): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  590.176199][T22610] XFS (loop6): Ending clean mount
[  590.243922][T20064] XFS (loop6): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  590.732572][T22653] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6882'.
[  591.480924][T22668] loop6: detected capacity change from 0 to 32768
[  591.496088][T22668] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6890 (22668)
[  591.538130][T22668] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  591.546541][T22668] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  591.549930][T22668] BTRFS info (device loop6): using free-space-tree
[  591.634377][T22668] BTRFS info (device loop6): rebuilding free space tree
[  591.852087][   T33] kauditd_printk_skb: 9 callbacks suppressed
[  591.852105][   T33] audit: type=1800 audit(1755051929.508:10430): pid=22668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.6890" name="file1" dev="loop6" ino=260 res=0 errno=0
[  592.642451][T20064] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  593.708473][T22741] raw_sendmsg: syz.0.6913 forgot to set AF_INET. Fix it!
[  594.621541][T22763] netlink: 'syz.5.6923': attribute type 1 has an invalid length.
[  594.624726][T22763] netlink: 1 bytes leftover after parsing attributes in process `syz.5.6923'.
[  594.656671][T22765] netlink: 'syz.0.6924': attribute type 41 has an invalid length.
[  594.863567][T22761] loop6: detected capacity change from 0 to 32768
[  594.878648][T22761] jfs_create: dtSearch returned -5
[  596.827482][ T5878] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  596.980402][ T5878] usb 7-1: Using ep0 maxpacket: 16
[  596.984270][ T5878] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  596.988369][ T5878] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  596.997855][ T5878] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  597.001101][ T5878] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  597.004227][ T5878] usb 7-1: Product: syz
[  597.005934][ T5878] usb 7-1: Manufacturer: syz
[  597.007874][ T5878] usb 7-1: SerialNumber: syz
[  597.012628][ T5878] usb 7-1: config 0 descriptor??
[  597.016628][ T5878] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  597.021065][ T5878] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[  597.176242][T22835] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  597.592549][ T5878] em28xx 7-1:0.0: chip ID is em2750
[  597.783745][ T5878] em28xx 7-1:0.0: Config register raw data: 0xfffffffb
[  597.789224][ T5878] em28xx 7-1:0.0: AC97 chip type couldn't be determined
[  597.795555][ T5878] em28xx 7-1:0.0: No AC97 audio processor
[  597.804301][ T5878] usb 7-1: USB disconnect, device number 12
[  597.807592][ T5878] em28xx 7-1:0.0: Disconnecting em28xx
[  597.820079][ T5878] em28xx 7-1:0.0: Freeing device
[  598.353666][T22865] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6969'.
[  598.634603][T22869] loop6: detected capacity change from 0 to 32768
[  598.639602][T22869] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6971 (22869)
[  598.645626][T22869] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  598.649131][T22869] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  598.651907][T22869] BTRFS info (device loop6): using free-space-tree
[  598.937916][T20064] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  599.393813][T22924] loop6: detected capacity change from 0 to 1024
[  599.411381][T22924] hfsplus: walked past end of dir
[  600.137561][T22951] kAFS: No cell specified
[  600.400596][   T24] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  600.813248][   T24] usb 7-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  600.816638][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.825351][   T24] usb 7-1: config 0 descriptor??
[  600.832733][   T24] gspca_main: sunplus-2.14.0 probing 055f:c420
[  600.861415][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  601.572773][T22985] netlink: 'syz.0.7015': attribute type 11 has an invalid length.
[  601.604659][   T24] gspca_sunplus: reg_w_riv err -71
[  601.607282][   T24] sunplus 7-1:0.0: probe with driver sunplus failed with error -71
[  601.624674][   T24] usb 7-1: USB disconnect, device number 13
[  602.337948][T22999] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7020'.
[  602.342179][T22999] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7020'.
[  602.346306][T22999] netlink: 156 bytes leftover after parsing attributes in process `syz.6.7020'.
[  603.060491][T23042] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7039'.
[  603.488883][T23048] loop6: detected capacity change from 0 to 40427
[  603.492964][T23048] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  603.496439][T23048] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  603.502060][T23048] F2FS-fs (loop6): invalid crc value
[  603.563123][T23048] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  603.575764][T23048] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  603.578876][T23048] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  604.503408][   T33] audit: type=1326 audit(1755051942.788:10431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23080 comm="syz.5.7055" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  604.511977][   T33] audit: type=1326 audit(1755051942.788:10432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23080 comm="syz.5.7055" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  604.523519][   T33] audit: type=1326 audit(1755051942.799:10433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23080 comm="syz.5.7055" exe="/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  604.532569][   T33] audit: type=1326 audit(1755051942.799:10434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23080 comm="syz.5.7055" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  604.676874][   T24] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  604.943551][   T24] usb 7-1: Using ep0 maxpacket: 32
[  604.950994][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  604.955412][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  604.959694][   T24] usb 7-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00
[  604.964922][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.976323][   T24] usb 7-1: config 0 descriptor??
[  605.420522][   T24] hid-alps 0003:044E:1215.001F: collection stack underflow
[  605.423868][   T24] hid-alps 0003:044E:1215.001F: item 0 2 0 12 parsing failed
[  605.427678][   T24] hid-alps 0003:044E:1215.001F: parse failed
[  605.433184][   T24] hid-alps 0003:044E:1215.001F: probe with driver hid-alps failed with error -22
[  605.566415][    T9] usb 7-1: USB disconnect, device number 14
[  605.766619][T23114] netlink: 676 bytes leftover after parsing attributes in process `syz.0.7069'.
[  605.769927][T23114] netlink: 676 bytes leftover after parsing attributes in process `syz.0.7069'.
[  605.853810][T23120] overlayfs: failed to clone upperpath
[  606.012001][T23137] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7081'.
[  606.015421][T23137] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7081'.
[  606.207817][T23150] loop6: detected capacity change from 0 to 512
[  606.210950][T23150] EXT4-fs: Ignoring removed nomblk_io_submit option
[  606.215340][T23150] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  606.218466][T23150] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  606.221867][T23150] EXT4-fs (loop6): couldn't mount RDWR because of unsupported optional features (80)
[  606.225563][T23150] EXT4-fs (loop6): Skipping orphan cleanup due to unknown ROCOMPAT features
[  606.231490][T23150] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  606.240493][T23150] EXT4-fs warning (device loop6): dx_probe:861: inode #2: comm syz.6.7087: dx entry: limit 65535 != root limit 120
[  606.245150][T23150] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.7087: Corrupt directory, running e2fsck is recommended
[  606.250442][T23150] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 3: comm syz.6.7087: path /300/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  606.280062][T20064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  607.267294][T23163] loop6: detected capacity change from 0 to 40427
[  607.282853][T23163] F2FS-fs (loop6): invalid crc value
[  607.417583][T23176] netlink: 'syz.0.7096': attribute type 3 has an invalid length.
[  607.425333][T23163] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  607.429835][T23163] F2FS-fs (loop6): Start checkpoint disabled!
[  607.432940][T23176] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7096'.
[  607.435718][T23163] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  607.492357][T19541] kworker/u10:3: attempt to access beyond end of device
[  607.492357][T19541] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  607.511943][T19541] CPU: 1 UID: 0 PID: 19541 Comm: kworker/u10:3 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  607.511973][T19541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  607.511981][T19541] Workqueue: writeback wb_workfn (flush-7:6)
[  607.512004][T19541] Call Trace:
[  607.512009][T19541]  <TASK>
[  607.512015][T19541]  dump_stack_lvl+0x189/0x250
[  607.512035][T19541]  ? __pfx_dump_stack_lvl+0x10/0x10
[  607.512049][T19541]  ? __pfx_queue_work_on+0x10/0x10
[  607.512060][T19541]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  607.512119][T19541]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  607.512142][T19541]  f2fs_handle_critical_error+0x37c/0x540
[  607.512163][T19541]  f2fs_write_end_io+0x886/0xb60
[  607.512192][T19541]  __submit_merged_bio+0x27a/0x6a0
[  607.512209][T19541]  __submit_merged_write_cond+0x255/0x530
[  607.512227][T19541]  f2fs_write_data_pages+0x261d/0x3000
[  607.512266][T19541]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  607.512292][T19541]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  607.512334][T19541]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  607.512349][T19541]  ? look_up_lock_class+0x74/0x170
[  607.512370][T19541]  ? trace_f2fs_writepages+0x7f/0x200
[  607.512386][T19541]  ? f2fs_write_node_pages+0x478/0x6e0
[  607.512404][T19541]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  607.512426][T19541]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  607.512442][T19541]  do_writepages+0x32e/0x550
[  607.512462][T19541]  ? reacquire_held_locks+0x127/0x1d0
[  607.512474][T19541]  ? writeback_sb_inodes+0x384/0x1010
[  607.512495][T19541]  __writeback_single_inode+0x145/0xff0
[  607.512512][T19541]  ? do_raw_spin_unlock+0x4d/0x240
[  607.512530][T19541]  writeback_sb_inodes+0x6c7/0x1010
[  607.512564][T19541]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  607.512609][T19541]  ? rcu_is_watching+0x15/0xb0
[  607.512630][T19541]  wb_writeback+0x43b/0xaf0
[  607.512650][T19541]  ? queue_io+0x331/0x590
[  607.512668][T19541]  ? __pfx_wb_writeback+0x10/0x10
[  607.512689][T19541]  ? _raw_spin_unlock_irq+0x23/0x50
[  607.512706][T19541]  wb_workfn+0x409/0xef0
[  607.512729][T19541]  ? __pfx_wb_workfn+0x10/0x10
[  607.512747][T19541]  ? __lock_acquire+0xab9/0xd20
[  607.512773][T19541]  ? process_scheduled_works+0x9ef/0x17b0
[  607.512790][T19541]  ? _raw_spin_unlock_irq+0x23/0x50
[  607.512801][T19541]  ? process_scheduled_works+0x9ef/0x17b0
[  607.512813][T19541]  ? process_scheduled_works+0x9ef/0x17b0
[  607.512827][T19541]  process_scheduled_works+0xae1/0x17b0
[  607.512860][T19541]  ? __pfx_process_scheduled_works+0x10/0x10
[  607.512892][T19541]  worker_thread+0x8a0/0xda0
[  607.512906][T19541]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  607.512925][T19541]  ? __kthread_parkme+0x7b/0x200
[  607.512947][T19541]  kthread+0x711/0x8a0
[  607.512971][T19541]  ? __pfx_worker_thread+0x10/0x10
[  607.512982][T19541]  ? __pfx_kthread+0x10/0x10
[  607.512999][T19541]  ? _raw_spin_unlock_irq+0x23/0x50
[  607.513011][T19541]  ? lockdep_hardirqs_on+0x9c/0x150
[  607.513023][T19541]  ? __pfx_kthread+0x10/0x10
[  607.513039][T19541]  ret_from_fork+0x3fc/0x770
[  607.513054][T19541]  ? __pfx_ret_from_fork+0x10/0x10
[  607.513098][T19541]  ? __switch_to_asm+0x39/0x70
[  607.513115][T19541]  ? __switch_to_asm+0x33/0x70
[  607.513129][T19541]  ? __pfx_kthread+0x10/0x10
[  607.513144][T19541]  ret_from_fork_asm+0x1a/0x30
[  607.513172][T19541]  </TASK>
[  607.513178][T19541] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  607.892328][T23195] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7106'.
[  607.901623][T23197] loop6: detected capacity change from 0 to 164
[  607.910638][T23197] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  607.915606][T23197] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  607.921515][T23197] Symlink component flag not implemented
[  607.923637][T23197] Symlink component flag not implemented
[  607.926033][T23197] Symlink component flag not implemented (7)
[  607.928363][T23197] Symlink component flag not implemented (116)
[  608.052942][T23205] sctp: [Deprecated]: syz.6.7110 (pid 23205) Use of int in maxseg socket option.
[  608.052942][T23205] Use struct sctp_assoc_value instead
[  608.218130][T23223] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7119'.
[  608.585588][T23242] sch_fq: defrate 4294967295 ignored.
[  608.660547][T23244] sch_fq: defrate 0 ignored.
[  609.025737][T23260] JFS: charset not found
[  609.305129][T23285] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7145'.
[  609.367300][T23289] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7145'.
[  610.203557][ T5858] Bluetooth: hci2: unexpected event for opcode 0x041c
[  610.279035][T23350] netlink: 'syz.0.7176': attribute type 1 has an invalid length.
[  611.454104][T23407] netlink: 'syz.0.7203': attribute type 21 has an invalid length.
[  611.458193][T23407] netlink: 156 bytes leftover after parsing attributes in process `syz.0.7203'.
[  612.706951][ T5878] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  612.852471][ T5878] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 64, changing to 10
[  612.859276][ T5878] usb 7-1: New USB device found, idVendor=0c70, idProduct=f011, bcdDevice= 0.00
[  612.865531][ T5878] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.882266][ T5878] usb 7-1: config 0 descriptor??
[  613.084160][T23439] Bluetooth: hci0: unsupported parameter 4096
[  613.086560][T23439] Bluetooth: hci0: invalid len left 4, exp >= 243
[  613.094459][ T5878] usbhid 7-1:0.0: can't add hid device: -71
[  613.098614][ T5878] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  613.106991][ T5878] usb 7-1: USB disconnect, device number 15
[  613.126322][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  613.682966][T23502] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7247'.
[  614.129102][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  614.259580][T23529] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  614.269189][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  614.272311][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  614.401908][   T33] audit: type=1326 audit(1755051953.181:10435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23536 comm="syz.6.7264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2daab8ebe9 code=0x7ffc0000
[  614.415141][   T33] audit: type=1326 audit(1755051953.181:10436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23536 comm="syz.6.7264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2daab8ebe9 code=0x7ffc0000
[  614.429177][   T33] audit: type=1326 audit(1755051953.202:10437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23536 comm="syz.6.7264" exe="/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f2daab8ebe9 code=0x7ffc0000
[  614.460868][   T33] audit: type=1326 audit(1755051953.202:10438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23536 comm="syz.6.7264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2daab8ebe9 code=0x7ffc0000
[  614.479084][   T33] audit: type=1326 audit(1755051953.202:10439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23536 comm="syz.6.7264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2daab8ebe9 code=0x7ffc0000
[  615.117981][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  615.316624][ T5856] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  615.459461][ T5856] usb 7-1: Using ep0 maxpacket: 8
[  615.462912][ T5856] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  615.465803][ T5856] usb 7-1: config 0 has no interface number 0
[  615.467853][ T5856] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  615.472485][ T5856] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  615.476677][ T5856] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  615.480888][ T5856] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  615.485807][ T5856] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  615.489370][ T5856] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.492759][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  615.499788][ T5856] usb 7-1: config 0 descriptor??
[  615.506102][ T5856] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  615.776449][ T5856] usb 7-1: USB disconnect, device number 16
[  615.779138][    C0] ldusb 7-1:0.55: usb_submit_urb failed (-19)
[  615.784270][T23570] ldusb 7-1:0.55: Couldn't submit interrupt_out_urb -19
[  615.790338][ T5856] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[  615.992020][T23584] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.7286'.
[  616.108755][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  616.258138][T23613] netlink: 36 bytes leftover after parsing attributes in process `syz.5.7299'.
[  616.709749][ T4622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  616.713241][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  617.293373][T23659] loop6: detected capacity change from 0 to 1024
[  617.328344][T23659] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  617.333375][T23659] ext4 filesystem being mounted at /374/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  617.341499][   T33] audit: type=1800 audit(1755052212.277:10440): pid=23659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.7322" name="file1" dev="loop6" ino=15 res=0 errno=0
[  617.357115][T23659] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  617.371188][T23659] EXT4-fs (loop6): Remounting filesystem read-only
[  617.406289][T20064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  617.455387][T23668] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7325'.
[  617.459327][T23668] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7325'.
[  617.751003][T23685] sctp: [Deprecated]: syz.5.7333 (pid 23685) Use of int in max_burst socket option deprecated.
[  617.751003][T23685] Use struct sctp_assoc_value instead
[  617.770992][T23687] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7331'.
[  618.164780][ T5878] net_ratelimit: 1 callbacks suppressed
[  618.164791][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  618.367865][T23699] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7339'.
[  618.482544][T23703] loop6: detected capacity change from 0 to 1024
[  618.486412][T23703] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  618.491308][T23703] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  618.496329][T23703] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  618.508756][T23703] EXT4-fs error (device loop6): ext4_free_blocks:6696: comm syz.6.7341: Freeing blocks not in datazone - block = 0, count = 4096
[  618.523217][T23703] EXT4-fs (loop6): Remounting filesystem read-only
[  618.526399][T23703] EXT4-fs (loop6): 1 orphan inode deleted
[  618.530357][T23703] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  618.585392][T20064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  618.594396][ T1131] EXT4-fs (loop6): Quota write (off=3072, len=1024) cancelled because transaction is not started
[  618.598792][ T1131] Quota error (device loop6): write_blk: dquota write failed
[  618.601919][ T1131] Quota error (device loop6): free_dqentry: Can't move quota data block (2) to free list
[  618.946764][ T5878] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  619.074068][T23740] netlink: 104 bytes leftover after parsing attributes in process `syz.0.7358'.
[  619.151968][T23746] netlink: 'syz.0.7361': attribute type 29 has an invalid length.
[  619.224543][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  619.228639][T23750] netlink: 6032 bytes leftover after parsing attributes in process `syz.0.7363'.
[  619.235401][ T5878] usb 7-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1
[  619.240929][ T5878] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  619.244123][ T5878] usb 7-1: Product: syz
[  619.245681][ T5878] usb 7-1: Manufacturer: syz
[  619.247418][ T5878] usb 7-1: SerialNumber: syz
[  619.252993][ T5878] usb 7-1: config 0 descriptor??
[  619.593877][ T5878] int51x1 7-1:0.0: probe with driver int51x1 failed with error -22
[  619.606198][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  619.609787][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  619.719819][T23760] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7367'.
[  619.790537][ T5878] usb 7-1: USB disconnect, device number 17
[  620.215264][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  620.301119][T23787] netlink: 384 bytes leftover after parsing attributes in process `syz.0.7374'.
[  620.305402][T23787] netlink: 'syz.0.7374': attribute type 2 has an invalid length.
[  620.817390][T23804] netlink: 'syz.6.7385': attribute type 30 has an invalid length.
[  621.204193][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  621.546921][T23823] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7393'.
[  622.022501][T23853] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7408'.
[  622.025703][T23853] netlink: 312 bytes leftover after parsing attributes in process `syz.0.7408'.
[  622.194788][   T70] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  622.197633][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  622.201784][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  622.245132][T23869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7416'.
[  622.720566][T23873] sp0: Synchronizing with TNC
[  622.740359][T23872] [U] 
[  623.185626][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  623.212199][   T33] audit: type=1326 audit(1755052218.428:10441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23897 comm="syz.0.7430" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  623.213688][ T5856] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  623.229334][   T33] audit: type=1326 audit(1755052218.439:10442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23897 comm="syz.0.7430" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  623.251812][   T33] audit: type=1326 audit(1755052218.449:10443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23897 comm="syz.0.7430" exe="/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  623.269237][   T33] audit: type=1326 audit(1755052218.449:10444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23897 comm="syz.0.7430" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  623.297927][   T33] audit: type=1326 audit(1755052218.449:10445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23897 comm="syz.0.7430" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  623.375274][ T5856] usb 7-1: Using ep0 maxpacket: 16
[  623.383655][ T5856] usb 7-1: New USB device found, idVendor=1943, idProduct=2257, bcdDevice=91.ed
[  623.393706][ T5856] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  623.397040][ T5856] usb 7-1: Product: syz
[  623.398416][ T5856] usb 7-1: Manufacturer: syz
[  623.399971][ T5856] usb 7-1: SerialNumber: syz
[  623.408746][ T5856] usb 7-1: config 0 descriptor??
[  623.415480][ T5856] s2255 7-1:0.0: Could not find bulk-in endpoint
[  623.417824][ T5856] Sensoray 2255 driver load failed: 0xfffffff4
[  623.420051][ T5856] s2255 7-1:0.0: probe with driver s2255 failed with error -12
[  623.505306][T23922] openvswitch: netlink: Message has 16 unknown bytes.
[  623.608918][    T9] usb 7-1: USB disconnect, device number 18
[  624.173148][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  624.179416][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  624.184582][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  624.190278][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  624.195288][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  624.198497][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  624.201875][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  624.206563][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  625.490278][    T9] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  625.597879][ T4622] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  625.602075][ T4622] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  625.633745][    T9] usb 7-1: Using ep0 maxpacket: 32
[  625.643590][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  625.648187][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  625.653064][    T9] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  625.654245][T24017] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7484'.
[  625.667588][    T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  625.671323][    T9] usb 7-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  625.672896][T24017] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7484'.
[  625.674897][    T9] usb 7-1: Product: syz
[  625.680275][    T9] usb 7-1: Manufacturer: syz
[  625.685183][    T9] usb 7-1: SerialNumber: syz
[  625.694628][    T9] input: appletouch as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/input/input37
[  625.887209][    T9] usb 7-1: USB disconnect, device number 19
[  625.898713][    T9] appletouch 7-1:1.0: input: appletouch disconnected
[  625.945157][T24028] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7489'.
[  625.971690][T15608] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  625.975449][T24028] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7489'.
[  625.995321][   T13] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  626.005587][   T13] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  626.009362][   T13] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  626.563836][T24044] loop6: detected capacity change from 0 to 2048
[  626.568982][T24044] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  626.643336][T24050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7500'.
[  626.718238][T24060] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7505'.
[  626.725406][T24060] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7505'.
[  626.735619][T24060] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7505'.
[  626.894655][T24073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7511'.
[  626.898500][T24073] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7511'.
[  627.772031][T24091] team0: Device team_slave_1 failed to change mtu
[  628.355782][T24132] loop6: detected capacity change from 0 to 1024
[  628.380923][T24132] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  628.501709][T20064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.010069][ T5885] net_ratelimit: 14 callbacks suppressed
[  629.010083][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.172367][T24163] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  629.689006][ T5878] IPVS: starting estimator thread 0...
[  629.797130][T24184] IPVS: using max 36 ests per chain, 86400 per kthread
[  629.835034][T24194] lo: entered allmulticast mode
[  629.838077][T24194] tunl0: entered allmulticast mode
[  629.843014][T24194] gre0: entered allmulticast mode
[  629.854450][T24194] gretap0: entered allmulticast mode
[  629.870761][T24194] erspan0: entered allmulticast mode
[  629.877638][T24194] ip_vti0: entered allmulticast mode
[  629.894524][T24194] ip6_vti0: entered allmulticast mode
[  629.906175][T24194] sit0: entered allmulticast mode
[  629.919945][T24194] ip6tnl0: entered allmulticast mode
[  629.937081][T24194] ip6gre0: entered allmulticast mode
[  629.948456][T24194] syz_tun: entered allmulticast mode
[  629.975011][T24194] ip6gretap0: entered allmulticast mode
[  629.977599][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.998026][T24194] bridge0: port 2(bridge_slave_1) entered disabled state
[  630.001159][T24194] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.027499][T24194] vcan0: entered allmulticast mode
[  630.031192][T24194] team0: entered allmulticast mode
[  630.035181][T24194] team_slave_0: entered allmulticast mode
[  630.037303][T24194] team_slave_1: entered allmulticast mode
[  630.041336][T24194] dummy0: entered allmulticast mode
[  630.057841][T24194] nlmon0: entered allmulticast mode
[  630.071087][T24194] caif0: entered allmulticast mode
[  630.079278][T24194] batadv0: entered allmulticast mode
[  630.095427][T24194] vxcan0: entered allmulticast mode
[  630.109586][T24194] vxcan1: entered allmulticast mode
[  630.119085][T24194] veth0: entered allmulticast mode
[  630.137668][T24194] veth1: entered allmulticast mode
[  630.161862][T24194] wg0: entered allmulticast mode
[  630.183471][T24194] wg1: entered allmulticast mode
[  630.189747][T24194] wg2: entered allmulticast mode
[  630.194471][T24194] veth0_to_bridge: entered allmulticast mode
[  630.209139][T24194] veth1_to_bridge: entered allmulticast mode
[  630.223321][T24194] veth0_to_bond: entered allmulticast mode
[  630.233656][T24194] veth1_to_bond: entered allmulticast mode
[  630.247686][T24194] veth0_to_team: entered allmulticast mode
[  630.261645][T24194] veth1_to_team: entered allmulticast mode
[  630.275016][T24194] veth0_to_batadv: entered allmulticast mode
[  630.282062][T24194] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  630.287187][T24194] batadv_slave_0: entered allmulticast mode
[  630.297541][T24194] xfrm0: entered allmulticast mode
[  630.305687][T24194] veth0_to_hsr: entered allmulticast mode
[  630.315341][T24194] hsr_slave_0: entered allmulticast mode
[  630.321734][T24194] veth1_to_hsr: entered allmulticast mode
[  630.331679][T24194] hsr_slave_1: entered allmulticast mode
[  630.339308][T24194] hsr0: entered allmulticast mode
[  630.347375][T24194] veth1_virt_wifi: entered allmulticast mode
[  630.356878][T24194] veth0_virt_wifi: entered allmulticast mode
[  630.363509][T24194] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  630.368107][T24194] veth1_vlan: entered allmulticast mode
[  630.374144][T24194] veth0_vlan: entered allmulticast mode
[  630.393186][T24194] vlan0: entered allmulticast mode
[  630.395478][T24194] vlan1: entered allmulticast mode
[  630.400280][T24194] macvlan0: entered allmulticast mode
[  630.407570][T24194] macvlan1: entered allmulticast mode
[  630.413077][T24194] ipvlan0: entered allmulticast mode
[  630.415767][T24194] ipvlan1: entered allmulticast mode
[  630.418357][T24194] veth1_macvtap: entered allmulticast mode
[  630.424576][T24194] veth0_macvtap: entered allmulticast mode
[  630.430414][T24194] macvtap0: entered allmulticast mode
[  630.439558][T24194] macsec0: entered allmulticast mode
[  630.445952][T24194] geneve0: entered allmulticast mode
[  630.455935][T24194] geneve1: entered allmulticast mode
[  630.465803][T24194] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  630.473173][T24194] netdevsim netdevsim0 netdevsim1: entered allmulticast mode
[  630.478727][T24194] netdevsim netdevsim0 netdevsim2: entered allmulticast mode
[  630.488057][T24194] netdevsim netdevsim0 netdevsim3: entered allmulticast mode
[  630.496298][T24194] mac80211_hwsim hwsim16 wlan0: entered allmulticast mode
[  630.504594][T24194] mac80211_hwsim hwsim17 wlan1: entered allmulticast mode
[  630.509235][T24194] erspan1: entered allmulticast mode
[  630.518153][T24194] vxlan0: entered allmulticast mode
[  630.520745][T24194] bond1: entered allmulticast mode
[  630.525914][T24194] geneve2: entered allmulticast mode
[  630.530804][T24194] veth2: entered allmulticast mode
[  630.533339][T24194] veth3: entered allmulticast mode
[  630.537544][T24194] macsec1: entered allmulticast mode
[  630.543080][T24194] gtp0: entered allmulticast mode
[  630.549849][T24194] bridge1: entered allmulticast mode
[  630.554347][T24194] veth4: entered allmulticast mode
[  630.556813][T24194] bond2: entered allmulticast mode
[  630.560302][T24194] vlan2: entered allmulticast mode
[  630.563011][T24194] ipvlan2: entered allmulticast mode
[  630.570030][T24194] bridge2: left promiscuous mode
[  630.571697][T24194] bridge2: entered allmulticast mode
[  630.578413][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  630.581541][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  630.586241][T24194] bridge3: entered allmulticast mode
[  630.594708][T24194] macsec2: entered allmulticast mode
[  630.599257][T24194] bridge4: entered allmulticast mode
[  630.601691][T24194] mac80211_hwsim hwsim21 wlan2: entered allmulticast mode
[  630.604825][T24194] mac80211_hwsim hwsim22 wlan3: entered allmulticast mode
[  630.610793][T24194] vxlan1: entered allmulticast mode
[  630.614359][   T13] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  630.618474][   T13] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  630.622338][   T13] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  630.626875][   T13] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  630.718179][T24212] __nla_validate_parse: 1 callbacks suppressed
[  630.718201][T24212] netlink: 32 bytes leftover after parsing attributes in process `syz.6.7574'.
[  630.964377][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  631.022290][T24245] loop6: detected capacity change from 0 to 128
[  631.037347][T24245] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  631.043350][T24245] ext4 filesystem being mounted at /434/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  631.088362][T20064] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  631.199313][T24253] loop6: detected capacity change from 0 to 256
[  631.213198][T24253] FAT-fs (loop6): Directory bread(block 64) failed
[  631.217455][T24253] FAT-fs (loop6): Directory bread(block 65) failed
[  631.219664][T24253] FAT-fs (loop6): Directory bread(block 66) failed
[  631.221788][T24253] FAT-fs (loop6): Directory bread(block 67) failed
[  631.225106][T24253] FAT-fs (loop6): Directory bread(block 68) failed
[  631.227846][T24253] FAT-fs (loop6): Directory bread(block 69) failed
[  631.230567][T24253] FAT-fs (loop6): Directory bread(block 70) failed
[  631.233343][T24253] FAT-fs (loop6): Directory bread(block 71) failed
[  631.245315][T24253] FAT-fs (loop6): Directory bread(block 72) failed
[  631.247627][T24253] FAT-fs (loop6): Directory bread(block 73) failed
[  631.963000][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  632.335593][T24297] netlink: 'syz.5.7614': attribute type 9 has an invalid length.
[  632.353049][T24295] loop6: detected capacity change from 0 to 16
[  632.356502][T24295] erofs (device loop6): bogus i_mode (6) @ nid 36
[  632.418212][T24302] netlink: 'syz.6.7616': attribute type 32 has an invalid length.
[  632.752310][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  632.756048][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  632.946393][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  633.111203][ T5878] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  633.263375][ T5878] usb 7-1: Using ep0 maxpacket: 16
[  633.318780][ T5878] usb 7-1: config 1 has an invalid interface number: 105 but max is 0
[  633.328910][ T5878] usb 7-1: config 1 has no interface number 0
[  633.354925][ T5878] usb 7-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  633.359414][ T5878] usb 7-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  633.363821][ T5878] usb 7-1: config 1 interface 105 has no altsetting 0
[  633.369525][ T5878] usb 7-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  633.372905][ T5878] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  633.376242][ T5878] usb 7-1: Product: syz
[  633.378663][ T5878] usb 7-1: Manufacturer: syz
[  633.380895][ T5878] usb 7-1: SerialNumber: syz
[  633.386488][T24318] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  633.390852][T24318] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  633.781354][T24318] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  633.784592][T24318] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  633.930479][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  633.980714][ T5878] aqc111 7-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71
[  633.985061][ T5878] aqc111 7-1:1.105: probe with driver aqc111 failed with error -71
[  633.993673][ T5878] usb 7-1: USB disconnect, device number 20
[  634.387168][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  634.692276][T24336] loop6: detected capacity change from 0 to 32768
[  634.698770][T24336] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.7628 (24336)
[  634.755364][T24336] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  634.760923][T24336] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  634.767403][T24336] BTRFS info (device loop6): using free-space-tree
[  635.000305][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  635.174778][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  635.178020][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  635.183098][T20064] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  635.307780][T24369] dvmrp5: entered allmulticast mode
[  635.327988][T24369] pimreg: entered allmulticast mode
[  635.379837][T24371] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7638'.
[  635.408627][T24373] netlink: 'syz.6.7635': attribute type 4 has an invalid length.
[  636.043228][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  636.047055][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  636.140927][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  636.218323][T24394] vivid-007: disconnect
[  636.222846][T24393] vivid-007: reconnect
[  636.480783][T24409] nftables ruleset with unbound set
[  636.511616][ T5885] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  636.669449][ T5885] usb 7-1: Using ep0 maxpacket: 32
[  636.677268][ T5885] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  636.687783][ T5885] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  636.696663][ T5885] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  636.703901][ T5885] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  636.730284][ T5885] usb 7-1: config 0 descriptor??
[  636.736531][ T5885] hub 7-1:0.0: USB hub found
[  636.928332][ T5885] hub 7-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  636.984486][T15548] Bluetooth: hci1: command 0x0406 tx timeout
[  637.031599][T24425] netlink: 27 bytes leftover after parsing attributes in process `syz.5.7662'.
[  637.070441][T24427] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7663'.
[  637.121347][ T5885] usbhid 7-1:0.0: can't add hid device: -71
[  637.124084][ T5885] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  637.135449][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  637.150124][ T5885] usb 7-1: USB disconnect, device number 21
[  637.420925][   T33] audit: type=1326 audit(1755052233.357:10446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24432 comm="syz.5.7666" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x0
[  637.503620][T24435] 9pnet_fd: Insufficient options for proto=fd
[  638.046084][ T4622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  638.096380][T24475] netlink: 'syz.0.7685': attribute type 1 has an invalid length.
[  638.340014][T24487] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7690'.
[  638.681352][T24509] netlink: 'syz.0.7701': attribute type 34 has an invalid length.
[  638.759422][T24511] netlink: 84 bytes leftover after parsing attributes in process `syz.0.7702'.
[  638.941156][T24523] loop6: detected capacity change from 0 to 256
[  638.950847][T24523] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x9aa2f194, utbl_chksum : 0xe619d30d)
[  639.097055][T24528] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7709'.
[  639.104722][T24527] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7709'.
[  639.116095][   T24] net_ratelimit: 2 callbacks suppressed
[  639.116115][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  639.203047][T24532] loop6: detected capacity change from 0 to 512
[  639.207400][T24532] EXT4-fs (loop6): Invalid default hash set in the superblock
[  639.300646][T24544] delete_channel: no stack
[  639.514664][T24562] batadv_slave_0: entered promiscuous mode
[  640.257568][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  640.289901][T24596] loop6: detected capacity change from 0 to 16
[  640.295888][T24596] erofs (device loop6): mounted with root inode @ nid 36.
[  640.375999][T24598] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  640.379808][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  640.957843][T24612] loop6: detected capacity change from 0 to 65536
[  640.961573][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  640.965356][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  641.005106][T24612] XFS (loop6): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  641.036029][T24612] XFS (loop6): Ending clean mount
[  641.064271][   T33] audit: type=1800 audit(1755052237.178:10447): pid=24612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.7746" name="file2" dev="loop6" ino=42 res=0 errno=0
[  641.185027][T24633] bfs: Unknown parameter 'ip6_vti0'
[  641.278491][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  641.560715][T20064] XFS (loop6): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  642.236263][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  642.262512][T24681] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  642.848905][   T70] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  643.252673][T24747] 9pnet: p9_errstr2errno: server reported unknown error 1844674407
[  643.292758][T24751] XFS (nullb0): Invalid superblock magic number
[  643.650854][T24785] loop6: detected capacity change from 0 to 164
[  643.715783][   T24] kernel write not supported for file /amidi2 (pid: 24 comm: kworker/1:0)
[  643.830836][T24800] netlink: 'syz.0.7803': attribute type 1 has an invalid length.
[  643.891367][T24804] overlayfs: failed to clone upperpath
[  644.022068][T24814] net_ratelimit: 2 callbacks suppressed
[  644.022087][T24814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.034447][T24814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.041981][T24814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.052592][T24814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.062278][T24814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.069364][T24810] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.151851][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.229342][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.754184][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.757956][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  645.058071][T24872] loop6: detected capacity change from 0 to 2048
[  645.069779][T24872] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  645.291543][T24890] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7844'.
[  645.502517][T24902] loop6: detected capacity change from 0 to 128
[  645.506848][T24902] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  645.511247][T24902] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  645.516372][T24902] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  645.520477][T24902] UDF-fs: Scanning with blocksize 512 failed
[  645.526809][T24902] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  645.531747][T24902] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[  645.536790][T24902] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  645.539357][T24902] UDF-fs: Scanning with blocksize 1024 failed
[  645.542630][T24902] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  645.547281][T24902] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[  645.551204][T24902] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  645.554472][T24902] UDF-fs: Scanning with blocksize 2048 failed
[  645.562615][T24902] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  645.566820][T24902] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[  645.570771][T24902] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  645.573595][T24902] UDF-fs: Scanning with blocksize 4096 failed
[  645.575929][T24902] UDF-fs: warning (device loop6): udf_fill_super: No partition found (1)
[  646.103868][ T5885] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  646.265370][ T5885] usb 7-1: Using ep0 maxpacket: 32
[  646.272420][ T5885] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[  646.281049][ T5885] usb 7-1: config 0 has no interface number 0
[  646.311690][ T5885] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  646.316593][ T5885] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  646.319961][ T5885] usb 7-1: Product: syz
[  646.321785][ T5885] usb 7-1: Manufacturer: syz
[  646.327685][ T5885] usb 7-1: SerialNumber: syz
[  646.339900][ T5885] usb 7-1: config 0 descriptor??
[  646.343708][ T5885] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  646.541327][ T5885] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  646.549476][ T5885] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  646.923292][    C1] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71
[  646.924143][ T5912] usb 7-1: USB disconnect, device number 22
[  646.934811][ T5912] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  646.958530][ T5912] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  646.967367][ T5912] quatech2 7-1:0.51: device disconnected
[  647.192858][T24998] netlink: 'syz.5.7893': attribute type 10 has an invalid length.
[  647.243058][T25000] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7894'.
[  648.353882][T25044] bond0: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0)
[  648.713312][T25070] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  648.736077][T25076] bridge0: entered allmulticast mode
[  648.739284][T25076] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7930'.
[  648.754448][T25076] bridge_slave_1: left allmulticast mode
[  648.757490][T25076] bridge_slave_1: left promiscuous mode
[  648.760088][T25076] bridge0: port 2(bridge_slave_1) entered disabled state
[  648.766315][T25076] bridge_slave_0: left allmulticast mode
[  648.768743][T25076] bridge_slave_0: left promiscuous mode
[  648.771755][T25076] bridge0: port 1(bridge_slave_0) entered disabled state
[  648.816263][T25076] bridge0 (unregistering): left allmulticast mode
[  648.976352][T25088] loop6: detected capacity change from 0 to 1024
[  649.118845][T25102] trusted_key: encrypted_key: insufficient parameters specified
[  649.167662][T25106] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7945'.
[  649.184501][ T5885] net_ratelimit: 16 callbacks suppressed
[  649.184517][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  649.379602][   T33] audit: type=1326 audit(1755052245.902:10448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25121 comm="syz.5.7952" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x0
[  649.807453][T25133] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7957'.
[  649.839087][T25135] RDS: rds_bind could not find a transport for ::4000:0:20:0, load rds_tcp or rds_rdma?
[  650.161926][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.153444][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.287403][T25185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.291560][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.314238][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.318084][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.553473][T25195] ip6gretap1: entered promiscuous mode
[  651.555810][T25195] ip6gretap1: entered allmulticast mode
[  651.855776][T25193] loop6: detected capacity change from 0 to 40427
[  651.867479][T25193] F2FS-fs (loop6): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  651.870266][T25193] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  651.880054][T25193] F2FS-fs (loop6): invalid crc value
[  651.958472][T25193] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  651.983416][T25193] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  651.986494][T25193] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  652.150724][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  652.195119][T25230] 9pnet_fd: Insufficient options for proto=fd
[  653.261371][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  653.296034][T22710] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  653.538777][T25282] loop6: detected capacity change from 0 to 256
[  654.055295][T25319] netlink: 72 bytes leftover after parsing attributes in process `syz.5.8039'.
[  654.063663][T25319] netlink: 72 bytes leftover after parsing attributes in process `syz.5.8039'.
[  654.516232][    C0] net_ratelimit: 5 callbacks suppressed
[  654.516254][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  654.526028][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  655.029607][ T5885] delete_channel: no stack
[  655.495912][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  656.191216][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  656.194906][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  656.282058][T25378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  656.285032][T25378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  656.575477][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  656.627623][T25383] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8067'.
[  656.769299][T25393] netlink: 44 bytes leftover after parsing attributes in process `syz.5.8072'.
[  656.773359][T25393] netlink: 43 bytes leftover after parsing attributes in process `syz.5.8072'.
[  656.777405][T25393] netlink: 'syz.5.8072': attribute type 6 has an invalid length.
[  656.786219][T25393] netlink: 'syz.5.8072': attribute type 5 has an invalid length.
[  656.798577][T25393] netlink: 43 bytes leftover after parsing attributes in process `syz.5.8072'.
[  656.933434][T25397] : renamed from bridge_slave_0
[  657.172595][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.177034][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.286604][T25418] netlink: 224 bytes leftover after parsing attributes in process `syz.5.8084'.
[  657.290462][T25418] netlink: 224 bytes leftover after parsing attributes in process `syz.5.8084'.
[  657.294305][T25418] netlink: 38 bytes leftover after parsing attributes in process `syz.5.8084'.
[  657.611535][   T24] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  657.766310][   T24] usb 7-1: unable to get BOS descriptor or descriptor too short
[  657.770798][   T24] usb 7-1: config 84 has an invalid interface number: 111 but max is 0
[  657.777975][   T24] usb 7-1: config 84 has no interface number 0
[  657.780622][   T24] usb 7-1: config 84 interface 111 has no altsetting 0
[  657.784953][   T24] usb 7-1: language id specifier not provided by device, defaulting to English
[  657.821625][   T24] usb 7-1: New USB device found, idVendor=0421, idProduct=046e, bcdDevice=33.f0
[  657.825442][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.828837][   T24] usb 7-1: Product: Ъ
[  657.844831][   T24] usb 7-1: SerialNumber: 麡珏גּ줺귮癲ꋧ⌗컹야髰蹏铏܎䖎鯫湼샘婜ꁤ齯Ἑᢱ벗/￭蠾쬯ꃯ▋뵻薱⾡䴢㒟瀪慠欗삅탯睌࢔קּ狴
[  657.857756][T25454] macsec0: entered allmulticast mode
[  658.070332][   T24] usb 7-1: bad CDC descriptors
[  658.075987][   T24] usb 7-1: USB disconnect, device number 23
[  658.199239][T25470] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8107'.
[  658.677406][T25485] loop6: detected capacity change from 0 to 256
[  658.691675][T25485] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  659.082996][T25489] vlan0: entered promiscuous mode
[  659.285590][T25505] Invalid option length (65058) for dns_resolver key
[  659.402541][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  659.626651][   T24] net_ratelimit: 105 callbacks suppressed
[  659.626668][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  659.851223][ T5878] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  660.110195][ T5878] usb 7-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  660.114126][ T5878] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  660.129107][ T5878] usb 7-1: config 0 descriptor??
[  660.813311][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  661.159727][T25590] netlink: 'syz.5.8161': attribute type 5 has an invalid length.
[  661.179397][ T5878] usb 7-1: Cannot set autoneg
[  661.181827][ T5878] MOSCHIP usb-ethernet driver 7-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  661.189449][ T5878] usb 7-1: USB disconnect, device number 24
[  661.839211][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  662.240455][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  662.244314][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  662.947802][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  663.105511][ T5878] usb 7-1: new low-speed USB device number 25 using dummy_hcd
[  663.361102][ T5878] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  663.374472][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  663.400438][ T5878] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  663.411568][ T5878] usb 7-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  663.419611][ T5878] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  663.429267][ T5878] usb 7-1: config 0 descriptor??
[  663.433868][ T5878] qmi_wwan 7-1:0.0: probe with driver qmi_wwan failed with error -22
[  663.521906][T25653] orangefs_mount: mount request failed with -4
[  663.626793][ T5878] usb 7-1: USB disconnect, device number 25
[  663.901070][T25682] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8202'.
[  663.912183][T25682] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8202'.
[  663.916063][T25682] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8202'.
[  663.955118][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  664.271171][ T4622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  664.274157][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  664.310798][T25711] loop6: detected capacity change from 0 to 1024
[  664.320580][T25711] hfsplus: failed to load root directory
[  664.419916][T25717] tipc: Started in network mode
[  664.424624][T25717] tipc: Node identity 6, cluster identity 1
[  664.426636][T25717] tipc: Node number set to 6
[  664.629471][T25725] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (1136)
[  664.634082][T25725] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[  664.686595][T25730] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8223'.
[  664.693433][T25730] netem: change failed
[  664.780444][T25733] netlink: 332 bytes leftover after parsing attributes in process `syz.6.8220'.
[  665.048477][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  665.109740][T25739] netlink: 'syz.0.8227': attribute type 4 has an invalid length.
[  665.698669][T25759] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  665.871726][T25770] vlan2: entered allmulticast mode
[  665.873991][T25770] macvlan0: entered allmulticast mode
[  666.012653][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.148959][T25786] loop6: detected capacity change from 0 to 2048
[  666.152642][   T33] audit: type=1326 audit(1755052263.517:10449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25787 comm="syz.5.8250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  666.157360][T25786] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  666.164175][   T33] audit: type=1326 audit(1755052263.517:10450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25787 comm="syz.5.8250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  666.192111][   T33] audit: type=1326 audit(1755052263.549:10451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25787 comm="syz.5.8250" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  666.211409][   T33] audit: type=1326 audit(1755052263.549:10452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25787 comm="syz.5.8250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  666.223164][   T33] audit: type=1326 audit(1755052263.549:10453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25787 comm="syz.5.8250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  666.234686][   T33] audit: type=1326 audit(1755052263.549:10454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25787 comm="syz.5.8250" exe="/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  666.244176][   T33] audit: type=1326 audit(1755052263.549:10455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25787 comm="syz.5.8250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  666.302974][T25794] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  667.013568][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  667.155524][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  667.159240][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  668.707256][T25853] loop6: detected capacity change from 0 to 256
[  668.716880][T25853] exFAT-fs (loop6): error, The cluster chain has a loop
[  668.723941][T25853] exFAT-fs (loop6): failed to count the number of clusters in root
[  668.731560][T25853] exFAT-fs (loop6): failed to recognize exfat type
[  668.742704][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  668.755946][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  668.759756][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  668.763665][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  668.957592][T25857] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  668.967904][T25857] Error validating options; rc = [-22]
[  669.724984][T25862] netlink: 830 bytes leftover after parsing attributes in process `syz.5.8278'.
[  669.844897][T25864] 9p: Unknown uid 00000000004294967295
[  670.057944][   T24] net_ratelimit: 1023 callbacks suppressed
[  670.057956][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  670.207120][T25874] netlink: 'syz.5.8284': attribute type 2 has an invalid length.
[  670.325101][T25886] netlink: 76 bytes leftover after parsing attributes in process `syz.0.8289'.
[  670.527567][ T5856] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  670.554430][T25897] tmpfs: Bad value for 'mpol'
[  670.673168][ T5856] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  670.677275][ T5856] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  670.685263][ T5856] usb 7-1: config 0 descriptor??
[  670.690168][ T5856] cp210x 7-1:0.0: cp210x converter detected
[  670.888138][ T5856] cp210x 7-1:0.0: failed to get vendor val 0x370b size 1: -121
[  670.894738][ T5856] cp210x 7-1:0.0: querying part number failed
[  670.899396][ T5856] usb 7-1: cp210x converter now attached to ttyUSB0
[  671.053106][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  671.084870][ T5856] usb 7-1: USB disconnect, device number 26
[  671.088749][ T5856] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  671.092032][ T5856] cp210x 7-1:0.0: device disconnected
[  671.991975][T25956] loop6: detected capacity change from 0 to 4096
[  672.012194][T25956] ntfs3(loop6): Failed to load $Bitmap (-2).
[  672.032999][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  672.040158][T25961] netlink: 'syz.5.8321': attribute type 1 has an invalid length.
[  672.054051][T25961] netlink: 88 bytes leftover after parsing attributes in process `syz.5.8321'.
[  672.287764][T25977] netlink: 'syz.0.8330': attribute type 2 has an invalid length.
[  672.654348][ T5856] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  672.658298][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  673.024225][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  673.246436][T25998] team_slave_1: entered promiscuous mode
[  673.253191][T25998] netlink: 'syz.0.8340': attribute type 10 has an invalid length.
[  673.263895][T25998] team0: Port device team_slave_0 removed
[  673.448404][T26000] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8341'.
[  673.722813][T26007] loop6: detected capacity change from 0 to 128
[  673.866566][T26017] CIFS: Unable to determine destination address
[  674.020107][T24201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  675.005108][T24201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  675.027752][T26053] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  675.095088][T26055] loop6: detected capacity change from 0 to 4096
[  675.099331][T26055] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512).
[  675.174752][T26055] ntfs3(loop6): $Secure::$SDH is corrupted.
[  675.177459][T26055] ntfs3(loop6): Failed to initialize $Secure (-22).
[  675.223152][T26061] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8369'.
[  675.234918][   T70] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  675.238500][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  675.766439][ T5858] Bluetooth: hci2: unexpected event for opcode 0x1002
[  675.794509][T26105] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  675.968125][T26113] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  676.438952][T24201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  676.501850][T26113] loop6: detected capacity change from 0 to 32768
[  676.543468][T26113] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  676.574638][T26113] XFS (loop6): Ending clean mount
[  676.770146][T20064] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  677.443669][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  677.713802][T26165] loop6: detected capacity change from 0 to 256
[  677.734223][T26165] FAT-fs (loop6): Directory bread(block 64) failed
[  677.737076][T26165] FAT-fs (loop6): Directory bread(block 65) failed
[  677.741506][T26165] FAT-fs (loop6): Directory bread(block 66) failed
[  677.744257][T26165] FAT-fs (loop6): Directory bread(block 67) failed
[  677.751307][T26165] FAT-fs (loop6): Directory bread(block 68) failed
[  677.755822][T26165] FAT-fs (loop6): Directory bread(block 69) failed
[  677.763821][T26170] delete_channel: no stack
[  677.765710][T26169] delete_channel: no stack
[  677.766490][T26165] FAT-fs (loop6): Directory bread(block 70) failed
[  677.771397][T26165] FAT-fs (loop6): Directory bread(block 71) failed
[  677.775609][T26165] FAT-fs (loop6): Directory bread(block 72) failed
[  677.778806][T26165] FAT-fs (loop6): Directory bread(block 73) failed
[  678.135707][T26186] loop6: detected capacity change from 0 to 764
[  678.183595][T26186] rock: directory entry would overflow storage
[  678.190254][T26186] rock: sig=0x4654, size=5, remaining=4
[  678.290989][ T5856] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  678.300124][ T5856] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  678.303892][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  678.787214][ T5856] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  678.929044][ T5856] usb 7-1: Using ep0 maxpacket: 8
[  678.932741][ T5856] usb 7-1: config 0 has no interfaces?
[  678.936581][ T5856] usb 7-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  678.943700][ T5856] usb 7-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[  678.946546][ T5856] usb 7-1: Product: syz
[  678.948262][ T5856] usb 7-1: Manufacturer: syz
[  678.949816][ T5856] usb 7-1: SerialNumber: syz
[  678.952922][ T5856] usb 7-1: config 0 descriptor??
[  680.056856][ T5856] usb 7-1: USB disconnect, device number 27
[  680.120544][ T1090] net_ratelimit: 9 callbacks suppressed
[  680.120564][ T1090] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.126973][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.226182][T26247] netlink: 64 bytes leftover after parsing attributes in process `syz.5.8449'.
[  680.576388][T24201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.969875][T26293] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.973147][T26293] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.976225][T26293] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.980832][T26293] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.983875][T26293] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.987923][T26291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  681.142939][T26303] loop6: detected capacity change from 0 to 2048
[  681.162281][T26304] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  681.354846][T26312] netlink: 'syz.6.8480': attribute type 2 has an invalid length.
[  681.370013][T26312] : entered promiscuous mode
[  681.373730][T26314] batadv_slave_0: left allmulticast mode
[  681.381599][T26314] batman_adv: batadv0: Interface activated: batadv_slave_0
[  681.884512][   T33] audit: type=1326 audit(1755052280.031:10456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.5.8489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  681.923210][   T33] audit: type=1326 audit(1755052280.031:10457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.5.8489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  681.948229][   T33] audit: type=1326 audit(1755052280.041:10458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.5.8489" exe="/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  681.965880][   T33] audit: type=1326 audit(1755052280.041:10459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.5.8489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  681.976201][   T33] audit: type=1326 audit(1755052280.041:10460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.5.8489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  681.990922][   T33] audit: type=1326 audit(1755052280.062:10461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.5.8489" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  682.000667][   T33] audit: type=1326 audit(1755052280.062:10462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.5.8489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  682.021284][   T33] audit: type=1326 audit(1755052280.062:10463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.5.8489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  683.275661][T26369] Invalid ELF header len 8
[  683.284945][T26367] overlayfs: failed to clone upperpath
[  683.449135][T26380] sctp: [Deprecated]: syz.0.8511 (pid 26380) Use of int in maxseg socket option.
[  683.449135][T26380] Use struct sctp_assoc_value instead
[  684.237899][T26410] netlink: set zone limit has 4 unknown bytes
[  687.055861][T26474] netlink: 168 bytes leftover after parsing attributes in process `syz.5.8549'.
[  687.115104][T26479] syz_tun: entered allmulticast mode
[  687.131020][T26479] dvmrp1: entered allmulticast mode
[  687.154096][T26477] syz_tun: left allmulticast mode
[  687.285099][T26492] loop6: detected capacity change from 0 to 764
[  687.470524][T26510] loop6: detected capacity change from 0 to 512
[  687.495766][T26510] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.8564: casefold flag without casefold feature
[  687.504277][T26510] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.8564: couldn't read orphan inode 15 (err -117)
[  687.509715][T26514] netlink: 'syz.5.8565': attribute type 9 has an invalid length.
[  687.511088][T26510] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  687.513303][T26514] netlink: 'syz.5.8565': attribute type 6 has an invalid length.
[  687.575295][T20064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  687.952522][T26535] netlink: 248 bytes leftover after parsing attributes in process `syz.5.8574'.
[  688.047064][T26539] netlink: 'syz.5.8576': attribute type 12 has an invalid length.
[  688.050644][T26539] netlink: 132 bytes leftover after parsing attributes in process `syz.5.8576'.
[  688.796671][T26581] loop6: detected capacity change from 0 to 512
[  688.832845][T26581] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  688.841363][T26581] ext4 filesystem being mounted at /697/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  689.038583][   T33] audit: type=1326 audit(1755052287.547:10464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26597 comm="syz.5.8603" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  689.052335][   T33] audit: type=1326 audit(1755052287.547:10465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26597 comm="syz.5.8603" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  689.068487][   T33] audit: type=1326 audit(1755052287.547:10466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26597 comm="syz.5.8603" exe="/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  689.079353][ T5856] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  689.083939][   T33] audit: type=1326 audit(1755052287.547:10467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26597 comm="syz.5.8603" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  689.098844][   T33] audit: type=1326 audit(1755052287.547:10468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26597 comm="syz.5.8603" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  689.257475][ T5856] usb 7-1: Using ep0 maxpacket: 8
[  689.264156][ T5856] usb 7-1: config 0 has an invalid interface number: 31 but max is 0
[  689.267854][ T5856] usb 7-1: config 0 has no interface number 0
[  689.273851][ T5856] usb 7-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  689.277843][ T5856] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  689.281211][ T5856] usb 7-1: Product: syz
[  689.285649][ T5856] usb 7-1: Manufacturer: syz
[  689.287586][ T5856] usb 7-1: SerialNumber: syz
[  689.298039][ T5856] usb 7-1: config 0 descriptor??
[  689.710563][ T5856] usb 7-1: Found UVC 0.04 device syz (046d:08c3)
[  689.719746][ T5856] usb 7-1: No valid video chain found.
[  689.725096][ T5856] usb 7-1: USB disconnect, device number 28
[  690.059526][T20064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  690.134513][T26620] overlayfs: failed lookup in lower (newroot/698, name='file1', err=-40): overlapping layers
[  691.142183][T26668] loop6: detected capacity change from 0 to 512
[  691.145433][T26668] EXT4-fs: Ignoring removed nobh option
[  691.148270][T26668] EXT4-fs (loop6): Test dummy encryption mode enabled
[  691.168572][T26668] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.8630: iget: bad i_size value: 38620345925642
[  691.175070][T26668] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.8630: couldn't read orphan inode 15 (err -117)
[  691.181895][T26668] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  691.197511][T26668] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  691.221810][T26643] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm kworker/u9:13: bg 0: block 5: invalid block bitmap
[  691.241183][T26643] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  691.247871][T26643] EXT4-fs (loop6): This should not happen!! Data will be lost
[  691.247871][T26643] 
[  691.252143][T26643] EXT4-fs (loop6): Total free blocks count 0
[  691.258080][T26643] EXT4-fs (loop6): Free/Dirty block details
[  691.260999][T26643] EXT4-fs (loop6): free_blocks=0
[  691.263406][T26643] EXT4-fs (loop6): dirty_blocks=1
[  691.268515][T26643] EXT4-fs (loop6): Block reservation details
[  691.271188][T26643] EXT4-fs (loop6): i_reserved_data_blocks=1
[  691.278460][T26674] netlink: 'syz.5.8633': attribute type 1 has an invalid length.
[  691.278474][T20064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.328837][T26674] 8021q: adding VLAN 0 to HW filter on device bond3
[  691.349535][T26677] gretap1: entered promiscuous mode
[  691.368537][T26677] bond3: (slave gretap1): making interface the new active one
[  691.375690][T26677] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  692.639766][T26716] netlink: 2 bytes leftover after parsing attributes in process `syz.6.8651'.
[  693.866548][T26752] sock: sock_timestamping_bind_phc: sock not bind to device
[  693.870794][T26750] loop6: detected capacity change from 0 to 764
[  693.930493][T26756] loop6: detected capacity change from 0 to 128
[  693.937755][T26756] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  693.984158][T26756] FAT-fs (loop6): FAT read failed (blocknr 128)
[  694.022828][T15608] tipc: Subscription rejected, illegal request
[  694.128112][T26773] netlink: 276 bytes leftover after parsing attributes in process `syz.5.8677'.
[  694.182950][T26776] netlink: 'syz.6.8679': attribute type 10 has an invalid length.
[  694.197377][T26776] batman_adv: batadv0: Adding interface: wlan0
[  694.207372][T26776] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  694.229809][T26776] batman_adv: batadv0: Interface activated: wlan0
[  694.254670][T26780] veth1_to_bridge: entered promiscuous mode
[  694.269834][T26780] veth1_to_bridge: left promiscuous mode
[  694.532394][    T9] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  694.703112][    T9] usb 7-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  694.706822][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.710433][    T9] usb 7-1: Product: syz
[  694.712184][    T9] usb 7-1: Manufacturer: syz
[  694.720333][    T9] usb 7-1: SerialNumber: syz
[  694.725324][    T9] usb 7-1: config 0 descriptor??
[  695.217346][    T9] usb 7-1: f81604_write: reg: 105 data: 8a failed: -EPROTO
[  695.220823][    T9] f81604 7-1:0.0: Setting termination of CH#0 failed: -EPROTO
[  695.224265][    T9] f81604 7-1:0.0: probe with driver f81604 failed with error -71
[  695.230332][    T9] usb 7-1: USB disconnect, device number 29
[  695.567401][T26810] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8695'.
[  695.571402][T26810] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8695'.
[  695.575831][T26810] netlink: 108 bytes leftover after parsing attributes in process `syz.5.8695'.
[  695.811145][T26827] netlink: 'syz.5.8703': attribute type 1 has an invalid length.
[  695.882368][T26832] netlink: 'syz.5.8706': attribute type 10 has an invalid length.
[  695.886115][T26832] netlink: 40 bytes leftover after parsing attributes in process `syz.5.8706'.
[  695.897539][T26832] batman_adv: batadv0: Adding interface: virt_wifi0
[  695.900540][T26832] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  695.911713][T26832] batman_adv: batadv0: Interface activated: virt_wifi0
[  696.149314][T26846] IPv6: Can't replace route, no match found
[  696.366882][T26851] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  698.006144][T26881] hsr_slave_0: left promiscuous mode
[  698.014155][T26881] hsr_slave_1: left promiscuous mode
[  698.216655][T26889] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8733'.
[  698.398323][ T5858] Bluetooth: hci2: unexpected event for opcode 0x0401
[  698.467798][T26887] loop6: detected capacity change from 0 to 32768
[  698.482409][T26887] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  698.518038][T26887] XFS (loop6): Ending clean mount
[  698.530328][T26887] XFS (loop6): Quotacheck needed: Please wait.
[  698.548385][T26887] XFS (loop6): Quotacheck: Done.
[  698.770925][T26920] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8743'.
[  698.821245][T20064] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  699.558459][T26943] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8755'.
[  699.850920][T26960] netlink: 'syz.6.8762': attribute type 1 has an invalid length.
[  699.909128][T26960] 8021q: adding VLAN 0 to HW filter on device bond1
[  699.992238][T26969] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8766'.
[  700.005470][T26965] bond1: (slave veth9): Enslaving as an active interface with a down link
[  700.012145][T26970] dummy0: mtu less than device minimum
[  700.044229][T26960] bond1: (slave veth0_to_bond): making interface the new active one
[  700.057290][T26960] veth0_to_bond: entered promiscuous mode
[  700.060353][T26960] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  700.198003][T26980] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8771'.
[  700.424406][T26988] loop6: detected capacity change from 0 to 1024
[  700.427336][T26988] EXT4-fs: Ignoring removed nobh option
[  700.450401][T26988] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  700.513082][T20064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  700.851855][T27015] libceph: resolve '400' (ret=-3): failed
[  700.961469][   T24] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  701.114992][   T24] usb 7-1: config 0 has an invalid interface number: 69 but max is 0
[  701.117948][   T24] usb 7-1: config 0 has no interface number 0
[  701.120093][   T24] usb 7-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  701.125311][   T24] usb 7-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  701.131814][   T24] usb 7-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  701.137251][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  701.139820][   T24] usb 7-1: Product: syz
[  701.141183][   T24] usb 7-1: Manufacturer: syz
[  701.146389][   T24] usb 7-1: SerialNumber: syz
[  701.149587][   T24] usb 7-1: config 0 descriptor??
[  701.152195][T27003] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  701.157132][   T24] cyberjack 7-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  701.163729][   T24] usb 7-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  701.357622][    C1] cyberjack ttyUSB0: cyberjack_read_int_callback - failed resubmitting read urb, error -22
[  701.549570][   T24] usb 7-1: USB disconnect, device number 30
[  701.556052][   T24] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  701.560977][   T24] cyberjack 7-1:0.69: device disconnected
[  701.711395][T27053] bond3: entered promiscuous mode
[  701.713109][T27053] bond3: entered allmulticast mode
[  701.715243][T27053] 8021q: adding VLAN 0 to HW filter on device bond3
[  702.730524][T27083] bridge5: entered promiscuous mode
[  702.732951][T27083] bridge5: entered allmulticast mode
[  702.788376][T27089] netlink: 'syz.0.8821': attribute type 10 has an invalid length.
[  702.792182][T27089] dummy0: left allmulticast mode
[  702.796502][T27089] dummy0: entered allmulticast mode
[  702.799183][T27089] team0: Port device dummy0 added
[  703.645451][T27119] nfs: Deprecated parameter 'nointr'
[  703.977056][T27137] loop6: detected capacity change from 0 to 128
[  704.135487][T27149] xt_socket: unknown flags 0xd0
[  704.484973][T27169] netlink: 76 bytes leftover after parsing attributes in process `syz.5.8859'.
[  704.490194][T27169] nbd: must specify at least one socket
[  704.981028][   T33] audit: type=1326 audit(1755052304.270:10469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27191 comm="syz.0.8870" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  704.990158][   T33] audit: type=1326 audit(1755052304.270:10470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27191 comm="syz.0.8870" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  705.002265][   T33] audit: type=1326 audit(1755052304.291:10471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27191 comm="syz.0.8870" exe="/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  705.011028][   T33] audit: type=1326 audit(1755052304.291:10472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27191 comm="syz.0.8870" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  705.020735][   T33] audit: type=1326 audit(1755052304.291:10473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27191 comm="syz.0.8870" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  705.124363][   T24] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  705.289319][   T24] usb 7-1: Using ep0 maxpacket: 16
[  705.294025][   T24] usb 7-1: config 5 has an invalid interface number: 206 but max is 0
[  705.300729][   T24] usb 7-1: config 5 has no interface number 0
[  705.303406][   T24] usb 7-1: config 5 interface 206 has no altsetting 0
[  705.309914][   T24] usb 7-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=60.44
[  705.313812][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  705.319790][   T24] usb 7-1: Product: syz
[  705.321914][   T24] usb 7-1: Manufacturer: syz
[  705.324195][   T24] usb 7-1: SerialNumber: syz
[  705.568763][T27210] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8879'.
[  705.578795][   T24] usb_ehset_test 7-1:5.206: probe with driver usb_ehset_test failed with error -32
[  705.592122][   T24] usb 7-1: USB disconnect, device number 31
[  706.276238][T27223] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8884'.
[  706.533640][T27235] netlink: 'syz.6.8890': attribute type 4 has an invalid length.
[  706.857910][ T5878] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  707.001133][ T5878] usb 7-1: Using ep0 maxpacket: 32
[  707.004527][ T5878] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[  707.007216][ T5878] usb 7-1: config 0 has no interface number 0
[  707.011800][ T5878] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  707.015105][ T5878] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  707.018309][ T5878] usb 7-1: Product: syz
[  707.019833][ T5878] usb 7-1: Manufacturer: syz
[  707.021538][ T5878] usb 7-1: SerialNumber: syz
[  707.024848][ T5878] usb 7-1: config 0 descriptor??
[  707.029601][ T5878] smsc95xx v2.0.0
[  708.210626][ T5878] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[  708.233201][ T5878] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  708.238531][ T5878] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  708.244284][ T5878] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -71
[  708.250802][ T5878] usb 7-1: USB disconnect, device number 32
[  708.924172][T27281] loop6: detected capacity change from 0 to 1024
[  708.951551][   T33] audit: type=1800 audit(1755052308.438:10474): pid=27281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.8912" name="file1" dev="loop6" ino=20 res=0 errno=0
[  710.102198][T27298] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8920'.
[  710.711447][T15548] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  710.719854][T15548] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  710.726287][T15548] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  710.737792][T15548] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  710.741484][T15548] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  710.951523][T27324] chnl_net:caif_netlink_parms(): no params data found
[  711.041393][T27324] bridge0: port 1(bridge_slave_0) entered blocking state
[  711.044595][T27324] bridge0: port 1(bridge_slave_0) entered disabled state
[  711.047971][T27324] bridge_slave_0: entered allmulticast mode
[  711.052215][T27324] bridge_slave_0: entered promiscuous mode
[  711.057089][T27324] bridge0: port 2(bridge_slave_1) entered blocking state
[  711.061832][T27324] bridge0: port 2(bridge_slave_1) entered disabled state
[  711.065033][T27324] bridge_slave_1: entered allmulticast mode
[  711.069373][T27324] bridge_slave_1: entered promiscuous mode
[  711.100184][T27324] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  711.107215][T27324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  711.140069][T27324] team0: Port device team_slave_0 added
[  711.145483][T27324] team0: Port device team_slave_1 added
[  711.175551][T27324] batman_adv: batadv0: Adding interface: batadv_slave_0
[  711.178493][T27324] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  711.189778][T27324] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  711.196046][T27324] batman_adv: batadv0: Adding interface: batadv_slave_1
[  711.199076][T27324] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  711.211497][T27324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  711.253893][T27324] hsr_slave_0: entered promiscuous mode
[  711.259796][T27324] hsr_slave_1: entered promiscuous mode
[  711.262894][T27324] debugfs: 'hsr0' already exists in 'hsr'
[  711.265366][T27324] Cannot create hsr debugfs directory
[  711.447920][T27324] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  711.454536][T27324] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  711.465500][T27324] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  711.473573][T27324] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  711.507320][   T13] veth0_to_bond: left promiscuous mode
[  711.535913][T27353] overlayfs: failed to clone upperpath
[  711.628705][T27324] 8021q: adding VLAN 0 to HW filter on device bond0
[  711.663575][T27324] 8021q: adding VLAN 0 to HW filter on device team0
[  711.682805][T19541] bridge0: port 1(bridge_slave_0) entered blocking state
[  711.685922][T19541] bridge0: port 1(bridge_slave_0) entered forwarding state
[  711.697530][T19541] bridge0: port 2(bridge_slave_1) entered blocking state
[  711.700764][T19541] bridge0: port 2(bridge_slave_1) entered forwarding state
[  711.914453][T27324] 8021q: adding VLAN 0 to HW filter on device batadv0
[  712.179215][T27324] veth0_vlan: entered promiscuous mode
[  712.198211][T27324] veth1_vlan: entered promiscuous mode
[  712.242437][T27324] veth0_macvtap: entered promiscuous mode
[  712.252753][T27324] veth1_macvtap: entered promiscuous mode
[  712.272652][T27324] batman_adv: batadv0: Interface activated: batadv_slave_0
[  712.283370][T27324] batman_adv: batadv0: Interface activated: batadv_slave_1
[  712.293188][ T5877] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  712.304988][T27352] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  712.317691][T27352] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  712.321484][T27352] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  712.438294][   T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  712.447978][   T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  712.488348][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  712.492550][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  712.729302][ T5858] Bluetooth: hci1: command tx timeout
[  714.353727][T27408] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8959'.
[  714.372956][T27402] loop7: detected capacity change from 0 to 32768
[  714.408002][T27402] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  714.441125][T27402] XFS (loop7): Ending clean mount
[  714.494250][T27324] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  714.736503][T27429] bond4: entered promiscuous mode
[  714.737772][ T5858] Bluetooth: hci1: command tx timeout
[  714.738847][T27429] bond4: entered allmulticast mode
[  714.739457][T27429] 8021q: adding VLAN 0 to HW filter on device bond4
[  715.386931][T27455] netlink: 92 bytes leftover after parsing attributes in process `syz.7.8977'.
[  715.544178][T27461] overlayfs: failed to clone upperpath
[  715.932531][T27485] syz_tun: entered allmulticast mode
[  716.688883][ T5858] Bluetooth: hci1: command tx timeout
[  716.982361][T27516] netlink: 88 bytes leftover after parsing attributes in process `syz.5.9005'.
[  717.252842][T27532] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9014'.
[  717.296778][T27536] netlink: 'syz.0.9015': attribute type 5 has an invalid length.
[  717.754004][T27560] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9028'.
[  717.921899][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  718.176375][   T33] audit: type=1326 audit(1755052318.128:10475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27581 comm="syz.5.9039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  718.186124][   T33] audit: type=1326 audit(1755052318.138:10476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27581 comm="syz.5.9039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  718.197507][   T33] audit: type=1326 audit(1755052318.149:10477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27581 comm="syz.5.9039" exe="/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  718.209981][   T33] audit: type=1326 audit(1755052318.149:10478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27581 comm="syz.5.9039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  718.529902][T27590] overlayfs: failed to clone upperpath
[  718.700320][ T5858] Bluetooth: hci1: command tx timeout
[  718.848755][ T5858] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11
[  719.009541][T27595] netem: change failed
[  719.184432][T27602] netlink: 36 bytes leftover after parsing attributes in process `syz.5.9047'.
[  719.438298][T27619] netlink: 'syz.7.9056': attribute type 1 has an invalid length.
[  719.443307][T27619] netlink: 144 bytes leftover after parsing attributes in process `syz.7.9056'.
[  719.447214][T27619] netlink: 36 bytes leftover after parsing attributes in process `syz.7.9056'.
[  719.501103][T27625] loop7: detected capacity change from 0 to 128
[  719.515309][T27625] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  719.521465][T27625] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  719.570436][T27324] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  719.739119][T27646] binder: 27644:27646 ioctl c018620c 2000000000c0 returned -1
[  719.796913][T27651] loop7: detected capacity change from 0 to 136
[  719.863572][T27655] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9071'.
[  719.933934][T27661] netlink: 'syz.0.9074': attribute type 29 has an invalid length.
[  720.374567][T27696] netlink: 5120 bytes leftover after parsing attributes in process `syz.0.9091'.
[  720.405543][T27697] loop7: detected capacity change from 0 to 2048
[  720.408553][T27699] netlink: 'syz.5.9092': attribute type 1 has an invalid length.
[  720.450655][T27697] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  720.472943][   T33] audit: type=1800 audit(749.455:10479): pid=27697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.9089" name="file0" dev="loop7" ino=13 res=0 errno=0
[  720.492697][T27697] fs-verity (loop7, inode 13): Error -22 reading file data
[  720.495171][T27697] fs-verity (loop7, inode 13): Error -22 building Merkle tree
[  720.529142][T27324] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  720.594792][T27716] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 0
[  720.599382][T27715] IPVS: stopping backup sync thread 27716 ...
[  720.718136][T27730] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  721.006758][T27732] loop7: detected capacity change from 0 to 32768
[  721.862500][T27766] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9118'.
[  722.510694][ T5858] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  722.510869][ T5858] Bluetooth: hci1: Unknown advertising packet type: 0x5d
[  722.514448][ T5858] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  722.517968][ T5858] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  722.521225][ T5858] Bluetooth: hci1: Malformed LE Event: 0x0d
[  723.440967][T27822] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9144'.
[  723.530968][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  723.742176][T27836] macsec0: entered promiscuous mode
[  723.744671][T27836] macsec0: left allmulticast mode
[  724.000360][   T33] audit: type=1326 audit(753.150:10480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27841 comm="syz.7.9153" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7ffc0000
[  724.010918][   T33] audit: type=1326 audit(753.150:10481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27841 comm="syz.7.9153" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7ffc0000
[  724.020436][   T33] audit: type=1326 audit(753.150:10482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27841 comm="syz.7.9153" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f798e78ebe9 code=0x7ffc0000
[  724.030698][   T33] audit: type=1326 audit(753.150:10483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27841 comm="syz.7.9153" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x0
[  725.633422][T27903] netlink: 'syz.5.9180': attribute type 83 has an invalid length.
[  725.818020][T27915] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9186'.
[  726.196428][T27941] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117
[  726.198896][T27941] PKCS7: Only support pkcs7_signedData type
[  726.684765][   T33] audit: type=1326 audit(755.974:10484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27987 comm="syz.5.9220" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  726.700086][   T33] audit: type=1326 audit(755.974:10485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27987 comm="syz.5.9220" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  726.718641][   T33] audit: type=1326 audit(755.985:10486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27987 comm="syz.5.9220" exe="/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  726.733786][   T33] audit: type=1326 audit(755.985:10487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27987 comm="syz.5.9220" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  726.741992][   T33] audit: type=1326 audit(755.985:10488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27987 comm="syz.5.9220" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  726.773243][   T33] audit: type=1326 audit(755.985:10489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27987 comm="syz.5.9220" exe="/syz-executor" sig=0 arch=c000003e syscall=148 compat=0 ip=0x7f212eb8ebe9 code=0x7ffc0000
[  728.154397][T28038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9242'.
[  728.165259][T28038] macvlan0: left allmulticast mode
[  728.168021][T28038] netlink: 'syz.0.9242': attribute type 1 has an invalid length.
[  728.171933][T28038] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9242'.
[  728.222989][T28040] netlink: 24 bytes leftover after parsing attributes in process `syz.7.9243'.
[  729.309437][T28071] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  729.954635][T28116] delete_channel: no stack
[  729.957284][T28116] delete_channel: no stack
[  730.359004][T28134] team0 (unregistering): Port device team_slave_1 removed
[  730.361842][T28134] dummy0: left allmulticast mode
[  730.366134][T28134] team0 (unregistering): Port device dummy0 removed
[  730.650069][T28145] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9293'.
[  730.655023][T28145] netlink: 'syz.7.9293': attribute type 5 has an invalid length.
[  730.659039][T28145] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9293'.
[  730.671617][ T5892] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  730.684437][ T5892] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  730.688252][ T5892] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  730.694902][ T5892] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  731.931253][T28236] netlink: 56 bytes leftover after parsing attributes in process `syz.0.9338'.
[  734.554255][T28375] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9402'.
[  734.558100][T28375] netlink: 20 bytes leftover after parsing attributes in process `syz.7.9402'.
[  734.567232][T28375] geneve2: entered promiscuous mode
[  734.569260][T28375] geneve2: entered allmulticast mode
[  734.747322][T28389] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9409'.
[  735.746301][T28414] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 1, id = 0
[  736.391111][T28424] bond0: option packets_per_slave: invalid value (70683304)
[  736.393976][T28424] bond0: option packets_per_slave: allowed values 0 - 65535
[  738.471176][T28528] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  739.647397][T28577] sctp: [Deprecated]: syz.5.9486 (pid 28577) Use of struct sctp_assoc_value in delayed_ack socket option.
[  739.647397][T28577] Use struct sctp_sack_info instead
[  739.653147][T28579] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9487'.
[  740.548056][T28609] 2g,{: renamed from lo
[  741.674753][T28652] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[  741.677739][T28652] PKCS7: Only support pkcs7_signedData type
[  741.867949][T28659] netlink: 'syz.0.9523': attribute type 6 has an invalid length.
[  742.757897][T28701] vxcan0: tx drop: invalid sa for name 0x0000001000000000
[  743.464001][T28733] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9554'.
[  743.808257][T28751] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9563'.
[  745.627921][T28850] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.9609'.
[  746.886667][T28925] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9642'.
[  746.959638][T28929] netlink: 288 bytes leftover after parsing attributes in process `syz.7.9644'.
[  746.963424][T28929] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9644'.
[  746.967160][T28929] netlink: 288 bytes leftover after parsing attributes in process `syz.7.9644'.
[  746.970615][T28929] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9644'.
[  747.822960][T28961] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9658'.
[  748.909513][T28982] overlayfs: conflicting options: nfs_export=on,index=off
[  749.725945][T29011] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9681'.
[  749.732296][T29011] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  750.748181][T29023] overlayfs: failed to clone upperpath
[  750.835836][T29038] netlink: 'syz.0.9691': attribute type 79 has an invalid length.
[  751.783337][T29071] C: renamed from team_slave_0 (while UP)
[  751.788129][T29071] netlink: 'syz.7.9706': attribute type 3 has an invalid length.
[  751.792182][T29071] netlink: 152 bytes leftover after parsing attributes in process `syz.7.9706'.
[  751.796182][T29071] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  752.543601][T29092] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  752.788319][   T33] kauditd_printk_skb: 2 callbacks suppressed
[  752.788333][   T33] audit: type=1326 audit(783.370:10492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29104 comm="syz.0.9721" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x0
[  753.386339][T29128] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  753.517411][T29140] veth0_to_team: entered promiscuous mode
[  753.519998][T29140] veth0_to_team: entered allmulticast mode
[  754.522900][T29175] ref_ctr increment failed for inode: 0x501 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88802b8eab00
[  754.797390][T29198] 9pnet_fd: p9_fd_create_tcp (29198): problem connecting socket to 127.0.0.1
[  754.914657][T29210] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9774'.
[  754.960296][T29214] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9775'.
[  754.980174][T29216] netlink: 108 bytes leftover after parsing attributes in process `syz.0.9776'.
[  754.984778][T29216] netlink: 108 bytes leftover after parsing attributes in process `syz.0.9776'.
[  754.988215][T29216] netlink: 108 bytes leftover after parsing attributes in process `syz.0.9776'.
[  755.242702][T29245] netlink: 'syz.5.9786': attribute type 2 has an invalid length.
[  756.745787][T29303] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.9815'.
[  756.751304][T29305] overlayfs: failed to clone upperpath
[  756.922334][T29315] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9820'.
[  757.883354][T29344] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9833'.
[  758.056604][T29355] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9839'.
[  758.914644][T29359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  759.191713][T29377] netlink: 180 bytes leftover after parsing attributes in process `syz.7.9849'.
[  759.196063][T29375] netlink: 180 bytes leftover after parsing attributes in process `syz.7.9849'.
[  759.199595][T29375] netlink: 180 bytes leftover after parsing attributes in process `syz.7.9849'.
[  760.210112][T29419] @: renamed from vlan0
[  761.778525][T29474] overlayfs: failed to clone upperpath
[  762.341779][   T33] audit: type=1326 audit(793.406:10493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29495 comm="syz.5.9906" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f212eb8ebe9 code=0x0
[  762.367286][T29499] 9pnet: p9_errstr2errno: server reported unknown error t/event#
[  763.378821][T29542] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9928'.
[  763.390610][T29542] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9928'.
[  763.734112][T29559] netlink: 'syz.5.9935': attribute type 1 has an invalid length.
[  763.925867][T29575] netlink: 830 bytes leftover after parsing attributes in process `syz.7.9943'.
[  764.442463][T29602] netlink: 44 bytes leftover after parsing attributes in process `syz.7.9956'.
[  764.446307][T29602] netlink: 51 bytes leftover after parsing attributes in process `syz.7.9956'.
[  764.450387][T29602] netlink: 51 bytes leftover after parsing attributes in process `syz.7.9956'.
[  764.767495][T29631] netlink: 24 bytes leftover after parsing attributes in process `syz.7.9969'.
[  764.801192][T29631] IPVS: Error connecting to the multicast addr
[  765.006079][T29643] bpf: Bad value for 'gid'
[  765.254960][T29652] overlayfs: failed to clone upperpath
[  765.260460][T29652] overlayfs: failed to clone upperpath
[  766.869776][   T33] audit: type=1326 audit(798.141:10494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29705 comm="syz.0.10001" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  766.878888][   T33] audit: type=1326 audit(798.141:10495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29705 comm="syz.0.10001" exe="/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  766.893554][   T33] audit: type=1326 audit(798.141:10496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29705 comm="syz.0.10001" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  766.910305][T29708] libceph: resolve '4' (ret=-3): failed
[  766.947955][   T33] audit: type=1326 audit(798.141:10497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29705 comm="syz.0.10001" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  767.055149][T29710] smc: net device bond0 applied user defined pnetid SYZ2
[  767.124148][T29714] netlink: 60 bytes leftover after parsing attributes in process `syz.0.10005'.
[  767.133370][T29714] netlink: 60 bytes leftover after parsing attributes in process `syz.0.10005'.
[  767.383558][   T33] audit: type=1326 audit(798.697:10498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29734 comm="syz.0.10014" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x0
[  769.667681][T29817] overlayfs: failed to clone upperpath
[  770.564653][T29864] netlink: 9280 bytes leftover after parsing attributes in process `syz.5.10073'.
[  771.686183][T29894] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10086'.
[  771.696626][T29894] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10086'.
[  771.839937][T29907] netlink: 2028 bytes leftover after parsing attributes in process `syz.5.10090'.
[  771.848485][T29907] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10090'.
[  772.658581][T29935] netlink: 'syz.0.10106': attribute type 1 has an invalid length.
[  773.748810][T29962] netlink: 'syz.7.10117': attribute type 10 has an invalid length.
[  773.800322][T29962] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  773.817435][T29961] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  773.887089][   T33] audit: type=1326 audit(805.521:10499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29972 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  773.903702][   T33] audit: type=1326 audit(805.521:10500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29972 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  773.918564][   T33] audit: type=1326 audit(805.542:10501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29972 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  773.929334][   T33] audit: type=1326 audit(805.574:10502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29972 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  773.948217][   T33] audit: type=1326 audit(805.574:10503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29972 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  773.959977][   T33] audit: type=1326 audit(805.574:10504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29976 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f44967c14a5 code=0x7ffc0000
[  773.969593][   T33] audit: type=1326 audit(805.595:10505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29972 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f449678d84a code=0x7ffc0000
[  773.978293][   T33] audit: type=1326 audit(805.595:10506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29972 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f44967c14a5 code=0x7ffc0000
[  774.074719][   T33] audit: type=1326 audit(805.721:10507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29976 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  774.150022][   T33] audit: type=1326 audit(805.805:10508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29972 comm="syz.0.10122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  774.539616][T27352] tipc: Subscription rejected, illegal request
[  776.438307][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  778.092105][T30081] IPVS: Error connecting to the multicast addr
[  778.579736][T30093] kAFS: unparsable volume name
[  778.745942][T30103] 9pnet_fd: Insufficient options for proto=fd
[  778.806441][   T33] kauditd_printk_skb: 28 callbacks suppressed
[  778.806457][   T33] audit: type=1326 audit(810.697:10537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30108 comm="syz.0.10183" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  778.834016][   T33] audit: type=1326 audit(810.697:10538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30108 comm="syz.0.10183" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  778.854040][   T33] audit: type=1326 audit(810.718:10539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30108 comm="syz.0.10183" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  778.868039][   T33] audit: type=1326 audit(810.718:10540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30108 comm="syz.0.10183" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  778.881241][   T33] audit: type=1326 audit(810.718:10541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30108 comm="syz.0.10183" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  781.188498][T30191] GUP no longer grows the stack in syz.7.10219 (30191): 200000005000-200000008000 (200000004000)
[  781.193278][T30191] CPU: 1 UID: 0 PID: 30191 Comm: syz.7.10219 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  781.193294][T30191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  781.193300][T30191] Call Trace:
[  781.193306][T30191]  <TASK>
[  781.193311][T30191]  dump_stack_lvl+0x189/0x250
[  781.193353][T30191]  ? __pfx_dump_stack_lvl+0x10/0x10
[  781.193364][T30191]  ? __pfx__printk+0x10/0x10
[  781.193376][T30191]  ? find_vma+0xe7/0x160
[  781.193394][T30191]  fixup_user_fault+0x661/0x720
[  781.193408][T30191]  fault_in_user_writeable+0x72/0xe0
[  781.193426][T30191]  futex_lock_pi+0x773/0xa90
[  781.193442][T30191]  ? __pfx_futex_lock_pi+0x10/0x10
[  781.193465][T30191]  ? __pfx_futex_wake_mark+0x10/0x10
[  781.193483][T30191]  ? __pfx_userfaultfd_unmap_complete+0x10/0x10
[  781.193499][T30191]  do_futex+0x292/0x420
[  781.193513][T30191]  ? __pfx_do_futex+0x10/0x10
[  781.193523][T30191]  ? __vm_munmap+0x301/0x3d0
[  781.193538][T30191]  __se_sys_futex+0x36f/0x400
[  781.193552][T30191]  ? __pfx___se_sys_futex+0x10/0x10
[  781.193564][T30191]  ? rcu_is_watching+0x15/0xb0
[  781.193575][T30191]  ? __x64_sys_futex+0x21/0xf0
[  781.193588][T30191]  do_syscall_64+0xfa/0x3b0
[  781.193598][T30191]  ? lockdep_hardirqs_on+0x9c/0x150
[  781.193606][T30191]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  781.193614][T30191]  ? exc_page_fault+0x9f/0xf0
[  781.193623][T30191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  781.193631][T30191] RIP: 0033:0x7f798e78ebe9
[  781.193640][T30191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  781.193648][T30191] RSP: 002b:00007f798f6df038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  781.193660][T30191] RAX: ffffffffffffffda RBX: 00007f798e9b5fa0 RCX: 00007f798e78ebe9
[  781.193666][T30191] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000200000004000
[  781.193671][T30191] RBP: 00007f798e811e19 R08: 0000000000000000 R09: 0000000000000000
[  781.193676][T30191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  781.193681][T30191] R13: 00007f798e9b6038 R14: 00007f798e9b5fa0 R15: 00007ffcda040f78
[  781.193693][T30191]  </TASK>
[  781.622876][T30224] overlayfs: failed to clone upperpath
[  782.115298][T30242] Process accounting resumed
[  782.610689][   T33] audit: type=1326 audit(814.686:10542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30266 comm="syz.5.10252" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f212eb8ebe9 code=0x0
[  784.176998][   T33] audit: type=1326 audit(816.324:10543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.186275][   T33] audit: type=1326 audit(816.345:10544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.195522][   T33] audit: type=1326 audit(816.345:10545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.204589][   T33] audit: type=1326 audit(816.345:10546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.214644][   T33] audit: type=1326 audit(816.345:10547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.224058][   T33] audit: type=1326 audit(816.345:10548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.235389][   T33] audit: type=1326 audit(816.345:10549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.244119][   T33] audit: type=1326 audit(816.345:10550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.253117][   T33] audit: type=1326 audit(816.345:10551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.263126][   T33] audit: type=1326 audit(816.345:10552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30315 comm="syz.7.10276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798e78ebe9 code=0x7fc00000
[  784.906078][T30342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10286'.
[  784.982134][T30347] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  785.965023][T30384] fuse: Bad value for 'fd'
[  786.488016][T30405] netlink: 132 bytes leftover after parsing attributes in process `syz.7.10316'.
[  789.323272][T30488] netlink: 666 bytes leftover after parsing attributes in process `syz.5.10355'.
[  789.652453][   T33] kauditd_printk_skb: 19 callbacks suppressed
[  789.652522][   T33] audit: type=1326 audit(822.076:10572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30514 comm="syz.0.10368" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  789.670550][   T33] audit: type=1326 audit(822.076:10573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30514 comm="syz.0.10368" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  789.680865][   T33] audit: type=1326 audit(822.087:10574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30514 comm="syz.0.10368" exe="/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  789.694006][   T33] audit: type=1326 audit(822.087:10575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30514 comm="syz.0.10368" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  789.705398][   T33] audit: type=1326 audit(822.087:10576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30514 comm="syz.0.10368" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449678ebe9 code=0x7ffc0000
[  790.739181][T30530] ==================================================================
[  790.742172][T30530] BUG: KASAN: slab-use-after-free in __xfrm_state_insert+0x8af/0x1450
[  790.744861][T30530] Read of size 1 at addr ffff888028a99e30 by task syz.7.10374/30530
[  790.748153][T30530] 
[  790.749580][T30530] CPU: 0 UID: 0 PID: 30530 Comm: syz.7.10374 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  790.749601][T30530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  790.749611][T30530] Call Trace:
[  790.749619][T30530]  <TASK>
[  790.749626][T30530]  dump_stack_lvl+0x189/0x250
[  790.749648][T30530]  ? __virt_addr_valid+0x1c8/0x5c0
[  790.749665][T30530]  ? rcu_is_watching+0x15/0xb0
[  790.749682][T30530]  ? __pfx_dump_stack_lvl+0x10/0x10
[  790.749697][T30530]  ? rcu_is_watching+0x15/0xb0
[  790.749710][T30530]  ? lock_release+0x4b/0x3e0
[  790.749726][T30530]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  790.749741][T30530]  ? __virt_addr_valid+0x1c8/0x5c0
[  790.749755][T30530]  ? __virt_addr_valid+0x4a5/0x5c0
[  790.749769][T30530]  print_report+0xca/0x240
[  790.749782][T30530]  ? __xfrm_state_insert+0x8af/0x1450
[  790.749802][T30530]  kasan_report+0x118/0x150
[  790.749819][T30530]  ? __xfrm_state_insert+0x8af/0x1450
[  790.749840][T30530]  __xfrm_state_insert+0x8af/0x1450
[  790.749859][T30530]  ? xfrm_state_insert+0x44/0x60
[  790.749877][T30530]  xfrm_state_insert+0x54/0x60
[  790.749895][T30530]  ipcomp6_init_state+0x655/0x900
[  790.749913][T30530]  __xfrm_init_state+0xa76/0x13f0
[  790.749925][T30530]  ? __xfrm_init_state+0x7ef/0x13f0
[  790.749939][T30530]  xfrm_add_sa+0x2f5b/0x4070
[  790.749952][T30530]  ? __pfx_xfrm_add_sa+0x10/0x10
[  790.749964][T30530]  ? apparmor_capable+0x137/0x1b0
[  790.749977][T30530]  ? __nla_parse+0x40/0x60
[  790.749994][T30530]  xfrm_user_rcv_msg+0x7a3/0xab0
[  790.750007][T30530]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  790.750027][T30530]  ? __pfx___mutex_trylock_common+0x10/0x10
[  790.750042][T30530]  ? rcu_is_watching+0x15/0xb0
[  790.750055][T30530]  ? trace_contention_end+0x39/0x120
[  790.750068][T30530]  ? __mutex_lock+0x335/0x1360
[  790.750084][T30530]  netlink_rcv_skb+0x208/0x470
[  790.750101][T30530]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  790.750112][T30530]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  790.750130][T30530]  ? netlink_deliver_tap+0x2e/0x1b0
[  790.750143][T30530]  ? netlink_deliver_tap+0x2e/0x1b0
[  790.750159][T30530]  xfrm_netlink_rcv+0x79/0x90
[  790.750171][T30530]  netlink_unicast+0x82f/0x9e0
[  790.750185][T30530]  ? __pfx_netlink_unicast+0x10/0x10
[  790.750199][T30530]  ? netlink_sendmsg+0x642/0xb30
[  790.750213][T30530]  ? skb_put+0x11b/0x210
[  790.750230][T30530]  netlink_sendmsg+0x805/0xb30
[  790.750247][T30530]  ? __pfx_netlink_sendmsg+0x10/0x10
[  790.750263][T30530]  ? aa_sock_msg_perm+0xf1/0x1d0
[  790.750304][T30530]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  790.750321][T30530]  ? __pfx_netlink_sendmsg+0x10/0x10
[  790.750337][T30530]  __sock_sendmsg+0x21c/0x270
[  790.750353][T30530]  ____sys_sendmsg+0x505/0x830
[  790.750373][T30530]  ? __pfx_____sys_sendmsg+0x10/0x10
[  790.750393][T30530]  ? import_iovec+0x74/0xa0
[  790.750407][T30530]  ___sys_sendmsg+0x21f/0x2a0
[  790.750428][T30530]  ? __pfx____sys_sendmsg+0x10/0x10
[  790.750455][T30530]  ? __fget_files+0x2a/0x420
[  790.750473][T30530]  ? __fget_files+0x3a0/0x420
[  790.750500][T30530]  __x64_sys_sendmsg+0x19b/0x260
[  790.750518][T30530]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  790.750539][T30530]  ? rcu_is_watching+0x15/0xb0
[  790.750552][T30530]  ? do_syscall_64+0xbe/0x3b0
[  790.750570][T30530]  do_syscall_64+0xfa/0x3b0
[  790.750587][T30530]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.750601][T30530]  ? asm_sysvec_call_function_single+0x1a/0x20
[  790.750614][T30530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.750626][T30530] RIP: 0033:0x7f798e78ebe9
[  790.750639][T30530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.750651][T30530] RSP: 002b:00007f798f69d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  790.750669][T30530] RAX: ffffffffffffffda RBX: 00007f798e9b6180 RCX: 00007f798e78ebe9
[  790.750678][T30530] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  790.750686][T30530] RBP: 00007f798e811e19 R08: 0000000000000000 R09: 0000000000000000
[  790.750695][T30530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  790.750703][T30530] R13: 00007f798e9b6218 R14: 00007f798e9b6180 R15: 00007ffcda040f78
[  790.750718][T30530]  </TASK>
[  790.750723][T30530] 
[  790.911886][T30530] Allocated by task 28347:
[  790.913421][T30530]  kasan_save_track+0x3e/0x80
[  790.915001][T30530]  __kasan_slab_alloc+0x6c/0x80
[  790.916623][T30530]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  790.918474][T30530]  xfrm_state_alloc+0x24/0x2f0
[  790.920122][T30530]  __find_acq_core+0x8a7/0x1c00
[  790.921848][T30530]  xfrm_find_acq+0x78/0xa0
[  790.923417][T30530]  xfrm_alloc_userspi+0x6b3/0xc90
[  790.925158][T30530]  xfrm_user_rcv_msg+0x7a3/0xab0
[  790.926894][T30530]  netlink_rcv_skb+0x208/0x470
[  790.928829][T30530]  xfrm_netlink_rcv+0x79/0x90
[  790.930452][T30530]  netlink_unicast+0x82f/0x9e0
[  790.932174][T30530]  netlink_sendmsg+0x805/0xb30
[  790.933856][T30530]  __sock_sendmsg+0x21c/0x270
[  790.935418][T30530]  ____sys_sendmsg+0x505/0x830
[  790.936992][T30530]  ___sys_sendmsg+0x21f/0x2a0
[  790.938535][T30530]  __x64_sys_sendmsg+0x19b/0x260
[  790.940258][T30530]  do_syscall_64+0xfa/0x3b0
[  790.942017][T30530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.944278][T30530] 
[  790.945089][T30530] Freed by task 5912:
[  790.946473][T30530]  kasan_save_track+0x3e/0x80
[  790.948030][T30530]  kasan_save_free_info+0x46/0x50
[  790.949740][T30530]  __kasan_slab_free+0x5b/0x80
[  790.951365][T30530]  kmem_cache_free+0x18f/0x400
[  790.952928][T30530]  xfrm_state_gc_task+0x52d/0x6b0
[  790.954677][T30530]  process_scheduled_works+0xae1/0x17b0
[  790.956572][T30530]  worker_thread+0x8a0/0xda0
[  790.958172][T30530]  kthread+0x711/0x8a0
[  790.959553][T30530]  ret_from_fork+0x3fc/0x770
[  790.961154][T30530]  ret_from_fork_asm+0x1a/0x30
[  790.962824][T30530] 
[  790.963673][T30530] The buggy address belongs to the object at ffff888028a99b00
[  790.963673][T30530]  which belongs to the cache xfrm_state of size 928
[  790.968304][T30530] The buggy address is located 816 bytes inside of
[  790.968304][T30530]  freed 928-byte region [ffff888028a99b00, ffff888028a99ea0)
[  790.973218][T30530] 
[  790.974070][T30530] The buggy address belongs to the physical page:
[  790.976420][T30530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888028a98480 pfn:0x28a98
[  790.979931][T30530] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  790.982732][T30530] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  790.985252][T30530] page_type: f5(slab)
[  790.986673][T30530] raw: 00fff00000000040 ffff88801cb0db40 dead000000000122 0000000000000000
[  790.989478][T30530] raw: ffff888028a98480 00000000800e0009 00000000f5000000 0000000000000000
[  790.992340][T30530] head: 00fff00000000040 ffff88801cb0db40 dead000000000122 0000000000000000
[  790.995870][T30530] head: ffff888028a98480 00000000800e0009 00000000f5000000 0000000000000000
[  790.999531][T30530] head: 00fff00000000002 ffffea0000a2a601 00000000ffffffff 00000000ffffffff
[  791.003140][T30530] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  791.006816][T30530] page dumped because: kasan: bad access detected
[  791.009528][T30530] page_owner tracks the page as allocated
[  791.011765][T30530] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 17921, tgid 17920 (syz.0.4835), ts 460020175933, free_ts 460019689626
[  791.019805][T30530]  post_alloc_hook+0x240/0x2a0
[  791.021854][T30530]  get_page_from_freelist+0x21e4/0x22c0
[  791.024215][T30530]  __alloc_frozen_pages_noprof+0x181/0x370
[  791.026683][T30530]  alloc_pages_mpol+0x232/0x4a0
[  791.028757][T30530]  allocate_slab+0x8a/0x370
[  791.030723][T30530]  ___slab_alloc+0xbeb/0x1410
[  791.032747][T30530]  kmem_cache_alloc_noprof+0x283/0x3c0
[  791.035072][T30530]  xfrm_state_alloc+0x24/0x2f0
[  791.037115][T30530]  xfrm_state_find+0x37d4/0x5400
[  791.039246][T30530]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  791.041876][T30530]  xfrm_lookup_with_ifid+0x2a7/0x1a70
[  791.044118][T30530]  xfrm_lookup_route+0x3c/0x1c0
[  791.046136][T30530]  rawv6_sendmsg+0xdab/0x1820
[  791.048137][T30530]  __sock_sendmsg+0x19c/0x270
[  791.050140][T30530]  ____sys_sendmsg+0x52d/0x830
[  791.052178][T30530]  ___sys_sendmsg+0x21f/0x2a0
[  791.054227][T30530] page last free pid 17925 tgid 17920 stack trace:
[  791.057066][T30530]  __free_frozen_pages+0xbc4/0xd30
[  791.059341][T30530]  stack_depot_save_flags+0x436/0x860
[  791.061703][T30530]  kasan_save_track+0x4f/0x80
[  791.063769][T30530]  __kasan_slab_alloc+0x6c/0x80
[  791.065905][T30530]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  791.068516][T30530]  kmalloc_reserve+0xbd/0x290
[  791.070572][T30530]  __alloc_skb+0x142/0x2d0
[  791.072516][T30530]  __pfkey_xfrm_state2msg+0x495/0x3d30
[  791.074900][T30530]  pfkey_getspi+0x7f6/0xee0
[  791.076901][T30530]  pfkey_sendmsg+0xbfe/0x1090
[  791.078970][T30530]  __sock_sendmsg+0x21c/0x270
[  791.081020][T30530]  ____sys_sendmsg+0x505/0x830
[  791.083128][T30530]  ___sys_sendmsg+0x21f/0x2a0
[  791.085225][T30530]  __x64_sys_sendmsg+0x19b/0x260
[  791.087429][T30530]  do_syscall_64+0xfa/0x3b0
[  791.089433][T30530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.092022][T30530] 
[  791.093096][T30530] Memory state around the buggy address:
[  791.095568][T30530]  ffff888028a99d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  791.099024][T30530]  ffff888028a99d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  791.102505][T30530] >ffff888028a99e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  791.105982][T30530]                                      ^
[  791.108446][T30530]  ffff888028a99e80: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[  791.111921][T30530]  ffff888028a99f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  791.115391][T30530] ==================================================================
[  791.119007][T30530] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  791.122109][T30530] CPU: 0 UID: 0 PID: 30530 Comm: syz.7.10374 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  791.127460][T30530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  791.131774][T30530] Call Trace:
[  791.133200][T30530]  <TASK>
[  791.134475][T30530]  dump_stack_lvl+0x99/0x250
[  791.136409][T30530]  ? __asan_memcpy+0x40/0x70
[  791.138348][T30530]  ? __pfx_dump_stack_lvl+0x10/0x10
[  791.140499][T30530]  ? __pfx__printk+0x10/0x10
[  791.142477][T30530]  vpanic+0x281/0x750
[  791.144193][T30530]  ? __pfx_vpanic+0x10/0x10
[  791.146198][T30530]  ? irqentry_exit+0x74/0x90
[  791.148242][T30530]  panic+0xb9/0xc0
[  791.149886][T30530]  ? __pfx_panic+0x10/0x10
[  791.151847][T30530]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  791.154367][T30530]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  791.156930][T30530]  ? is_module_address+0x17/0xf0
[  791.159095][T30530]  ? __xfrm_state_insert+0x8af/0x1450
[  791.161430][T30530]  check_panic_on_warn+0x89/0xb0
[  791.163642][T30530]  ? __xfrm_state_insert+0x8af/0x1450
[  791.165977][T30530]  end_report+0x78/0x160
[  791.167845][T30530]  kasan_report+0x129/0x150
[  791.169754][T30530]  ? __xfrm_state_insert+0x8af/0x1450
[  791.172073][T30530]  __xfrm_state_insert+0x8af/0x1450
[  791.174378][T30530]  ? xfrm_state_insert+0x44/0x60
[  791.176564][T30530]  xfrm_state_insert+0x54/0x60
[  791.178606][T30530]  ipcomp6_init_state+0x655/0x900
[  791.180723][T30530]  __xfrm_init_state+0xa76/0x13f0
[  791.182863][T30530]  ? __xfrm_init_state+0x7ef/0x13f0
[  791.184986][T30530]  xfrm_add_sa+0x2f5b/0x4070
[  791.186896][T30530]  ? __pfx_xfrm_add_sa+0x10/0x10
[  791.189038][T30530]  ? apparmor_capable+0x137/0x1b0
[  791.191223][T30530]  ? __nla_parse+0x40/0x60
[  791.193205][T30530]  xfrm_user_rcv_msg+0x7a3/0xab0
[  791.195322][T30530]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  791.197628][T30530]  ? __pfx___mutex_trylock_common+0x10/0x10
[  791.200187][T30530]  ? rcu_is_watching+0x15/0xb0
[  791.202305][T30530]  ? trace_contention_end+0x39/0x120
[  791.204615][T30530]  ? __mutex_lock+0x335/0x1360
[  791.206722][T30530]  netlink_rcv_skb+0x208/0x470
[  791.208825][T30530]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  791.211113][T30530]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  791.213423][T30530]  ? netlink_deliver_tap+0x2e/0x1b0
[  791.215616][T30530]  ? netlink_deliver_tap+0x2e/0x1b0
[  791.217813][T30530]  xfrm_netlink_rcv+0x79/0x90
[  791.219770][T30530]  netlink_unicast+0x82f/0x9e0
[  791.221785][T30530]  ? __pfx_netlink_unicast+0x10/0x10
[  791.224115][T30530]  ? netlink_sendmsg+0x642/0xb30
[  791.226339][T30530]  ? skb_put+0x11b/0x210
[  791.228213][T30530]  netlink_sendmsg+0x805/0xb30
[  791.230329][T30530]  ? __pfx_netlink_sendmsg+0x10/0x10
[  791.232652][T30530]  ? aa_sock_msg_perm+0xf1/0x1d0
[  791.234801][T30530]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  791.237097][T30530]  ? __pfx_netlink_sendmsg+0x10/0x10
[  791.239424][T30530]  __sock_sendmsg+0x21c/0x270
[  791.241446][T30530]  ____sys_sendmsg+0x505/0x830
[  791.243563][T30530]  ? __pfx_____sys_sendmsg+0x10/0x10
[  791.245838][T30530]  ? import_iovec+0x74/0xa0
[  791.247772][T30530]  ___sys_sendmsg+0x21f/0x2a0
[  791.249790][T30530]  ? __pfx____sys_sendmsg+0x10/0x10
[  791.252049][T30530]  ? __fget_files+0x2a/0x420
[  791.254088][T30530]  ? __fget_files+0x3a0/0x420
[  791.256102][T30530]  __x64_sys_sendmsg+0x19b/0x260
[  791.257925][T30530]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  791.260000][T30530]  ? rcu_is_watching+0x15/0xb0
[  791.262024][T30530]  ? do_syscall_64+0xbe/0x3b0
[  791.264118][T30530]  do_syscall_64+0xfa/0x3b0
[  791.266087][T30530]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.268744][T30530]  ? asm_sysvec_call_function_single+0x1a/0x20
[  791.271425][T30530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.273653][T30530] RIP: 0033:0x7f798e78ebe9
[  791.275132][T30530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  791.283259][T30530] RSP: 002b:00007f798f69d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  791.286937][T30530] RAX: ffffffffffffffda RBX: 00007f798e9b6180 RCX: 00007f798e78ebe9
[  791.290273][T30530] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  791.293665][T30530] RBP: 00007f798e811e19 R08: 0000000000000000 R09: 0000000000000000
[  791.297076][T30530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  791.300509][T30530] R13: 00007f798e9b6218 R14: 00007f798e9b6180 R15: 00007ffcda040f78
[  791.303916][T30530]  </TASK>
[  791.306091][T30530] Kernel Offset: disabled
[  791.308036][T30530] Rebooting in 86400 seconds..

VM DIAGNOSIS:
01:19:47  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000002f RBX=000000000000002f RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000009a78 RDI=0000000000009a79 RBP=00000000000003f8 RSP=ffffc90008de69f0
R8 =ffff888107770237 R9 =1ffff11020eee046 R10=dffffc0000000000 R11=ffffffff854e7220
R12=dffffc0000000000 R13=ffffffff99af1913 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e729c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f798f69d6c0 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f798f69cfc8 CR3=0000000046042000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f798e987498 00007f798e987470 XMM03=00007f798e9874a8 00007f798e9874a0
XMM04=00007f798f4ed100 00007f798e987460 XMM05=00007f798e987478 00007f798e9874c0
XMM06=00007f798e9874b8 00007f798e9874b0 XMM07=00007f798e9874a8 00007f798e9874a0
XMM08=0000000000000000 00007f798e812ee7 XMM09=0000000000000000 00007f798e812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff895d8601 RBX=0000000000000001 RCX=ffffffff895d8691 RDX=0000000000000001
RSI=0000000000000004 RDI=0000000000000000 RBP=0000000000000002 RSP=ffffc90008dd75b0
R8 =ffff88812c4d8ce7 R9 =1ffff1102589b19c R10=dffffc0000000000 R11=ffffed102589b19d
R12=ffff88812c4d8c00 R13=ffffc90008dd7800 R14=ffff88812c4d8ce4 R15=dffffc0000000000
RIP=ffffffff895d86a2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f798f6be6c0 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f798f6bdfc8 CR3=0000000046042000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f798e987498 00007f798e987470 XMM03=00007f798e9874a8 00007f798e9874a0
XMM04=00007f798f4ed100 00007f798e987460 XMM05=00007f798e987478 00007f798e9874c0
XMM06=00007f798e9874b8 00007f798e9874b0 XMM07=00007f798e9874a8 00007f798e9874a0
XMM08=0000000000000000 00007f798e812ee7 XMM09=0000000000000000 00007f798e812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
