last executing test programs:

7m52.424587551s ago: executing program 1 (id=174):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)

7m51.015739084s ago: executing program 1 (id=181):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@i_version}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x105042, 0x38)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
setresuid(0xee01, 0xee01, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fallocate(r0, 0x10, 0x2, 0x7fff)

7m50.694175139s ago: executing program 1 (id=185):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x20, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x24004804}, 0x0)
getpid()
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300"], 0x48)

7m50.367824504s ago: executing program 1 (id=189):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000400), 0x1, 0x76f, &(0x7f0000001580)="$eJzs3c9rHOUbAPBnNknTpv1+E0HQegoIGijdmBpbBQ8VDyJYKOjZumy2oWaTLdlNaUJARQQvgooHQS89+6PevIk/rvpfeJCWqmmx4kEis5lNN81uk22TrHU/H5j2eWdm886zM/O+7+4MOwH0rNH0n1zE4Yh4P4kYzuYnETFQj/ojTq6td3NluZhOSayuvvxbUl/nxspyMZpekzqYFR6OiO/fiTiS21xvdXFpplAul+az8nht9vx4dXHp6LnZwnRpujR3fGJy8tiJp04c37lc//hp6dDVD154/MuTf7390OX3fkjiZBzKljXnsVNGYzTWUh9I38INnt/pyros6fYGcFfS47Nv7SyPwzEcffUIAPgveyMiVgGAHpPo/wGgxzS+B7ixslxsTN39RmJvXXsuIvav5d+4vrm2pD+7Zre/fh106Eay4cpIEhEjO1D/aER8+vWrn6dT7NJ1SIBW3vwmCza1/8mmexY69cQ21hm9raz9g73zbTr+ebrV+C+3Pv6JFuOfwRbn7t3Y+vzPXdmBatpKx3/PNt3bdrMp/8xIX1b6X33MN5CcPVcupW3b/yNiLAYG0/LEHeoYu/739XbLmsd/v3/4+mdp/en/t9bIXekf3PiaqUKtcC85N7v2VsQj/a3yT9b3f9Jm/Ht6m3W8+My7n7Rbluaf5tuYNue/u1YvRTzWcv/fuqMtueP9ieP1w2G8cVC08NXPHw/F+pm0UfP+T6e0/sZngb2Q7v+hO+c/kjTfr1ntvI4fLw1/127Z1vm3Pv73Ja/U433ZvIuFWm1+ImJf8tLm+cduvbZRbqyf5j/2aD3/A9kqm9q/Vsd/+pnwta0Szzai/+qvX9x9/rsrzX+qo/3feXD55kxfu/q3t/8n69FYNmc77d92N/Be3jsAAAAAAAAAAAAAAAAAAAAAAAAA2K5cRByKJJdfj3O5fH7tGd4PxlCuXKnWjpytLMxNRf1Z2SMxkGv81OVw0++hTmS/h98oH7ut/GREPBARHw0eqJfzxUp5qtvJAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDmYJvn/6d+Gez21gEAu2Z/tzcAANhz+n8A6D2d9v/GCwBw/9OfA0Dv0f8DQO/R/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDLTp86lU6rf64sF9Py1IXFhZnKhaNTpepMfnahmC9W5s/npyuV6XIpX6zMbvX3ypXK+cmYW7g4XitVa+PVxaUzs5WFudqZc7OF6dKZ0sCeZAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnakuLs0UyuXSvKCj4ED2/v1btkcg2Nmgyw0TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH3inwAAAP//CDwgEQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$setregs(0xd, r1, 0x0, &(0x7f00000003c0))

7m49.824796323s ago: executing program 1 (id=196):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x44, 0x1, 0x2, 0x801, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @empty}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x17a7170fede3d71b}, 0x0)

7m48.472737875s ago: executing program 1 (id=198):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={0x0}}, 0x44001)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

7m48.260837628s ago: executing program 32 (id=198):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={0x0}}, 0x44001)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

10.699014441s ago: executing program 3 (id=2690):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x1000}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000002380)=@nat={'nat\x00', 0x8, 0x5, 0x508, 0x118, 0x208, 0xffffffff, 0x208, 0x0, 0x438, 0x438, 0xffffffff, 0x438, 0x438, 0x5, 0x0, {[{{@uncond, 0xb7030000, 0xe8, 0x118, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@dev, @mcast1, [], [], 'veth0_macvtap\x00', 'veth1_to_batadv\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@remote, @ipv4=@multicast2, @port, @icmp_id}}}, {{@ipv6={@mcast2, @local, [], [], 'wg1\x00', 'virt_wifi0\x00', {}, {}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@hl={{0x28}}, @common=@hl={{0x28}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @ipv6=@mcast1, @icmp_id=0xfffd, @gre_key}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @private1, [], [], 'vlan0\x00', 'team0\x00', {}, {}, 0x0, 0x0, 0x1}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @port, @icmp_id}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x568)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r4=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)

8.601947094s ago: executing program 3 (id=2692):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x200088d1, &(0x7f0000000540)={0xa, 0x4e24, 0x7, @mcast2}, 0x1c)
syz_mount_image$squashfs(&(0x7f00000007c0), &(0x7f0000000240)='./file1\x00', 0x200005, &(0x7f00000012c0)=ANY=[], 0x1, 0x19c, &(0x7f0000000500)="$eJzskE1rE0EYx3/PzKTZCFVXxUMFG7C4plTzUvUgCMFTC1nwKhh0SWNTTNR0c7BFsbdeWvsZvHlUD55EFDyLB8GDRoTepDkUD54ksrujX6LzY3f+83+YmeelE/fjPPBn/1GLOimaw3xCMMC0ZDGlMn1t/U+rO5lwzXov/eC59VPx2vrdqNttrxavFPHTQMEGgF9F/B/8PxO/5KRiJNSRL/u6FcntkHGdnloK8RvMbqOb9EtPmTKTnLiFZhxssajoS9CAI+VB70E5Xls/v9KLltvL7Xu12vzlysVK5VKtfGel264cNVldT/KZhhRKj8k1k3YPMSdIqaOGWmZHTDTZ+ajPnZkboUp7jBHeBSPy30ynqOAs3s2koQWOC8/QITMNCgpDmmgBue69kqr5bH7nFN6G1hda97tLmzeyUcqeJ9VdckGVaHH76nwyGo7xns0hM8O0tqHZ/c60vEmybNl5mo1kfWHdKU5DnofRYLBanYAPEoTUkt+HyfQ5ldblw1t7xwpf/20cDofD4XA4HA6Hw3EA+BsAAP//jRhcwA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0xf, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_procfs$userns(0x0, &(0x7f00000000c0))
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x804, &(0x7f00000002c0)={[{@uni_xlate}, {@shortname_winnt}, {@rodir}, {@utf8no}, {@utf8}, {@shortname_winnt}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {}, {@iocharset={'iocharset', 0x3d, 'cp862'}}, {@iocharset={'iocharset', 0x3d, 'cp855'}}, {@shortname_mixed}]}, 0x1, 0x27e, &(0x7f00000028c0)="$eJzs3cFqY1UYB/AvbWqSgiYLoVgEr7hxFdqK+xSpIAYUJQtdWWyK0tRCA4W6aLsrvoO+gi7dCi7ErS8gglTBjXXVhUyGzG3aJJNkmpm5zdD5/Tb9OPf7c84Jh1y66Olnr+7ubO21t8/Pz6JYzEW+FrW4yEUl5mI+UicBANwlF51O/NtJ9Q0vD7WVbnlZAECGxrz/AYA7bNL7P3dyNfbh7a8MAMjKE/3+P5fJkgCAjH38yafvr9frGx8lSTFi9/SgcdBIf6bP17fjy2hFM1aiHP9HdK6k9bvv1TdWkq6/KlHcPZ5L88cHjfnB/GqUozI6v5qkotHN9fILsXiZ/30xmrEW5Xh5dH5tZP6FePONvvmrUY7fPo+9aMVWdLNpPh8RR6tJ8s4H9aF84UEfAAAAAAAAAAAAAAAAAAAAAABkoZpcqQzef5Pe31Otjnue5vvvByoN3Q9U7L8fqHM8dL9OPpbzs907AAAAAAAAAAAAAAAAAAAAPCvah1/vbLZazf1JxVe/fv/zWSENPLJ5cpG7nHe61OnEntLNdjFUvPj6n9+OelSIwrSfz+MVCxHRP5JcTvnTa093rv17GSz+l7MvXnmrvfT2uJ7I90ZeivbhN92tDvSMOUj5rD7wf8oRY3uKUx/I/uKHXlH776Ge3lFq7peyO0g3K5a+q23+ePTH3zdNTfjS6Mxn8VUEAAAAAAAAAAAAAAAAAADPves/+p31SgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgdq7///+0RSEGRopjm09mvUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgfAAD///9dlCQ=")
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

8.319708269s ago: executing program 2 (id=2696):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000e8f4fbff000000004000001d8500000007000000440000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r0 = syz_open_dev$evdev(&(0x7f0000000200), 0x200, 0x0)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14927e, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1)
r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/netstat\x00')
pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000240)=0x6)
ioctl$EVIOCSCLOCKID(r0, 0x40084503, &(0x7f0000ffcffc))
r3 = socket(0x1000000000000010, 0x80802, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001100)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000200000000000c00095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36b26fb0b71d0e6adfefcf1d8f7faf75e0f226bd99eea7960717142fa9ea4318123741c4a0e168c1886d0d4d94f2f4e345c652fbc16ee988e6e0dc8cedf3ce99fbfbf9b0a4def23d410f6296b32a334388107200759cda9036b4e369a9e152ddcc7f05a5f3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c3b35967deabe802f5ab3e89bd6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ececb0cd2b6d357b85a0218ce740068725837074e098ee207d2f73902fbcfcf49822775985bf32d715f5888b24efa000000000000ffffffdf000000000000000000000089a7b9b00000000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9deab29ea3323aa9fdfb52faf449c3bfd09000000b91ab219efdebb7b3de8f67581cf796a1d4223b9ff7ffcad3f6c962b9f292324b7ab7f91a31cf41ab11f12fb1e0a494034127de7c6592df1a6c64d8f20a67745409e011f1264d43e153b3d34899f40159e800ea2474b544035a30b23bcee46762c2093bcc9eae5dff5adbdee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673e3296e52d337c56abf1128744bab6677fcb78e313841ec309baed0495f06d058a75fa4c81e5c9f42d9383e41d277b10392a912ffaf6f658f3fadd16286744f839c3f128f8f92d0992239eafce5c1b3f97a297c9e49a0c3510ef74080e6d1e0c8a868a353409e34d3e82279637598f37ad380a447483cac394c7bbdcd0e3b1c39b6e00916de48a4e70f03cc4146a77af02c1d4cef5379da860aed8477dfa8ceefb405005c6977c78cdbf37704ec73755539280b064bda154910fe050038ec9e47de89298b7bf4d769ccc18eede00e8ca5457870eb30d211e23ccc8e06cd58b61799257ab55ff413c86ba9affb12ec757c7234c270246c87a901160e6c07bc6cf8809c3a0d46ff7f008000000000ad1e1f493354b2822b98371d000000167d78e65b90eba0768e825972ea3b774a1467c89fa0f82e8440105051e5510a33dcda5e143fbfff161c12ca389cbe4c51b3fa00675cd1b66c5fd9c26a54d43fa050645bd9109b7e7131421c0f39113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a84a4e3344b155cc20f49e298727340e97cdefb40e56e9cfad973347d0de7ba4754ff231a1b033d8f931ba3442b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf46306f2ef79b8d4c2ff030000000000000007b82e6044f643068cd47ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c99220002af8c5e53d52c83ac3fa7c3a3ee6c08384865b66d2b4dcb5dd9cba16b64ebbbf8702ae12c77e6e34991a225c120a3c950942fe0bc9f2a1a7506d35e5b439edeb7088aeda890cf8a4a6f31ba6d9b8cb098f935bdcbb29fd0f1a342c9eed00000000ab6648a9dea0b6c91996d65da6c24a702a86c814459f3cdaaf99000000000000000000bfb32c826563c518d0ad23bc83ba3f3757210a057eff7615c868bd7d74233da1a3b56d4e04a7ec4792b1c4cffddbbdcfdd23ab5268f1b3d08ebb8ce498cbaaf5aaab812201d1aba3d70471fcd9b466569f3ef72f39d87fcccab514fc02b70be8629c9b73ce7bc4be7f8be71cb7b2d0a4acff8f6abe7dbad64dfa44966945d93c33b038ce0d890f851811e387723a25dda119f64b35e71c5400000000000000000000000000000034c751ebdf3f20a95b817ea3df3d6c0002a41783058e56c70afe8016b3dd9dc7785b36e609f173cc6b893ecd138289709839747837d6a6283b3452c57a5d44cacd363589845637071320921d22c1663964eddec902fc7cc33158bc306d8c3bdae8108a23d2dc96a5cdb518f58832ec0906aaec43659c79c8ad37b0f961f3beaa3e02f7762c5dd633d13b5e487e996597b2ab42c898b7dd8390e13b395aacce4683e55bcfe8c17615257364365fd48bd77da79e52ce9adfe6dca9c42c4d719347f39ef006c2df747ee6adb7cd04faf05c36de72354c64ebaf28a3de18607ebc4b70f50f71dae565749568a23319232dc213342fb472e98c9a412199ce7976bee5eaf40e60cb3fbe8b92dae5008e92d17d05ce74ffffe74ae71d5b8bd43a4e0bf0390335aa489689f5e3a4ac5adca96caab658b43cd499d95d3876c220d147ad1d0e626621d88f1370982f663793cac52ea0d14e595ff1f56427a0a813bb3b84d31d021eeea8faeff25bb66f5940d08a5509a66fc43962bcb2f7415bc38e355e80ec935aa6fe2d74bd475d89449fb46320fee40faff2fd005549fe6a042bd95decfde5e166971935f4cfd9c9e5bfd2d803644f4e5b7e6dc1a7a35df7134e2fad79269bf24bea4eb0213068e3054d9e4a8d1a9eb032cb390e2016d0ce10549728cb4732dc5adab16fa19ac70780b29e079be27c95d3dd2bd91a584c46d84d430fc6ea31ce0ba62fa27be9f6bc435203da7c3a5d68bf4dd4f81cbfaa1c87a15b9272853c9837db930952dca667194b71815a9eb49b495360dcdf31e0e560857d0541a916d6b5469ac1b36babc5a91e1d58925f20d9d5f8a0da3c30711b0d101cabceffbe072be69613ea0003c6e9bb5cd2413c8ddc17cfa319cf7aaeed0ffb07a08f8fb439f709dfe0732fe42192819870bdd87d5f612ade03540a28be446095269d9ea5a60bba1f2462f9921f2a731dbcf1d03964ea1e4f79514914d37877f57617b60fa2b58aa694fcb023024653c4b73efb12a57ffc6f8943262b77be933051e12bd4d768a422ea652d45b04a9c43b5c97fc3edea7002d51a0a74889334ee"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x29, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f0000000140), 0xc6fffffd)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00IA@u\x00\b\x00'/32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x511, &(0x7f0000000540)="$eJzs3cFvVE8dAPDv23Zp6a/8CspBjQoiioawbRdoCBfhojGExEg8eYDaLk3TXbbpLpFWDuXonUQST/onePNgwsmDN29684IHE1SioSYe1ry327K023b9dduF7ueTvL43M8t+Z7rMzL6B3QlgYJ2PiPWIOBERDyJiopWftI641TzSx71983Ru483TuSQajXv/SLLyNC/a/kzqk9ZzjkbED78X8ZNkZ9za6trSbLlcWmmlJ+uV5cna6tqVxVwrpzgzPTN14+r1Ys/aeq7ym9ffXbzzo9/99iuv/rj+7Z+l1Rr/+amsrL0dvdRsej7G2/KGI+LOYQTrk+HW3x8+Pmlv+1xEXMj6/0QMZa8mAHCcNRoT0ZhoTwMAx116/z8eSa7QWgsYj1yuUGiu4Z2NsVy5Wqtfnqg+fjQf2RrW6cjnHi6WS1OttcLTkU/S9HR2/S5dfC/9vHQ1Is5ExPORk1l5Ya5anu/nGx8AGGCfbJv//z3SnP8BgGNutN8VAACOnPkfAAaP+R8ABs//Mf/7dCAAHBPu/wFg8Jj/AWDw7Dv/PzuaegAAR+IHd++mR2Oj+f3Xm9/UfWW+VFsqVB7PFeaqK8uFhWp1oVwqzDUa+z1fuVpdnr62laytrt2vVB8/qt9frMwulO6X8ofZGACgK2fOvfxzOumv3zyZHdG2l4O5Go63XL8rAPTNUL8rAPSNz/PA4OriHt8yABxzHbbofc+u/0Xohc1f4WN16YvW/2FQHWT939oBfNw+2/r/d3peD+DomcNhcDUaiT3/AWDAWOMHDvTv/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCgxrMjyRWyvcDX05+5QiHiVEScjnzycLFcmoqITyPiTyP5kTQ93e9KAwAHlPtb0tr/69LExfHtpSeS/4xk54j46S/v/eLJbL2+Mp3m/3Mrv/4izT9ZXyme6EcDAIB2t3ZmZfN3sXVuu5F/++bp3OZxlFV8fbu5uWgad6N1NEuGYzg7j0Y+Isb+lbTSTen7laEexF9/FhFf2Gz/aDxpizCerYE0dz7dHj+Nfarn8dt//9vj595rby4rS8/57Hfx+R7UBQbNy9vNcbLV99Iu3up/uTifnTv3/9FshDq4dPxL+/XGjvEvtzX+De2In2R9/vxWeu+avL72++/vyGxMNMueRXxpuFP8ZCt+0nn8zV/sso1/+fJXL+xW1vhVxKWO7d/ckbqSDbOT9cryZG117cpiZXahtFB6VCzOTM9M3bh6vTiZrVE3f/6hU4y/37z86W7x0/aP7RJ/dO/2xze6bP+v//vgx1/bI/63vt759T+7R/x0Tvxml/Fnx27tun13Gn9+l/bv8/rH5S7jv/rr2nyXDwUAjkBtdW1ptlwurexzkb7X3O8xLrq/SO/tP4BqZBexHtGrJ8wWJSKi42PSd9QfRpMP6yL5MKrRi4t+j0zAYXvX6ftdEwAAAAAAAAAAAAAAYDe11bWlkc6f1urZRb/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPH1vwAAAP//tBrD+w==")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xfffffe48)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6, 0x0, 0x0, 0x2})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000000)=r4, 0x4)
sendmsg(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe800c00080008001100080000002d000f009b2c136ef75afb83de448daa72540d8302d2c55327c43ab82286ef1fdd20642383656d4d2449155037", 0x55}], 0x1}, 0x0)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x10)

8.080099102s ago: executing program 0 (id=2698):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
io_setup(0xa, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setreuid(0xee01, 0xee01)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000440)=ANY=[@ANYBLOB="b7000000fdffffffbfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000000f040000000000001d4002000000000065040000000000000f030000000000001d440000000000007a0a00fe000000000f00000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b1100886475923906f88b53987ad0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64360f56e24e6d2105bd901128c7e0ec82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7dfcb59b854e9d5a17f48a7382f1b3fa4526650ea6cef13d000000225d85ae49cee383f936ad657b303ab841dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c1070bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c22ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fd03000000022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b884114f244a9bf93f04bf072f0861f5c0b000000004000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99705cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0706a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2811e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96735600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922923806ca84d69ea370db27a5ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca311a28ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da7418fd3aa81cff202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c829aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0d0274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f4441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbf34c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cbf5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d9436220000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd9000000000000f05fe239d3d6dafc367f12689b6700000000bd4990d9dc174a69aadffdea5445fd3c13350af85d308caee689736c06417b52541eb5871d820b850dcb00877bbe2ed19d911564f11adeb52ec3047cfdcac8a8bab6ee365941cf792155f589226758e9c8bec8289b3012ca74bfe210e0315b384ce982e16f93f3e0b1385cfaab63bd36b141dfbc7f96ee549b8b52c311e5c657943f2a5d177f03e10b3595ed13458472a2eab1ea987a0668e52fff5c716fb5950852186649ce7362b45225f050c1c37327b6"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

7.220637456s ago: executing program 2 (id=2699):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r4, &(0x7f0000000380)={{0x6, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x8}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x48)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
connect$netrom(r5, &(0x7f0000000300)={{0x6, @rose, 0xfffffffc}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
listen(r4, 0x1ad72f7)
ioctl$PPPIOCGFLAGS1(r1, 0x80207450, &(0x7f0000000280))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'dummy0\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c58b, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c8, &(0x7f0000000100))
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/custom0\x00')

7.01021585s ago: executing program 4 (id=2700):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x5)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
r2 = syz_mount_image$minix(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x21043, &(0x7f0000000540)=ANY=[], 0xd, 0x1a8, &(0x7f0000000200)="$eJzs281O6kAUwPHTj0uB+8W9qAtjIokL3WgBlcSdPopKNUY0RtxAWKAv4NK1b+IDycK4cSWmpa2xUIgItKb/34IOc2Y6Z4BJTkgqABJrVwqiiCKq/WYpnbvNK1GnBGBGuu71tQsgebSX3rUQdSIAZqyzJ07t//jUOhQt5dcFXsuOt724avTVD51rkUXdjStpyQTri3uRVW++kg1Of7Z7sn78ZyCccu6/tuKt/0t+yx/5Kzn5J/8l765f9ecvfLb86d8QAAAJoMjGqHjIgB/Oa0aOTmpW0RkZcLDljLLjpdD7p5x4eWhcWw7Pz5AHt5KpDt0HgH7qmOdfda+af/4H00ecfwDRqTeap/u1mnUZg0b6Yz5dQ2SKixpx2HK8G20JH2NIsEefyKKZ0NCNDArZP5pJ7r3lHozpfrztYI9dTUf5deu91TU3Df4XAxLAvDq7MOuN5rp94q1j67xcLO5UtjdLlbLpVPbm8PoewPf1XgZEnQkAAAAAAAAAAAAAABjXnMyPNe9u4pkAAAAAmLaRDwaJ3hv4hQeMot4jAACx8xYAAP//BPMREQ==")
openat$zero(0xffffffffffffff9c, 0x0, 0x404400, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file7\x00', 0x21c0, 0x103)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48)
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x8304a4, &(0x7f0000000180)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r2, @ANYRESDEC=r2, @ANYRES32=r2, @ANYRESOCT=r2, @ANYRESDEC, @ANYRESDEC=0x0], 0x1, 0x675, &(0x7f0000001280)="$eJzs3U9sHFcdB/DvrDd2NpTUTZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJiXukcuECtx7xsRKCSy+YC4tmdtbe2ruOHWyvUz6faPzemzfz3u/9dnZnd63IAf5vXT2f5oMUuXr+5eWyvboy015dmbndqyeZSNJImlVRpPhXp9P5ILmS7pbnkhT1cMWwee4vzL764cerH3VbzXqrjm9sd97O3Ku3nE0yVpeb3H7U8a4NHm/D0YcNV6yvsEzYuV7iYNSOJOlU/nG/u+cHf35ivadPa9DZD73ygcdA0b1vbjGZHKuf6OX7gO5dsXvPfqzdG3UAAAAAcACeXMtalnN81HEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46T4SmusLOqt0aufTdH7+//j9b7U9cOiWI9qFx7sRyQAAAAAAAAAcMDOrGUtyznea3eK6nf+L1SNk9XPz+St3M18FnMhy5nLUpaymOkkk30DjS/PLS0tTvefOTH4zEsDz7z0kEAn6rK1RwsHAAAAAAAAgE+Xn+bqxu//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMCiSsW5RbSd79ck0mkkmesfdS/6aZHy00f7vHow6AAAAADgAT65lLcs53mt3iuoz/zPV5/6jeSt3spSFLKWd+VyvvgvofupvrK7MtFdXZm6X29Zxv/nPXYVRjZjudw+DZz5dHdHKjSxUey7kWt5IO9fTqM4sne7FMziun5QxFd+o7TCy63VZrvy9utzi3V0tdphdfpkyWWXkyHpGpurYymw8tX0mdvnobJ5pOo31YE9ummnTIs48Ss6P1WW5nl8Oy/lIbM7Epb6r75ntc5584Y+//97N9p1bN2/cPX94lrQzY3XZqX62tmZipi8Tz3Yz8P3XPo2Z2GKqysSp9fbVfCev5XzO5pUsZiE/zFyWMp+z+XZVm6uv56Lv+9Qh18yVT7ReeVgk4/UV2n2wdhfTC9W5x7OQ7+aNXM98Xqz+Xcp0vprLuZzZvkf41A5eaRtDnvWdzw4M/twX60orya/q8nAo8/pUX177X3Mnq77+PRtZOrH396Pm5+pKOcfP6vJw2JyJ6b5MPL19Jn5bvazcbd+5tXhz7s2dTXfivbpSPo9+cajuEuX1cqJ8sKrWJ6+Osu/pgX3TVd/J9b7Glr5Tvb6//ebXL1XHDHumjtfv4Zpfn91yxyr7nh04y0zVd7qvb9D7LQAOvWNfOjbe+nvrL633Wz9v3Wy9fPRbE1+beH48R/505KXm1NjnG88Xf8j7+fHG538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODR3X37nVtz7fb84qZKM513h3TtS+U/Q7qKJHs4V+/PmQ095sieL/C5J5KDyeHWyniSA590YOXfnU6n3lMchni2r3RKE+ns+1zNJIO6zow+CSN+YQL23cWl229evPv2O19euD33+vzr83dmL1+enZq9/OLMxRsL7fmp7s9RRwnsh42b/qgjAQAAAAAAAAAAAHbqIP47wfDZjx7kUgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH1NXzaT5IkempC1Nle3Vlpl1uvfrGkc0kjSTFj5Lig+RKulsm+4Yrhs1zf2H21Q8/Xv1oY6xm7/jGduftzL16y9kkY3W5V+Nd28l4v9uus1hfYZmwc73Ewaj9NwAA//8CiAVm")
r4 = socket$qrtr(0x2a, 0x2, 0x0)
sendmsg$sock(r4, &(0x7f0000001540)={&(0x7f00000004c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x3, 0x1, 0x4, 0x3, {0xa, 0x4e21, 0x1c0, @mcast2, 0x1000}}}, 0x4, 0x0}, 0x0)

6.96880735s ago: executing program 0 (id=2701):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@dos1xfloppy}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
connect$unix(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)

6.480988088s ago: executing program 4 (id=2702):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xb, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x655c, 0x3, 0xffffffffffffffff, 0x9, 0x800}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

6.36441938s ago: executing program 0 (id=2703):
chdir(0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x0, 0x82a}, 0x18)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000004, 0x28011, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0)
open(0x0, 0x14d27e, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f0000000000)=0x10000, 0x4)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x4008053, r4, 0x80000000)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

4.575629788s ago: executing program 5 (id=2705):
syz_open_dev$evdev(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
add_key$fscrypt_provisioning(&(0x7f0000003540), &(0x7f0000003580)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002700)={0x11, 0x3, &(0x7f0000002240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x9}}, 0x0, 0x5, 0x2f, &(0x7f00000022c0)=""/47, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x101, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x880, 0x9)
finit_module(r1, 0x0, 0x3)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000800)='/proc/keys\x00', 0x0, 0x0)

4.46198545s ago: executing program 4 (id=2706):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x8004)
write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r2], 0x4)

3.716767011s ago: executing program 0 (id=2707):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000000007140012800c0001006d616376746170000400028008000500", @ANYRES32=r2], 0x44}}, 0x0)

2.998345663s ago: executing program 0 (id=2708):
pipe2(&(0x7f0000000840), 0x0)
socket$netlink(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x1e, 0x1, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, 0x0)

2.967998884s ago: executing program 4 (id=2709):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
connect$tipc(r3, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmmsg$unix(r3, &(0x7f0000004400), 0x400000000000203, 0x0)
sync()

2.872730055s ago: executing program 5 (id=2710):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x54}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r0, @ANYBLOB="0100000000000000240012000c000100627269646765000e14000200080007004a"], 0x44}}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket(0x10, 0x2, 0x6)
sendmsg$nl_route_sched(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x128}}, 0x0)
getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa3)
bind$packet(r1, &(0x7f00000000c0)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendto$inet6(r1, &(0x7f0000000100)="0503460008003e00000002008100", 0x36, 0x0, 0x0, 0x0)

2.678191738s ago: executing program 0 (id=2711):
syz_mount_image$f2fs(&(0x7f0000000240), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000006c0)={[{@nodiscard}, {}, {@adaptive_mode}, {@alloc_mode_reuse}, {@noquota}, {@disable_roll_forward}, {@background_gc_on}, {@fault_type={'fault_type', 0x3d, 0x5}}, {@checkpoint_diasble}, {@user_xattr}, {@fsync_mode_strict}, {@io_bits={'io_bits', 0x3d, 0x71}}, {@jqfmt_vfsold}, {@acl}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x6, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000092c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
socket$inet(0x2, 0x2, 0x1)
read$FUSE(r1, 0x0, 0x0)
stat(&(0x7f0000000380)='./file0\x00', &(0x7f0000001640))

2.608488209s ago: executing program 3 (id=2712):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x5)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
r2 = syz_mount_image$minix(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x21043, &(0x7f0000000540)=ANY=[], 0xd, 0x1a8, &(0x7f0000000200)="$eJzs281O6kAUwPHTj0uB+8W9qAtjIokL3WgBlcSdPopKNUY0RtxAWKAv4NK1b+IDycK4cSWmpa2xUIgItKb/34IOc2Y6Z4BJTkgqABJrVwqiiCKq/WYpnbvNK1GnBGBGuu71tQsgebSX3rUQdSIAZqyzJ07t//jUOhQt5dcFXsuOt724avTVD51rkUXdjStpyQTri3uRVW++kg1Of7Z7sn78ZyCccu6/tuKt/0t+yx/5Kzn5J/8l765f9ecvfLb86d8QAAAJoMjGqHjIgB/Oa0aOTmpW0RkZcLDljLLjpdD7p5x4eWhcWw7Pz5AHt5KpDt0HgH7qmOdfda+af/4H00ecfwDRqTeap/u1mnUZg0b6Yz5dQ2SKixpx2HK8G20JH2NIsEefyKKZ0NCNDArZP5pJ7r3lHozpfrztYI9dTUf5deu91TU3Df4XAxLAvDq7MOuN5rp94q1j67xcLO5UtjdLlbLpVPbm8PoewPf1XgZEnQkAAAAAAAAAAAAAABjXnMyPNe9u4pkAAAAAmLaRDwaJ3hv4hQeMot4jAACx8xYAAP//BPMREQ==")
openat$zero(0xffffffffffffff9c, 0x0, 0x404400, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file7\x00', 0x21c0, 0x103)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48)
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x8304a4, &(0x7f0000000180)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r2, @ANYRESDEC=r2, @ANYRES32=r2, @ANYRESOCT=r2, @ANYRESDEC, @ANYRESDEC=0x0], 0x1, 0x675, &(0x7f0000001280)="$eJzs3U9sHFcdB/DvrDd2NpTUTZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJiXukcuECtx7xsRKCSy+YC4tmdtbe2ruOHWyvUz6faPzemzfz3u/9dnZnd63IAf5vXT2f5oMUuXr+5eWyvboy015dmbndqyeZSNJImlVRpPhXp9P5ILmS7pbnkhT1cMWwee4vzL764cerH3VbzXqrjm9sd97O3Ku3nE0yVpeb3H7U8a4NHm/D0YcNV6yvsEzYuV7iYNSOJOlU/nG/u+cHf35ivadPa9DZD73ygcdA0b1vbjGZHKuf6OX7gO5dsXvPfqzdG3UAAAAAcACeXMtalnN81HEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46T4SmusLOqt0aufTdH7+//j9b7U9cOiWI9qFx7sRyQAAAAAAAAAcMDOrGUtyznea3eK6nf+L1SNk9XPz+St3M18FnMhy5nLUpaymOkkk30DjS/PLS0tTvefOTH4zEsDz7z0kEAn6rK1RwsHAAAAAAAAgE+Xn+bqxu//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMCiSsW5RbSd79ck0mkkmesfdS/6aZHy00f7vHow6AAAAADgAT65lLcs53mt3iuoz/zPV5/6jeSt3spSFLKWd+VyvvgvofupvrK7MtFdXZm6X29Zxv/nPXYVRjZjudw+DZz5dHdHKjSxUey7kWt5IO9fTqM4sne7FMziun5QxFd+o7TCy63VZrvy9utzi3V0tdphdfpkyWWXkyHpGpurYymw8tX0mdvnobJ5pOo31YE9ummnTIs48Ss6P1WW5nl8Oy/lIbM7Epb6r75ntc5584Y+//97N9p1bN2/cPX94lrQzY3XZqX62tmZipi8Tz3Yz8P3XPo2Z2GKqysSp9fbVfCev5XzO5pUsZiE/zFyWMp+z+XZVm6uv56Lv+9Qh18yVT7ReeVgk4/UV2n2wdhfTC9W5x7OQ7+aNXM98Xqz+Xcp0vprLuZzZvkf41A5eaRtDnvWdzw4M/twX60orya/q8nAo8/pUX177X3Mnq77+PRtZOrH396Pm5+pKOcfP6vJw2JyJ6b5MPL19Jn5bvazcbd+5tXhz7s2dTXfivbpSPo9+cajuEuX1cqJ8sKrWJ6+Osu/pgX3TVd/J9b7Glr5Tvb6//ebXL1XHDHumjtfv4Zpfn91yxyr7nh04y0zVd7qvb9D7LQAOvWNfOjbe+nvrL633Wz9v3Wy9fPRbE1+beH48R/505KXm1NjnG88Xf8j7+fHG538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODR3X37nVtz7fb84qZKM513h3TtS+U/Q7qKJHs4V+/PmQ095sieL/C5J5KDyeHWyniSA590YOXfnU6n3lMchni2r3RKE+ns+1zNJIO6zow+CSN+YQL23cWl229evPv2O19euD33+vzr83dmL1+enZq9/OLMxRsL7fmp7s9RRwnsh42b/qgjAQAAAAAAAAAAAHbqIP47wfDZjx7kUgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH1NXzaT5IkempC1Nle3Vlpl1uvfrGkc0kjSTFj5Lig+RKulsm+4Yrhs1zf2H21Q8/Xv1oY6xm7/jGduftzL16y9kkY3W5V+Nd28l4v9uus1hfYZmwc73Ewaj9NwAA//8CiAVm")
r4 = socket$qrtr(0x2a, 0x2, 0x0)
sendmsg$sock(r4, &(0x7f0000001540)={&(0x7f00000004c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x3, 0x1, 0x4, 0x3, {0xa, 0x4e21, 0x1c0, @mcast2, 0x1000}}}, 0x4, 0x0}, 0x0)

2.204474465s ago: executing program 5 (id=2713):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x18, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

1.148119592s ago: executing program 3 (id=2714):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x20082, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x1fa7}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd2b, 0xfffffffd, {0x0, 0x0, 0x0, r4, {0x4000}, {}, {0x2}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_FLAGS={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

1.090056893s ago: executing program 2 (id=2715):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
ppoll(&(0x7f0000000100)=[{r0, 0x4544}], 0x1, 0x0, 0x0, 0x0)

824.792237ms ago: executing program 2 (id=2716):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c00010062"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)

469.220243ms ago: executing program 5 (id=2717):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xb, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x655c, 0x3, 0xffffffffffffffff, 0x9, 0x800}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

377.514365ms ago: executing program 4 (id=2718):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000000f", @ANYRES8=r0], 0x3c}}, 0x10)

367.013594ms ago: executing program 3 (id=2719):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000000007140012800c0001006d616376746170000400028008000500", @ANYRES32=r2], 0x44}}, 0x0)

242.461547ms ago: executing program 2 (id=2720):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000002080)={0x2, 0x0, {&(0x7f0000001f80)=""/152, 0x98, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000001f00)={0x2, 0x0, {&(0x7f00000004c0)=""/110, 0x6e, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000540)=""/224, 0xe0, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000040)={0x2, 0x0, {0x0, 0x0, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000200)={0x2, 0x0, {&(0x7f0000000780)=""/212, 0xd4, 0x0, 0x1, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f00000002c0)=""/119, 0xfca2, 0x0, 0x0, 0x3}}, 0x48)

142.767779ms ago: executing program 4 (id=2721):
creat(&(0x7f0000000040)='./bus\x00', 0x100)
io_setup(0xfff, &(0x7f0000000200))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000000), 0x1, 0x457, &(0x7f0000000700)="$eJzs3MtvG0UYAPBvbSdt+iChKo8+gECLqHgkTVpKD1xAgDiAhASHcgxOWpW6DWqCRKsKCkLliCpxRxyR+As4wQUBJySucEeVKtRLCyejtXdrx7GTtHHsEv9+0rYzsxPNfJ4de3YnTgADazz9J4nYERF/RMRoPbu0wnj9v1s3LpX/uXGpnES1+vbfSa3ezRuXynnV/Oe255lSROHzJPa1aXfhwsUzM5XK3PksP7l49oPJhQsXnzt9dubU3Km5c9PHjx89MvXCsennsxpb1xVnGtfNvR/P79/z+rtX3yyfuPreL98lefwtcXTJ+Eonn6xWu9xcf+1sSielPnaEO1KsT9MYqs3/0ShGY/BG49XP+to5YENVq9Xqg51PX64Cm1gSbQpLBxtvD8AmlX/Qp/e/+dGLdce94vpL9RugNO5b2VE/U4pCVmeo5f62m8Yj4sTlf79Oj1j9OcSWDeoGADBAfkjXP8+2W/8Vovm50H3ZHspYRNwfEbsi4lhE7I6IByJqdR+KiIfvsP3WTZLl65/CtbsKbI3S9d+L2d7W0vVfvvqLsWKW21mLfyg5eboydzh7TQ7F0JY0P7VCGz++8vuXnc41r//SI20/Xwtm/bhWaln1zc4szqwn5mbXP43YW2oXf3J7JyCJiD0Rsfcu2zj99Lf7O51bPf4VdGGfqfpNxFP18b8cLfHnkpX3Jye3RmXu8GR+VSz3629X3urU/rri74J0/Le1vf5vxz+WNO/XLqRFw3fUxpU/vyg3ptNSd3v9DyfvLCn7aGZx8fxUxHDyRr3TzeXTLfWmG/XT+A8daD//d0XjldgXEelF/EhEPBoRj2V9fzwinoiIAyvE//PLB9/vdO52/CNZQR/Gf7bd+L/WafwbieFoLWmfKJ756fsljY41kmsb/6O11KGsZC3vf2vpV341AwAAwGZXiIgdxaQwkaejUJiYqP8O/+7YVqjMLyw+c3L+w3Oz9e8IjMVQIX/SNdr0PHQqu63P89Mt+SPZc+OviiO1/ER5vjLb7+BhwG2vzfnl8z/1V7HfvQM23Or7aLt60g+g93xfEwaX+Q+Dy/yHwdVm/o/0ox9A77X7/P+kD/0Aeq9l/tv2gwHi/h8Gl/kPg8v8h4G0MBKrf0leQmJZIgr3RDf+z4lqsvY/VNHzRL/fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrjvwAAAP//n1HZTw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)

142.100149ms ago: executing program 5 (id=2722):
pipe2(&(0x7f0000000840), 0x0)
socket$netlink(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x1e, 0x1, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, 0x0)

93.078039ms ago: executing program 3 (id=2723):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x200088d1, &(0x7f0000000540)={0xa, 0x4e24, 0x7, @mcast2}, 0x1c)
syz_mount_image$squashfs(&(0x7f00000007c0), &(0x7f0000000240)='./file1\x00', 0x200005, &(0x7f00000012c0)=ANY=[], 0x1, 0x19c, &(0x7f0000000500)="$eJzskE1rE0EYx3/PzKTZCFVXxUMFG7C4plTzUvUgCMFTC1nwKhh0SWNTTNR0c7BFsbdeWvsZvHlUD55EFDyLB8GDRoTepDkUD54ksrujX6LzY3f+83+YmeelE/fjPPBn/1GLOimaw3xCMMC0ZDGlMn1t/U+rO5lwzXov/eC59VPx2vrdqNttrxavFPHTQMEGgF9F/B/8PxO/5KRiJNSRL/u6FcntkHGdnloK8RvMbqOb9EtPmTKTnLiFZhxssajoS9CAI+VB70E5Xls/v9KLltvL7Xu12vzlysVK5VKtfGel264cNVldT/KZhhRKj8k1k3YPMSdIqaOGWmZHTDTZ+ajPnZkboUp7jBHeBSPy30ynqOAs3s2koQWOC8/QITMNCgpDmmgBue69kqr5bH7nFN6G1hda97tLmzeyUcqeJ9VdckGVaHH76nwyGo7xns0hM8O0tqHZ/c60vEmybNl5mo1kfWHdKU5DnofRYLBanYAPEoTUkt+HyfQ5ldblw1t7xwpf/20cDofD4XA4HA6Hw3EA+BsAAP//jRhcwA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0xf, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_procfs$userns(0x0, &(0x7f00000000c0))
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x804, &(0x7f00000002c0)={[{@uni_xlate}, {@shortname_winnt}, {@rodir}, {@utf8no}, {@utf8}, {@shortname_winnt}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {}, {@iocharset={'iocharset', 0x3d, 'cp862'}}, {@iocharset={'iocharset', 0x3d, 'cp855'}}, {@shortname_mixed}]}, 0x1, 0x27e, &(0x7f00000028c0)="$eJzs3cFqY1UYB/AvbWqSgiYLoVgEr7hxFdqK+xSpIAYUJQtdWWyK0tRCA4W6aLsrvoO+gi7dCi7ErS8gglTBjXXVhUyGzG3aJJNkmpm5zdD5/Tb9OPf7c84Jh1y66Olnr+7ubO21t8/Pz6JYzEW+FrW4yEUl5mI+UicBANwlF51O/NtJ9Q0vD7WVbnlZAECGxrz/AYA7bNL7P3dyNfbh7a8MAMjKE/3+P5fJkgCAjH38yafvr9frGx8lSTFi9/SgcdBIf6bP17fjy2hFM1aiHP9HdK6k9bvv1TdWkq6/KlHcPZ5L88cHjfnB/GqUozI6v5qkotHN9fILsXiZ/30xmrEW5Xh5dH5tZP6FePONvvmrUY7fPo+9aMVWdLNpPh8RR6tJ8s4H9aF84UEfAAAAAAAAAAAAAAAAAAAAAABkoZpcqQzef5Pe31Otjnue5vvvByoN3Q9U7L8fqHM8dL9OPpbzs907AAAAAAAAAAAAAAAAAAAAPCvah1/vbLZazf1JxVe/fv/zWSENPLJ5cpG7nHe61OnEntLNdjFUvPj6n9+OelSIwrSfz+MVCxHRP5JcTvnTa093rv17GSz+l7MvXnmrvfT2uJ7I90ZeivbhN92tDvSMOUj5rD7wf8oRY3uKUx/I/uKHXlH776Ge3lFq7peyO0g3K5a+q23+ePTH3zdNTfjS6Mxn8VUEAAAAAAAAAAAAAAAAAADPves/+p31SgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgdq7///+0RSEGRopjm09mvUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgfAAD///9dlCQ=")
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

16.84532ms ago: executing program 2 (id=2724):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x5)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
r2 = syz_mount_image$minix(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x21043, &(0x7f0000000540)=ANY=[], 0xd, 0x1a8, &(0x7f0000000200)="$eJzs281O6kAUwPHTj0uB+8W9qAtjIokL3WgBlcSdPopKNUY0RtxAWKAv4NK1b+IDycK4cSWmpa2xUIgItKb/34IOc2Y6Z4BJTkgqABJrVwqiiCKq/WYpnbvNK1GnBGBGuu71tQsgebSX3rUQdSIAZqyzJ07t//jUOhQt5dcFXsuOt724avTVD51rkUXdjStpyQTri3uRVW++kg1Of7Z7sn78ZyCccu6/tuKt/0t+yx/5Kzn5J/8l765f9ecvfLb86d8QAAAJoMjGqHjIgB/Oa0aOTmpW0RkZcLDljLLjpdD7p5x4eWhcWw7Pz5AHt5KpDt0HgH7qmOdfda+af/4H00ecfwDRqTeap/u1mnUZg0b6Yz5dQ2SKixpx2HK8G20JH2NIsEefyKKZ0NCNDArZP5pJ7r3lHozpfrztYI9dTUf5deu91TU3Df4XAxLAvDq7MOuN5rp94q1j67xcLO5UtjdLlbLpVPbm8PoewPf1XgZEnQkAAAAAAAAAAAAAABjXnMyPNe9u4pkAAAAAmLaRDwaJ3hv4hQeMot4jAACx8xYAAP//BPMREQ==")
openat$zero(0xffffffffffffff9c, 0x0, 0x404400, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file7\x00', 0x21c0, 0x103)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48)
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x8304a4, &(0x7f0000000180)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r2, @ANYRESDEC=r2, @ANYRES32=r2, @ANYRESOCT=r2, @ANYRESDEC, @ANYRESDEC=0x0], 0x1, 0x675, &(0x7f0000001280)="$eJzs3U9sHFcdB/DvrDd2NpTUTZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJiXukcuECtx7xsRKCSy+YC4tmdtbe2ruOHWyvUz6faPzemzfz3u/9dnZnd63IAf5vXT2f5oMUuXr+5eWyvboy015dmbndqyeZSNJImlVRpPhXp9P5ILmS7pbnkhT1cMWwee4vzL764cerH3VbzXqrjm9sd97O3Ku3nE0yVpeb3H7U8a4NHm/D0YcNV6yvsEzYuV7iYNSOJOlU/nG/u+cHf35ivadPa9DZD73ygcdA0b1vbjGZHKuf6OX7gO5dsXvPfqzdG3UAAAAAcACeXMtalnN81HEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46T4SmusLOqt0aufTdH7+//j9b7U9cOiWI9qFx7sRyQAAAAAAAAAcMDOrGUtyznea3eK6nf+L1SNk9XPz+St3M18FnMhy5nLUpaymOkkk30DjS/PLS0tTvefOTH4zEsDz7z0kEAn6rK1RwsHAAAAAAAAgE+Xn+bqxu//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMCiSsW5RbSd79ck0mkkmesfdS/6aZHy00f7vHow6AAAAADgAT65lLcs53mt3iuoz/zPV5/6jeSt3spSFLKWd+VyvvgvofupvrK7MtFdXZm6X29Zxv/nPXYVRjZjudw+DZz5dHdHKjSxUey7kWt5IO9fTqM4sne7FMziun5QxFd+o7TCy63VZrvy9utzi3V0tdphdfpkyWWXkyHpGpurYymw8tX0mdvnobJ5pOo31YE9ummnTIs48Ss6P1WW5nl8Oy/lIbM7Epb6r75ntc5584Y+//97N9p1bN2/cPX94lrQzY3XZqX62tmZipi8Tz3Yz8P3XPo2Z2GKqysSp9fbVfCev5XzO5pUsZiE/zFyWMp+z+XZVm6uv56Lv+9Qh18yVT7ReeVgk4/UV2n2wdhfTC9W5x7OQ7+aNXM98Xqz+Xcp0vprLuZzZvkf41A5eaRtDnvWdzw4M/twX60orya/q8nAo8/pUX177X3Mnq77+PRtZOrH396Pm5+pKOcfP6vJw2JyJ6b5MPL19Jn5bvazcbd+5tXhz7s2dTXfivbpSPo9+cajuEuX1cqJ8sKrWJ6+Osu/pgX3TVd/J9b7Glr5Tvb6//ebXL1XHDHumjtfv4Zpfn91yxyr7nh04y0zVd7qvb9D7LQAOvWNfOjbe+nvrL633Wz9v3Wy9fPRbE1+beH48R/505KXm1NjnG88Xf8j7+fHG538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODR3X37nVtz7fb84qZKM513h3TtS+U/Q7qKJHs4V+/PmQ095sieL/C5J5KDyeHWyniSA590YOXfnU6n3lMchni2r3RKE+ns+1zNJIO6zow+CSN+YQL23cWl229evPv2O19euD33+vzr83dmL1+enZq9/OLMxRsL7fmp7s9RRwnsh42b/qgjAQAAAAAAAAAAAHbqIP47wfDZjx7kUgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH1NXzaT5IkempC1Nle3Vlpl1uvfrGkc0kjSTFj5Lig+RKulsm+4Yrhs1zf2H21Q8/Xv1oY6xm7/jGduftzL16y9kkY3W5V+Nd28l4v9uus1hfYZmwc73Ewaj9NwAA//8CiAVm")
r4 = socket$qrtr(0x2a, 0x2, 0x0)
sendmsg$sock(r4, &(0x7f0000001540)={&(0x7f00000004c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x3, 0x1, 0x4, 0x3, {0xa, 0x4e21, 0x1c0, @mcast2, 0x1000}}}, 0x4, 0x0}, 0x0)

0s ago: executing program 5 (id=2725):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r4, &(0x7f0000000380)={{0x6, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x8}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x48)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
connect$netrom(r5, &(0x7f0000000300)={{0x6, @rose, 0xfffffffc}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
listen(r4, 0x1ad72f7)
ioctl$PPPIOCGFLAGS1(r1, 0x80207450, &(0x7f0000000280))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'dummy0\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c58b, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c8, &(0x7f0000000100))
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/custom0\x00')

kernel console output (not intermixed with test programs):

hcd: release socket
[  236.844010][   T46] vhci_hcd: disconnect device
[  236.849054][   T46] vhci_hcd: stop threads
[  236.863290][   T46] vhci_hcd: release socket
[  236.867880][   T46] vhci_hcd: disconnect device
[  236.883459][   T46] vhci_hcd: stop threads
[  236.887764][   T46] vhci_hcd: release socket
[  236.892263][   T46] vhci_hcd: disconnect device
[  237.032855][ T7383] loop0: detected capacity change from 0 to 1024
[  237.087002][ T7383] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  237.121280][ T7383] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1089'.
[  237.188867][ T7393] device bridge0 entered promiscuous mode
[  237.203561][ T7393] device macvlan2 entered promiscuous mode
[  237.219430][ T7393] bridge0: port 1(macvlan2) entered blocking state
[  237.233341][ T7393] bridge0: port 1(macvlan2) entered disabled state
[  237.242990][ T7393] device bridge0 left promiscuous mode
[  237.281985][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  237.512106][ T7399] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1093'.
[  237.578002][ T7399] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1093'.
[  237.790405][ T7408] netlink: 'syz.3.1098': attribute type 10 has an invalid length.
[  237.812500][ T7408] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1098'.
[  238.043727][ T7420] loop3: detected capacity change from 0 to 1024
[  238.053730][ T7424] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1105'.
[  238.137131][ T7420] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  238.181866][ T7420] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1103'.
[  238.354181][ T7420] siw: device registration error -23
[  238.470868][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  238.511333][ T7436] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  238.713188][   T27] kauditd_printk_skb: 40 callbacks suppressed
[  238.713207][   T27] audit: type=1326 audit(1743305180.415:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.5.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  238.769966][ T7449] loop0: detected capacity change from 0 to 512
[  238.802638][ T7450] netlink: 'syz.3.1114': attribute type 10 has an invalid length.
[  238.815382][   T27] audit: type=1326 audit(1743305180.525:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7438 comm="syz.5.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7cb7d29359 code=0x7ffc0000
[  238.838053][ T7450] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1114'.
[  238.866119][ T7449] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  238.884391][ T7449] ext4 filesystem being mounted at /244/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.961650][ T7449] EXT4-fs (loop0): re-mounted. Quota mode: writeback.
[  239.011284][   T27] audit: type=1326 audit(1743305180.525:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7438 comm="syz.5.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  239.129817][   T27] audit: type=1326 audit(1743305180.525:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7438 comm="syz.5.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  239.179848][   T27] audit: type=1326 audit(1743305180.835:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.4.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  239.203317][   T27] audit: type=1326 audit(1743305180.835:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.4.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  239.225783][   T27] audit: type=1326 audit(1743305180.865:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.4.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  239.262843][   T27] audit: type=1326 audit(1743305180.865:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.4.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  239.319176][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  239.454549][   T27] audit: type=1326 audit(1743305180.865:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.4.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  239.802950][ T7479] loop4: detected capacity change from 0 to 512
[  239.850068][ T7479] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  239.883496][ T7482] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1128'.
[  239.922420][ T7479] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #17: comm syz.4.1127: inline data xattr refers to an external xattr inode
[  239.938868][ T7479] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1127: couldn't read orphan inode 17 (err -117)
[  239.958887][ T7479] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  240.052778][   T27] audit: type=1800 audit(1743305181.755:800): pid=7479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1127" name="file2" dev="loop4" ino=16 res=0 errno=0
[  240.285708][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  240.313512][ T7491] syz.2.1132 (7491) used greatest stack depth: 18768 bytes left
[  240.996696][ T7532] loop3: detected capacity change from 0 to 1024
[  241.068391][ T7532] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  241.156398][ T7532] siw: device registration error -23
[  241.285414][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  241.400423][ T7549] futex_wake_op: syz.0.1156 tries to shift op by -1; fix this program
[  241.437264][ T7549] loop0: detected capacity change from 0 to 512
[  241.450905][ T7551] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.549921][ T7549] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  241.580801][ T7549] ext4 filesystem being mounted at /252/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.663926][ T7556] team0: Port device team_slave_1 removed
[  241.687556][ T7549] hub 2-0:1.0: USB hub found
[  241.700375][ T7549] hub 2-0:1.0: 1 port detected
[  241.708924][ T7551] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.737131][ T7549] netlink: 'syz.0.1156': attribute type 15 has an invalid length.
[  241.779561][ T7551] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.810099][ T4298] vhci_hcd: vhci_device speed not set
[  241.840054][ T7551] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.840400][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  241.955415][ T7551] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  241.989303][ T7573] device bridge0 entered promiscuous mode
[  242.019907][ T7573] device macvlan2 entered promiscuous mode
[  242.038133][ T7573] bridge0: port 3(macvlan2) entered blocking state
[  242.055550][ T7573] bridge0: port 3(macvlan2) entered disabled state
[  242.072768][ T7573] device bridge0 left promiscuous mode
[  242.130163][ T7551] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  242.156843][ T7551] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  242.190787][ T7551] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  242.396968][ T7587] bond0 speed is unknown, defaulting to 1000
[  242.408702][ T7587] lo speed is unknown, defaulting to 1000
[  242.443444][   T48] Bluetooth: hci0: command 0x0406 tx timeout
[  242.974749][ T7607] loop3: detected capacity change from 0 to 2048
[  243.174877][ T7619] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1185'.
[  243.203451][ T7619] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1185'.
[  243.926932][ T7649] loop4: detected capacity change from 0 to 1024
[  244.017737][ T7653] netlink: 'syz.3.1199': attribute type 13 has an invalid length.
[  244.032405][ T7649] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  244.077234][ T7653] infiniband s
z1: set down
[  244.154828][ T7649] siw: device registration error -23
[  244.446142][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  244.911435][ T7663] loop0: detected capacity change from 0 to 8192
[  245.188958][ T7653] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.196578][ T7653] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.694779][ T7653] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  245.750198][ T7653] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  246.338459][ T7653] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.347268][ T7653] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.356689][ T7653] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.366658][ T7653] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.523732][  T129] lo speed is unknown, defaulting to 1000
[  246.553336][  T129] lo speed is unknown, defaulting to 1000
[  246.901276][ T7710] futex_wake_op: syz.2.1223 tries to shift op by -1; fix this program
[  246.946049][ T7710] netlink: 'syz.2.1223': attribute type 15 has an invalid length.
[  247.160964][ T7719] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1227'.
[  247.241331][ T7725] netlink: 'syz.5.1230': attribute type 1 has an invalid length.
[  247.273318][ T7725] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1230'.
[  247.312583][ T7719] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1227'.
[  247.415229][ T7729] device pim6reg1 entered promiscuous mode
[  247.670477][   T27] kauditd_printk_skb: 43 callbacks suppressed
[  247.670494][   T27] audit: type=1326 audit(1743305189.375:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  247.735539][   T27] audit: type=1326 audit(1743305189.415:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  247.742939][ T7745] futex_wake_op: syz.0.1240 tries to shift op by -1; fix this program
[  247.832821][ T7745] loop0: detected capacity change from 0 to 512
[  247.833457][   T27] audit: type=1326 audit(1743305189.415:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  247.929861][ T7745] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  247.952734][ T7745] ext4 filesystem being mounted at /260/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.956868][   T27] audit: type=1326 audit(1743305189.415:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  248.010265][ T7745] hub 2-0:1.0: USB hub found
[  248.015383][ T7745] hub 2-0:1.0: 1 port detected
[  248.022240][ T7745] netlink: 'syz.0.1240': attribute type 15 has an invalid length.
[  248.068444][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  248.116896][   T27] audit: type=1326 audit(1743305189.415:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  248.153626][   T27] audit: type=1326 audit(1743305189.415:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  248.283830][   T27] audit: type=1326 audit(1743305189.415:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  248.342264][   T27] audit: type=1326 audit(1743305189.415:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  248.387211][   T27] audit: type=1326 audit(1743305189.425:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  248.411315][   T27] audit: type=1326 audit(1743305189.425:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.2.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2e18d169 code=0x7ffc0000
[  248.518915][ T7773] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  248.525503][ T7773] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  248.533839][ T7777] tmpfs: Bad value for 'mpol'
[  248.558709][ T7773] vhci_hcd vhci_hcd.0: Device attached
[  248.585834][ T7774] vhci_hcd: connection closed
[  248.586081][   T46] vhci_hcd: stop threads
[  248.621287][   T46] vhci_hcd: release socket
[  248.631423][   T46] vhci_hcd: disconnect device
[  248.735165][ T7788] futex_wake_op: syz.4.1255 tries to shift op by -1; fix this program
[  248.770461][ T7788] loop4: detected capacity change from 0 to 512
[  248.836413][ T7788] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  248.875030][ T7788] ext4 filesystem being mounted at /247/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.949303][ T7788] hub 2-0:1.0: USB hub found
[  248.973366][ T7788] hub 2-0:1.0: 1 port detected
[  248.986388][ T7788] netlink: 'syz.4.1255': attribute type 15 has an invalid length.
[  249.077317][ T7802] netlink: 'syz.5.1261': attribute type 10 has an invalid length.
[  249.096500][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  249.104478][ T7802] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1261'.
[  249.229266][ T7802] team0: Port device geneve0 added
[  249.383862][ T7816] loop5: detected capacity change from 0 to 256
[  249.597949][ T7822] loop3: detected capacity change from 0 to 512
[  249.620834][ T7823] loop0: detected capacity change from 0 to 512
[  249.651499][ T7822] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  249.851479][ T7822] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  249.895705][ T7822] ext4 filesystem being mounted at /251/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  249.916734][ T7834] futex_wake_op: syz.5.1273 tries to shift op by -1; fix this program
[  249.932583][ T7834] loop5: detected capacity change from 0 to 512
[  250.000459][ T7835] x_tables: ip_tables: tcp match: only valid for protocol 6
[  250.554580][ T7834] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  250.591220][ T7834] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.632993][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  250.684028][ T7834] hub 2-0:1.0: USB hub found
[  250.711741][ T7834] hub 2-0:1.0: 1 port detected
[  250.741837][ T7834] netlink: 'syz.5.1273': attribute type 15 has an invalid length.
[  250.904246][ T7848] netlink: 'syz.0.1277': attribute type 10 has an invalid length.
[  250.933962][ T7848] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1277'.
[  250.961189][ T7850] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1275'.
[  250.991521][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  250.993401][ T7850] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1275'.
[  251.035147][ T7855] loop3: detected capacity change from 0 to 512
[  251.112103][ T7855] EXT4-fs (loop3): orphan cleanup on readonly fs
[  251.142322][ T7855] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1275: bg 0: block 248: padding at end of block bitmap is not set
[  251.284081][ T7855] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.1275: Failed to acquire dquot type 1
[  251.319005][ T7855] EXT4-fs (loop3): 1 truncate cleaned up
[  251.331550][ T7855] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  251.434470][ T7866] loop5: detected capacity change from 0 to 512
[  251.462952][ T7866] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  251.480993][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  251.539371][ T7866] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  251.567401][ T7870] siw: device registration error -23
[  251.573577][ T7866] ext4 filesystem being mounted at /185/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  251.758453][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  252.099806][ T7888] netlink: 'syz.2.1295': attribute type 10 has an invalid length.
[  252.192780][ T7888] team0: Port device dummy0 added
[  252.331928][ T7888] netlink: 'syz.2.1295': attribute type 4 has an invalid length.
[  252.417570][ T7900] bond0 speed is unknown, defaulting to 1000
[  252.429051][ T7902] loop5: detected capacity change from 0 to 1024
[  252.442384][ T7900] lo speed is unknown, defaulting to 1000
[  252.576565][ T7902] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  252.831121][ T7902] siw: device registration error -23
[  252.938718][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  253.535355][   T27] kauditd_printk_skb: 33 callbacks suppressed
[  253.535372][   T27] audit: type=1326 audit(1743305195.245:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7933 comm="syz.0.1313" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f189f58d169 code=0x0
[  253.652885][ T7930] ªªªªªª: renamed from vlan0
[  253.675455][ T7934] bond0 speed is unknown, defaulting to 1000
[  253.682575][ T7934] lo speed is unknown, defaulting to 1000
[  253.743627][ T7946] loop4: detected capacity change from 0 to 512
[  253.780777][ T7948] netlink: 'syz.3.1318': attribute type 10 has an invalid length.
[  253.806609][ T7948] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1318'.
[  254.413793][ T7952] x_tables: ip_tables: tcp match: only valid for protocol 6
[  255.010743][   T27] audit: type=1326 audit(1743305196.715:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  255.137667][   T27] audit: type=1326 audit(1743305196.775:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  255.220993][   T27] audit: type=1326 audit(1743305196.775:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  255.312031][   T27] audit: type=1326 audit(1743305196.775:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  255.352725][   T27] audit: type=1326 audit(1743305196.795:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  255.381945][   T27] audit: type=1326 audit(1743305196.795:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  255.457662][   T27] audit: type=1326 audit(1743305196.795:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  255.518986][   T27] audit: type=1326 audit(1743305196.795:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  255.611602][   T27] audit: type=1326 audit(1743305196.795:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  255.781373][ T7987] loop0: detected capacity change from 0 to 512
[  256.266341][ T7998] x_tables: ip_tables: tcp match: only valid for protocol 6
[  257.885225][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805544d400: rx timeout, send abort
[  258.030444][ T8035] x_tables: ip_tables: tcp match: only valid for protocol 6
[  258.824027][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805544e800: rx timeout, send abort
[  258.832270][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805544d400: abort rx timeout. Force session deactivation
[  259.332283][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805544e800: abort rx timeout. Force session deactivation
[  259.903170][ T8069] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1359'.
[  260.639910][ T8072] loop4: detected capacity change from 0 to 512
[  261.012765][ T8078] x_tables: ip_tables: tcp match: only valid for protocol 6
[  263.403739][ T8102] ªªªªªª: renamed from vlan0
[  263.470755][ T8106] loop5: detected capacity change from 0 to 512
[  263.619880][ T8108] bond0 speed is unknown, defaulting to 1000
[  263.669052][ T8108] lo speed is unknown, defaulting to 1000
[  264.135551][ T8111] x_tables: ip_tables: tcp match: only valid for protocol 6
[  264.760313][ T8121] device pim6reg1 entered promiscuous mode
[  264.938350][ T8125] bond0 speed is unknown, defaulting to 1000
[  264.955972][ T8125] lo speed is unknown, defaulting to 1000
[  265.774031][ T8143] device pim6reg1 entered promiscuous mode
[  266.085314][ T8147] loop5: detected capacity change from 0 to 512
[  267.514394][ T8172] futex_wake_op: syz.3.1398 tries to shift op by -1; fix this program
[  267.579633][ T8172] loop3: detected capacity change from 0 to 512
[  267.798422][ T8172] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  267.833777][ T8172] ext4 filesystem being mounted at /273/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.868173][   T27] kauditd_printk_skb: 18 callbacks suppressed
[  267.868191][   T27] audit: type=1800 audit(1743305209.575:913): pid=8172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1398" name="file1" dev="loop3" ino=15 res=0 errno=0
[  267.958707][   T27] audit: type=1800 audit(1743305209.665:914): pid=8172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1398" name="file2" dev="loop3" ino=16 res=0 errno=0
[  268.248628][ T8172] hub 2-0:1.0: USB hub found
[  268.352546][ T8172] hub 2-0:1.0: 1 port detected
[  268.663521][ T8188] netlink: 'syz.3.1398': attribute type 15 has an invalid length.
[  269.027255][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  269.761823][ T8228] futex_wake_op: syz.3.1417 tries to shift op by -1; fix this program
[  269.778646][ T8228] loop3: detected capacity change from 0 to 512
[  269.880093][ T8228] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  269.927649][ T8228] ext4 filesystem being mounted at /275/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.074680][ T8236] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  271.563316][   T27] audit: type=1800 audit(1743305213.245:915): pid=8228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1417" name="file1" dev="loop3" ino=15 res=0 errno=0
[  271.590974][ T8228] hub 2-0:1.0: USB hub found
[  271.617808][ T8228] hub 2-0:1.0: 1 port detected
[  271.641580][ T8237] netlink: 'syz.3.1417': attribute type 15 has an invalid length.
[  271.669048][   T27] audit: type=1800 audit(1743305213.325:916): pid=8241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1417" name=80 dev="loop3" ino=18 res=0 errno=0
[  271.936614][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  272.095634][   T48] Bluetooth: hci4: unexpected event for opcode 0x080f
[  272.110216][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055b60400: rx timeout, send abort
[  272.610291][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055527c00: rx timeout, send abort
[  272.618808][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055b60400: abort rx timeout. Force session deactivation
[  273.135827][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055527c00: abort rx timeout. Force session deactivation
[  275.332815][ T8272] loop3: detected capacity change from 0 to 2048
[  275.587232][ T8276] loop0: detected capacity change from 0 to 64
[  275.900791][   T27] audit: type=1326 audit(1743305217.605:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  275.970074][   T27] audit: type=1326 audit(1743305217.605:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  276.023219][   T27] audit: type=1326 audit(1743305217.635:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  276.080860][   T27] audit: type=1326 audit(1743305217.635:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  276.125030][   T48] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  276.133879][   T48] Bluetooth: hci4: Injecting HCI hardware error event
[  276.138866][   T27] audit: type=1326 audit(1743305217.635:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  276.142869][   T48] Bluetooth: hci4: hardware error 0x00
[  276.163065][    C1] vcan0: j1939_tp_rxtimer: 0xffff888029a59800: rx timeout, send abort
[  276.223240][   T27] audit: type=1326 audit(1743305217.635:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  276.291408][   T27] audit: type=1326 audit(1743305217.635:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  276.314050][   T27] audit: type=1326 audit(1743305217.635:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb7d8d169 code=0x7ffc0000
[  276.337058][   T27] audit: type=1326 audit(1743305217.635:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7cb7d29359 code=0x7ffc0000
[  276.359603][   T27] audit: type=1326 audit(1743305217.635:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.5.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7cb7d29359 code=0x7ffc0000
[  276.518721][ T8284] loop4: detected capacity change from 0 to 32768
[  276.651308][    C1] vcan0: j1939_tp_rxtimer: 0xffff888029a5a400: rx timeout, send abort
[  276.668451][    C1] vcan0: j1939_tp_rxtimer: 0xffff888029a59800: abort rx timeout. Force session deactivation
[  276.751282][ T8284] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.1435 (8284)
[  277.159644][    C1] vcan0: j1939_tp_rxtimer: 0xffff888029a5a400: abort rx timeout. Force session deactivation
[  279.726288][   T48] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  279.927390][ T8284] BTRFS error (device loop4): open_ctree failed: -4
[  280.360757][ T8310] loop5: detected capacity change from 0 to 4096
[  280.502439][ T8310] NILFS (loop5): invalid segment: Inconsistency found
[  280.554579][ T8310] NILFS (loop5): trying rollback from an earlier position
[  282.097942][ T8310] NILFS (loop5): recovery complete
[  282.164613][ T8331] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  284.994519][ T8346] loop0: detected capacity change from 0 to 1024
[  289.779054][ T8406] loop5: detected capacity change from 0 to 2048
[  289.901024][ T8403] block device autoloading is deprecated and will be removed.
[  290.873322][ T8406] hpfs: filesystem error: improperly stopped; already mounted read-only
[  291.013280][ T8406] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  291.039640][ T8406] hpfs: filesystem error: sector(s) 'dir_band_bitmap' badly placed at 00000000
[  293.239763][ T8429] loop3: detected capacity change from 0 to 2048
[  293.270250][ T8429] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  293.358116][ T8436] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  293.579392][ T8441] loop4: detected capacity change from 0 to 512
[  293.588328][ T8421] loop0: detected capacity change from 0 to 32768
[  293.609401][ T8421] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1482 (8421)
[  293.652334][ T8444] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1490'.
[  293.665455][ T8421] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  294.536114][ T8421] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  294.550883][ T8421] BTRFS info (device loop0): force clearing of disk cache
[  294.558359][ T8421] BTRFS info (device loop0): force zlib compression, level 3
[  294.571819][ T8421] BTRFS info (device loop0): enabling auto defrag
[  294.578615][ T8421] BTRFS info (device loop0): max_inline at 0
[  294.591732][ T8421] BTRFS info (device loop0): enabling disk space caching
[  294.599112][ T8421] BTRFS info (device loop0): disk space caching is enabled
[  295.008205][ T8468] x_tables: ip_tables: tcp match: only valid for protocol 6
[  295.704078][ T8474] capability: warning: `syz.5.1495' uses deprecated v2 capabilities in a way that may be insecure
[  295.847863][ T8476] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  296.591817][ T8481] loop4: detected capacity change from 0 to 1024
[  296.610863][ T8481] EXT4-fs: Ignoring removed oldalloc option
[  296.617215][ T8481] EXT4-fs: Ignoring removed orlov option
[  296.674041][ T8481] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  296.828516][ T8421] BTRFS error (device loop0): open_ctree failed: -12
[  296.845836][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  298.747536][ T8518] netlink: 'syz.2.1508': attribute type 10 has an invalid length.
[  298.896121][ T8518] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1508'.
[  300.484185][ T8560] netlink: 'syz.4.1524': attribute type 10 has an invalid length.
[  300.498497][ T8562] futex_wake_op: syz.3.1525 tries to shift op by -1; fix this program
[  300.501044][ T8560] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1524'.
[  300.556230][ T8562] loop3: detected capacity change from 0 to 512
[  300.631634][ T8562] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  300.642827][ T8562] ext4 filesystem being mounted at /304/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  300.659129][   T27] kauditd_printk_skb: 90 callbacks suppressed
[  300.659145][   T27] audit: type=1800 audit(1743305242.365:1017): pid=8562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1525" name="file1" dev="loop3" ino=15 res=0 errno=0
[  300.696443][   T27] audit: type=1800 audit(1743305242.395:1018): pid=8562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1525" name="file2" dev="loop3" ino=16 res=0 errno=0
[  300.953797][ T8562] hub 2-0:1.0: USB hub found
[  301.127377][ T8562] hub 2-0:1.0: 1 port detected
[  301.339864][ T8569] netlink: 'syz.3.1525': attribute type 15 has an invalid length.
[  301.534447][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  301.675316][ T8558] loop0: detected capacity change from 0 to 32768
[  301.691492][ T8558] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1523 (8558)
[  301.927146][ T8558] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  301.945755][ T8558] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  301.963960][ T8558] BTRFS info (device loop0): force clearing of disk cache
[  301.971707][ T8558] BTRFS info (device loop0): force zlib compression, level 3
[  302.064264][ T8586] loop5: detected capacity change from 0 to 47
[  302.163366][ T8558] BTRFS info (device loop0): enabling auto defrag
[  302.257549][ T8586] loop5: detected capacity change from 0 to 1024
[  302.291040][ T8558] BTRFS info (device loop0): max_inline at 0
[  302.394986][ T8558] BTRFS info (device loop0): enabling disk space caching
[  302.492387][ T8558] BTRFS info (device loop0): disk space caching is enabled
[  302.805745][ T8597] netlink: 'syz.5.1536': attribute type 10 has an invalid length.
[  302.814048][ T8597] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1536'.
[  303.065787][ T8610] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  303.847315][ T8619] loop5: detected capacity change from 0 to 128
[  303.856481][ T8619] FAT-fs (loop5): bogus number of reserved sectors
[  303.883663][ T8619] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  303.902265][ T8558] BTRFS error (device loop0): open_ctree failed: -12
[  303.920216][ T8619] FAT-fs (loop5): Can't find a valid FAT filesystem
[  304.639349][ T8619] loop5: detected capacity change from 0 to 32768
[  306.063808][ T8619] JBD2: Ignoring recovery information on journal
[  306.314166][ T8619] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  307.510884][ T8663] loop3: detected capacity change from 0 to 8
[  307.525691][   T48] Bluetooth: hci3: unexpected event for opcode 0x080b
[  307.568333][ T8663] SQUASHFS error: lzo decompression failed, data probably corrupt
[  307.588601][ T4903] ocfs2: Unmounting device (7,5) on (node local)
[  307.644038][ T8663] SQUASHFS error: Failed to read block 0x91: -5
[  307.654323][ T8663] SQUASHFS error: Unable to read metadata cache entry [8f]
[  307.671924][ T8663] SQUASHFS error: Unable to read inode 0x11f
[  308.128473][ T8676] loop3: detected capacity change from 0 to 256
[  310.414870][ T8681] loop5: detected capacity change from 0 to 32768
[  310.502262][ T8681] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  310.597317][ T8689] loop4: detected capacity change from 0 to 32768
[  310.633002][ T8689] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present!
[  310.682086][ T8689] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  310.754804][ T8685] loop3: detected capacity change from 0 to 32768
[  310.764378][ T8685] XFS: attr2 mount option is deprecated.
[  310.823835][ T4903] (syz-executor,4903,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[  310.847049][ T8685] XFS (loop3): Mounting V5 Filesystem
[  310.871436][ T4903] ocfs2: Unmounting device (7,5) on (node local)
[  310.988634][ T8685] XFS (loop3): Ending clean mount
[  311.039253][ T8685] XFS (loop3): Quotacheck needed: Please wait.
[  311.134170][ T8685] XFS (loop3): Quotacheck: Done.
[  311.211094][ T4258] ocfs2: Unmounting device (7,4) on (node local)
[  311.320885][ T4263] XFS (loop3): Unmounting Filesystem
[  314.963184][ T8749] loop4: detected capacity change from 0 to 32768
[  314.972196][ T8749] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1580 (8749)
[  315.003431][ T8749] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  315.015385][ T8749] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  315.030673][ T8749] BTRFS info (device loop4): using free space tree
[  315.038520][ T8716] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  315.048144][ T8716] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  315.057409][ T8716] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  315.066672][ T8716] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  315.080727][ T8749] BTRFS info (device loop4): enabling ssd optimizations
[  315.150990][ T8749] syz.4.1580 (8749) used greatest stack depth: 18544 bytes left
[  315.254235][ T4258] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  315.301393][ T8731] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1575'.
[  315.533956][ T8768] device syzkaller1 entered promiscuous mode
[  316.601240][ T8800] loop4: detected capacity change from 0 to 2048
[  316.627169][ T8800] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  316.694352][ T8802] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  316.740650][ T8805] loop3: detected capacity change from 0 to 16
[  316.762189][ T8805] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  319.363612][ T8842] x_tables: ip_tables: tcp match: only valid for protocol 6
[  321.699548][ T8883] loop4: detected capacity change from 0 to 512
[  322.372065][ T8897] x_tables: ip_tables: tcp match: only valid for protocol 6
[  324.365132][ T8943] loop3: detected capacity change from 0 to 512
[  325.474156][ T8953] x_tables: ip_tables: tcp match: only valid for protocol 6
[  326.237553][   T48] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  326.247846][   T48] CPU: 0 PID: 48 Comm: kworker/u5:0 Not tainted 6.1.132-syzkaller #0
[  326.255963][   T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  326.266061][   T48] Workqueue: hci2 hci_rx_work
[  326.270807][   T48] Call Trace:
[  326.274113][   T48]  <TASK>
[  326.277107][   T48]  dump_stack_lvl+0x1e3/0x2cb
[  326.281825][   T48]  ? nf_tcp_handle_invalid+0x647/0x647
[  326.287326][   T48]  ? panic+0x764/0x764
[  326.291445][   T48]  sysfs_create_dir_ns+0x2c6/0x390
[  326.296596][   T48]  ? sysfs_warn_dup+0xa0/0xa0
[  326.301327][   T48]  kobject_add_internal+0x6df/0xd10
[  326.306570][   T48]  kobject_add+0x14e/0x210
[  326.311013][   T48]  ? device_add+0x3c2/0xfd0
[  326.315544][   T48]  ? kobject_init+0x1d0/0x1d0
[  326.320240][   T48]  ? __raw_spin_lock_init+0x41/0x100
[  326.325538][   T48]  ? get_device_parent+0x128/0x400
[  326.330671][   T48]  device_add+0x476/0xfd0
[  326.335026][   T48]  hci_conn_add_sysfs+0xe4/0x1f0
[  326.339981][   T48]  le_conn_complete_evt+0xcfe/0x1350
[  326.345296][   T48]  ? trace_contention_end+0x61/0x170
[  326.350603][   T48]  ? hci_le_big_info_adv_report_evt+0x390/0x390
[  326.356872][   T48]  ? __mutex_unlock_slowpath+0x218/0x750
[  326.362534][   T48]  ? mutex_unlock+0x10/0x10
[  326.367058][   T48]  ? skb_pull_data+0x10e/0x220
[  326.371837][   T48]  hci_le_conn_complete_evt+0x188/0x410
[  326.377415][   T48]  hci_event_packet+0xa40/0x1510
[  326.382366][   T48]  ? hci_remote_host_features_evt+0x270/0x270
[  326.388452][   T48]  ? bis_list+0x290/0x290
[  326.392794][   T48]  ? do_raw_spin_unlock+0x137/0x8a0
[  326.398007][   T48]  ? kcov_remote_start+0x4ae/0x7c0
[  326.403134][   T48]  ? lockdep_hardirqs_on+0x80/0x130
[  326.408350][   T48]  ? hci_send_to_monitor+0x99/0x4d0
[  326.413569][   T48]  hci_rx_work+0x3a6/0xd10
[  326.418010][   T48]  ? process_one_work+0x806/0x1260
[  326.423131][   T48]  process_one_work+0x917/0x1260
[  326.428094][   T48]  ? worker_detach_from_pool+0x260/0x260
[  326.433752][   T48]  ? _raw_spin_lock_irqsave+0x120/0x120
[  326.439306][   T48]  ? kthread_data+0x4e/0xc0
[  326.443834][   T48]  ? wq_worker_running+0x97/0x190
[  326.448878][   T48]  worker_thread+0xa47/0x1200
[  326.453573][   T48]  ? release_firmware_map_entry+0x18b/0x18b
[  326.459499][   T48]  kthread+0x28d/0x320
[  326.463572][   T48]  ? worker_clr_flags+0x190/0x190
[  326.468608][   T48]  ? kthread_blkcg+0xd0/0xd0
[  326.473209][   T48]  ret_from_fork+0x1f/0x30
[  326.477655][   T48]  </TASK>
[  326.481247][   T48] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  326.495367][   T48] Bluetooth: hci2: failed to register connection device
[  326.830523][ T8970] bond0 speed is unknown, defaulting to 1000
[  326.837597][ T8970] lo speed is unknown, defaulting to 1000
[  328.351126][ T8975] loop0: detected capacity change from 0 to 256
[  328.409191][ T8975] exfat: Unknown parameter 'zero_size_dir'
[  328.502072][ T8975] overlayfs: overlapping lowerdir path
[  328.523233][   T48] Bluetooth: hci2: command 0x2016 tx timeout
[  331.541501][ T8998] loop4: detected capacity change from 0 to 512
[  331.572777][ T9001] loop5: detected capacity change from 0 to 8
[  331.753457][ T9001] SQUASHFS error: lzo decompression failed, data probably corrupt
[  331.768729][ T9001] SQUASHFS error: Failed to read block 0x91: -5
[  331.806059][ T9001] SQUASHFS error: Unable to read metadata cache entry [8f]
[  331.867240][ T9005] futex_wake_op: syz.3.1661 tries to shift op by -1; fix this program
[  331.873742][ T9001] SQUASHFS error: Unable to read inode 0x11f
[  331.890472][ T9005] loop3: detected capacity change from 0 to 512
[  331.957070][ T9006] x_tables: ip_tables: tcp match: only valid for protocol 6
[  332.430176][ T9005] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  332.457180][ T9005] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  332.519688][   T27] audit: type=1800 audit(1743305274.225:1019): pid=9005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1661" name="file1" dev="loop3" ino=15 res=0 errno=0
[  332.574539][ T9005] hub 2-0:1.0: USB hub found
[  332.603355][ T9005] hub 2-0:1.0: 1 port detected
[  332.623140][   T27] audit: type=1800 audit(1743305274.265:1020): pid=9005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1661" name="file2" dev="loop3" ino=16 res=0 errno=0
[  332.883264][ T9014] netlink: 'syz.3.1661': attribute type 15 has an invalid length.
[  333.779162][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  336.494402][ T9055] futex_wake_op: syz.4.1676 tries to shift op by -1; fix this program
[  336.550948][ T9055] loop4: detected capacity change from 0 to 512
[  336.678693][ T9055] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  336.709746][ T9055] ext4 filesystem being mounted at /335/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.781286][   T27] audit: type=1800 audit(1743305278.485:1021): pid=9055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1676" name="file1" dev="loop4" ino=15 res=0 errno=0
[  336.816269][ T9055] hub 2-0:1.0: USB hub found
[  336.833673][ T9055] hub 2-0:1.0: 1 port detected
[  336.842528][   T27] audit: type=1800 audit(1743305278.515:1022): pid=9055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1676" name="file2" dev="loop4" ino=16 res=0 errno=0
[  336.871623][ T9068] netlink: 'syz.4.1676': attribute type 15 has an invalid length.
[  336.960653][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  337.050496][ T9045] loop3: detected capacity change from 0 to 40427
[  337.096086][ T9045] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x3ffff
[  337.142063][ T9045] F2FS-fs (loop3): invalid crc value
[  337.181306][ T9045] F2FS-fs (loop3): Found nat_bits in checkpoint
[  337.319407][ T9045] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  341.797765][ T9125] loop4: detected capacity change from 0 to 47
[  342.355186][ T9121] loop4: detected capacity change from 0 to 1024
[  344.742341][ T9163] loop4: detected capacity change from 0 to 8
[  345.351545][ T9163] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[  347.812678][ T9194] loop3: detected capacity change from 0 to 47
[  348.184464][ T9191] loop3: detected capacity change from 0 to 1024
[  348.200192][ T4268] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  348.210742][ T4268] CPU: 1 PID: 4268 Comm: kworker/u5:8 Not tainted 6.1.132-syzkaller #0
[  348.219027][ T4268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  348.229120][ T4268] Workqueue: hci3 hci_rx_work
[  348.233853][ T4268] Call Trace:
[  348.237155][ T4268]  <TASK>
[  348.240102][ T4268]  dump_stack_lvl+0x1e3/0x2cb
[  348.244825][ T4268]  ? nf_tcp_handle_invalid+0x647/0x647
[  348.250324][ T4268]  ? panic+0x764/0x764
[  348.254450][ T4268]  sysfs_create_dir_ns+0x2c6/0x390
[  348.259597][ T4268]  ? sysfs_warn_dup+0xa0/0xa0
[  348.264318][ T4268]  kobject_add_internal+0x6df/0xd10
[  348.269542][ T4268]  kobject_add+0x14e/0x210
[  348.273977][ T4268]  ? device_add+0x3c2/0xfd0
[  348.278492][ T4268]  ? kobject_init+0x1d0/0x1d0
[  348.283184][ T4268]  ? __raw_spin_lock_init+0x41/0x100
[  348.288478][ T4268]  ? get_device_parent+0x128/0x400
[  348.293661][ T4268]  device_add+0x476/0xfd0
[  348.298014][ T4268]  hci_conn_add_sysfs+0xe4/0x1f0
[  348.302962][ T4268]  le_conn_complete_evt+0xcfe/0x1350
[  348.308278][ T4268]  ? hci_le_big_info_adv_report_evt+0x390/0x390
[  348.314544][ T4268]  ? __mutex_unlock_slowpath+0x218/0x750
[  348.320201][ T4268]  ? mutex_unlock+0x10/0x10
[  348.324720][ T4268]  ? skb_pull_data+0x10e/0x220
[  348.329497][ T4268]  hci_le_enh_conn_complete_evt+0x181/0x410
[  348.335420][ T4268]  hci_event_packet+0xa40/0x1510
[  348.340371][ T4268]  ? hci_remote_host_features_evt+0x270/0x270
[  348.346456][ T4268]  ? bis_list+0x290/0x290
[  348.350796][ T4268]  ? do_raw_spin_unlock+0x137/0x8a0
[  348.356010][ T4268]  ? kcov_remote_start+0x4ae/0x7c0
[  348.361139][ T4268]  ? lockdep_hardirqs_on+0x80/0x130
[  348.366352][ T4268]  ? hci_send_to_monitor+0x99/0x4d0
[  348.371572][ T4268]  hci_rx_work+0x3a6/0xd10
[  348.376015][ T4268]  ? process_one_work+0x806/0x1260
[  348.381142][ T4268]  process_one_work+0x917/0x1260
[  348.386106][ T4268]  ? worker_detach_from_pool+0x260/0x260
[  348.391757][ T4268]  ? _raw_spin_lock_irqsave+0x120/0x120
[  348.397313][ T4268]  ? kthread_data+0x4e/0xc0
[  348.401841][ T4268]  ? wq_worker_running+0x97/0x190
[  348.406880][ T4268]  worker_thread+0xa47/0x1200
[  348.411646][ T4268]  ? _raw_spin_unlock+0x40/0x40
[  348.416513][ T4268]  ? release_firmware_map_entry+0x18b/0x18b
[  348.422427][ T4268]  ? _raw_spin_unlock+0x40/0x40
[  348.427300][ T4268]  kthread+0x28d/0x320
[  348.431379][ T4268]  ? worker_clr_flags+0x190/0x190
[  348.436417][ T4268]  ? kthread_blkcg+0xd0/0xd0
[  348.441048][ T4268]  ret_from_fork+0x1f/0x30
[  348.445498][ T4268]  </TASK>
[  348.758467][ T4268] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  348.771808][ T4268] Bluetooth: hci3: failed to register connection device
[  349.034312][   T48] Bluetooth: hci0: unexpected event for opcode 0x080b
[  349.319409][ T9219] loop0: detected capacity change from 0 to 256
[  349.326721][ T9219] exfat: Unknown parameter '01777777777777777777777'
[  351.046405][ T9227] loop5: detected capacity change from 0 to 1024
[  351.104862][ T9229] loop0: detected capacity change from 0 to 1024
[  351.139955][ T9227] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  351.204923][ T9227] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1731'.
[  351.334343][ T9227] siw: device registration error -23
[  351.460038][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  352.468367][   T48] Bluetooth: hci3: unexpected event for opcode 0x080b
[  354.025787][ T9280] loop5: detected capacity change from 0 to 1024
[  354.105400][ T9280] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  354.143901][ T9280] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1747'.
[  354.163995][ T9280] siw: device registration error -23
[  354.203396][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  354.423440][ T9291] openvswitch: netlink: Message has 4 unknown bytes.
[  354.644126][ T9295] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  354.669966][ T9295] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  356.644424][ T9318] loop5: detected capacity change from 0 to 8
[  356.677334][ T9318] SQUASHFS error: lzo decompression failed, data probably corrupt
[  356.685636][ T9318] SQUASHFS error: Failed to read block 0x91: -5
[  356.691960][ T9318] SQUASHFS error: Unable to read metadata cache entry [8f]
[  356.699326][ T9318] SQUASHFS error: Unable to read inode 0x11f
[  358.746838][ T9343] netlink: 'syz.0.1773': attribute type 1 has an invalid length.
[  358.806346][ T9343] 8021q: adding VLAN 0 to HW filter on device bond1
[  358.855671][ T9347] device ip6erspan0 entered promiscuous mode
[  358.977160][ T9347] bond1: (slave ip6erspan0): making interface the new active one
[  359.021000][ T9347] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  359.036498][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  359.230556][ T9337] loop4: detected capacity change from 0 to 32768
[  360.138755][ T9357] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1775'.
[  360.174497][ T9337] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  360.705371][ T9337] syz.4.1769 (9337) used greatest stack depth: 16256 bytes left
[  360.787365][ T4258] ocfs2: Unmounting device (7,4) on (node local)
[  360.933634][ T9376] loop3: detected capacity change from 0 to 1024
[  361.155091][ T9376] hfsplus: request for non-existent node 16777216 in B*Tree
[  361.162890][ T9376] hfsplus: request for non-existent node 16777216 in B*Tree
[  361.174376][ T9376] hfsplus: request for non-existent node 16777216 in B*Tree
[  361.181738][ T9376] hfsplus: request for non-existent node 16777216 in B*Tree
[  361.750335][   T33] hfsplus: request for non-existent node 16777216 in B*Tree
[  361.763414][   T33] hfsplus: request for non-existent node 16777216 in B*Tree
[  361.834256][ T9380] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1783'.
[  362.206002][ T9391] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  362.319239][ T9392] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  362.397055][ T5134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.943162][ T5134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.951638][ T5134] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  366.436668][ T9407] loop4: detected capacity change from 0 to 32768
[  366.535637][ T9426] loop5: detected capacity change from 0 to 47
[  367.093898][ T9429] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  367.118697][ T9429] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  369.629025][ T9456] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  371.446003][ T9476] loop4: detected capacity change from 0 to 1024
[  372.314476][ T5714] hfsplus: b-tree write err: -5, ino 4
[  374.058183][ T9497] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  375.750923][ T9509] loop4: detected capacity change from 0 to 4096
[  375.781984][ T9509] NILFS (loop4): invalid segment: Checksum error in segment payload
[  375.806393][ T9509] NILFS (loop4): trying rollback from an earlier position
[  375.871270][ T9509] NILFS (loop4): recovery complete
[  375.938505][ T9517] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  377.345426][ T9537] loop0: detected capacity change from 0 to 16
[  377.568776][ T9537] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  378.470315][ T9553] netlink: 'syz.0.1838': attribute type 1 has an invalid length.
[  378.495870][ T9553] 8021q: adding VLAN 0 to HW filter on device bond2
[  378.584943][ T9555] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  379.314413][ T9553] bond2: (slave ip6gretap1): making interface the new active one
[  379.349279][ T9553] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  379.355658][ T9528] loop5: detected capacity change from 0 to 40427
[  379.376958][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  379.396470][   T48] Bluetooth: hci3: unexpected event for opcode 0x080f
[  379.415876][ T9557] loop3: detected capacity change from 0 to 1024
[  379.426668][ T9528] F2FS-fs (loop5): Unrecognized mount option "errors=coninue" or missing value
[  379.629023][ T4303] hfsplus: b-tree write err: -5, ino 4
[  380.027679][ T9574] loop4: detected capacity change from 0 to 16
[  380.040262][ T9574] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  381.072527][   T48] Bluetooth: hci1: unexpected event for opcode 0x080f
[  381.726053][ T9597] loop5: detected capacity change from 0 to 1024
[  382.023589][ T4303] hfsplus: b-tree write err: -5, ino 4
[  382.108064][ T9604] loop3: detected capacity change from 0 to 16
[  382.153971][ T9604] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  383.378201][ T9627] netlink: 'syz.3.1868': attribute type 1 has an invalid length.
[  383.403274][   T48] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  383.412221][   T48] Bluetooth: hci3: Injecting HCI hardware error event
[  383.421708][ T4268] Bluetooth: hci3: hardware error 0x00
[  383.516197][ T9627] 8021q: adding VLAN 0 to HW filter on device bond1
[  383.545334][ T9630] device ip6erspan0 entered promiscuous mode
[  383.813945][ T9650] loop0: detected capacity change from 0 to 16
[  383.831074][ T9650] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  385.704258][   T48] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  385.713376][   T48] Bluetooth: hci1: Injecting HCI hardware error event
[  385.722678][   T48] Bluetooth: hci1: hardware error 0x00
[  385.731103][ T4268] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  387.431285][ T9704] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1899'.
[  387.963640][   T48] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  388.662113][ T9716] netlink: 'syz.2.1902': attribute type 10 has an invalid length.
[  388.718232][ T9716] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1902'.
[  389.250852][ T9737] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  389.289133][ T9737] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  389.417095][   T48] Bluetooth: hci2: unexpected event for opcode 0x080f
[  389.980004][ T9739] loop0: detected capacity change from 0 to 1024
[  390.111982][ T9739] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  390.129748][ T9739] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1910'.
[  390.382669][ T9755] loop3: detected capacity change from 0 to 1024
[  391.194528][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  391.227222][ T9760] netlink: 'syz.5.1917': attribute type 10 has an invalid length.
[  391.255021][ T4314] hfsplus: b-tree write err: -5, ino 4
[  391.263428][ T9760] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1917'.
[  392.263935][ T9789] loop4: detected capacity change from 0 to 47
[  393.480766][ T9790] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  393.501407][ T9790] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  393.515395][   T48] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  393.534520][   T48] Bluetooth: hci2: Injecting HCI hardware error event
[  393.550218][ T9674] Bluetooth: hci2: hardware error 0x00
[  393.754771][ T9788] loop4: detected capacity change from 0 to 1024
[  394.181509][ T9787] loop0: detected capacity change from 0 to 2048
[  394.568060][ T9787] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  394.583438][ T9787] ext4 filesystem being mounted at /387/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  394.598631][ T9802] netlink: 'syz.4.1933': attribute type 10 has an invalid length.
[  396.567041][ T9802] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1933'.
[  396.716775][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  396.850258][ T9674] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  397.077260][ T9822] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1941'.
[  397.552791][ T4887] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  397.618421][ T9835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  398.254563][ T4887] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.315241][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  398.470206][ T9841] loop4: detected capacity change from 0 to 8
[  398.487787][ T9841] SQUASHFS error: lzo decompression failed, data probably corrupt
[  398.501715][ T9841] SQUASHFS error: Failed to read block 0x91: -5
[  398.620497][ T9843] loop0: detected capacity change from 0 to 1024
[  399.311689][ T9841] SQUASHFS error: Unable to read metadata cache entry [8f]
[  399.340523][ T9841] SQUASHFS error: Unable to read inode 0x11f
[  399.579155][ T4524] hfsplus: b-tree write err: -5, ino 4
[  399.742684][ T9853] loop4: detected capacity change from 0 to 256
[  400.099203][ T9855] netlink: 'syz.0.1952': attribute type 10 has an invalid length.
[  400.135502][ T9855] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1952'.
[  400.244692][ T9864] loop3: detected capacity change from 0 to 512
[  400.790107][ T9875] x_tables: ip_tables: tcp match: only valid for protocol 6
[  402.037763][ T9884] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  402.058211][ T9884] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  403.561178][ T9906] loop3: detected capacity change from 0 to 8
[  403.669537][ T9904] netlink: 'syz.4.1968': attribute type 10 has an invalid length.
[  403.814995][ T9901] loop5: detected capacity change from 0 to 1024
[  403.833783][ T9906] SQUASHFS error: lzo decompression failed, data probably corrupt
[  403.848036][ T9904] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1968'.
[  403.869231][ T9906] SQUASHFS error: Failed to read block 0x91: -5
[  403.917829][ T9906] SQUASHFS error: Unable to read metadata cache entry [8f]
[  403.963125][ T9906] SQUASHFS error: Unable to read inode 0x11f
[  404.099987][    T9] hfsplus: b-tree write err: -5, ino 4
[  404.212298][ T9912] loop4: detected capacity change from 0 to 512
[  404.369932][ T9917] loop3: detected capacity change from 0 to 256
[  405.095597][ T9926] x_tables: ip_tables: tcp match: only valid for protocol 6
[  406.204982][ T9947] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  407.330215][ T9943] netlink: 'syz.4.1982': attribute type 10 has an invalid length.
[  407.431943][ T9943] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1982'.
[  408.775764][ T9972] loop3: detected capacity change from 0 to 512
[  409.158860][ T9981] x_tables: ip_tables: tcp match: only valid for protocol 6
[  410.158198][ T9986] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  410.196522][ T9986] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  412.838501][T10031] x_tables: ip_tables: tcp match: only valid for protocol 6
[  413.636038][T10034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  414.144613][T10020] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  414.494146][T10020] 8021q: adding VLAN 0 to HW filter on device bond0
[  414.506509][T10020] bond0: (slave rose0): Enslaving as an active interface with an up link
[  414.515762][ T4887] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  416.175869][T10076] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  416.195768][T10076] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  416.264123][T10078] x_tables: ip_tables: tcp match: only valid for protocol 6
[  417.193691][T10084] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  417.231166][T10084] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  418.681201][T10107] bond0 speed is unknown, defaulting to 1000
[  418.712550][T10107] lo speed is unknown, defaulting to 1000
[  419.397684][T10132] loop4: detected capacity change from 0 to 512
[  419.729278][T10136] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  419.747252][T10136] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  421.359404][T10160] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  421.397072][T10160] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  422.168316][T10168] loop0: detected capacity change from 0 to 64
[  422.562443][T10180] loop3: detected capacity change from 0 to 2048
[  422.604196][T10180] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  423.498072][T10213] futex_wake_op: syz.3.2063 tries to shift op by -1; fix this program
[  423.514764][T10213] loop3: detected capacity change from 0 to 512
[  423.543315][T10213] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  423.552790][T10213] ext4 filesystem being mounted at /415/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  423.569030][   T27] audit: type=1800 audit(1743305365.275:1023): pid=10213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2063" name="file1" dev="loop3" ino=15 res=0 errno=0
[  423.595102][T10213] hub 2-0:1.0: USB hub found
[  423.600037][T10213] hub 2-0:1.0: 1 port detected
[  423.605457][   T27] audit: type=1800 audit(1743305365.295:1024): pid=10213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2063" name="file2" dev="loop3" ino=16 res=0 errno=0
[  423.629219][T10213] netlink: 'syz.3.2063': attribute type 15 has an invalid length.
[  423.833871][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  423.906605][T10222] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  423.927083][T10222] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  424.284897][T10236] loop3: detected capacity change from 0 to 47
[  424.612646][T10236] loop3: detected capacity change from 0 to 1024
[  425.368017][T10248] device ip6erspan0 entered promiscuous mode
[  425.511657][T10252] futex_wake_op: syz.2.2077 tries to shift op by -1; fix this program
[  425.532018][T10252] netlink: 'syz.2.2077': attribute type 15 has an invalid length.
[  426.596609][T10267] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2083'.
[  426.694255][T10267] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2083'.
[  427.243858][T10286] loop0: detected capacity change from 0 to 47
[  427.380754][T10286] loop0: detected capacity change from 0 to 1024
[  428.034490][   T27] audit: type=1326 audit(1743305369.745:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.098377][   T27] audit: type=1326 audit(1743305369.765:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.195670][   T27] audit: type=1326 audit(1743305369.765:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.283245][   T27] audit: type=1326 audit(1743305369.765:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.327227][   T27] audit: type=1326 audit(1743305369.765:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.350330][   T27] audit: type=1326 audit(1743305369.765:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.380471][   T27] audit: type=1326 audit(1743305369.765:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.426591][T10302] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  428.509311][   T27] audit: type=1326 audit(1743305369.765:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.598887][   T27] audit: type=1326 audit(1743305369.835:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.622441][   T27] audit: type=1326 audit(1743305369.835:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10292 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  428.645989][   T27] audit: type=1326 audit(1743305369.835:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f7e569bfa25 code=0x7ffc0000
[  428.668613][   T27] audit: type=1326 audit(1743305370.095:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.4.2095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f7e5698d169 code=0x7ffc0000
[  430.733720][T10310] loop5: detected capacity change from 0 to 32768
[  430.783142][T10310] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  431.229367][T10349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  431.246951][ T4903] ocfs2: Unmounting device (7,5) on (node local)
[  431.857542][T10359] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  431.887308][T10359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  432.869970][T10384] loop0: detected capacity change from 0 to 47
[  433.426705][T10384] loop0: detected capacity change from 0 to 1024
[  435.613715][T10405] 9pnet_fd: Insufficient options for proto=fd
[  435.952728][T10413] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  435.972731][T10413] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  436.142494][T10423] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  436.567513][T10442] loop5: detected capacity change from 0 to 47
[  436.741177][T10442] loop5: detected capacity change from 0 to 1024
[  437.560387][T10446] loop4: detected capacity change from 0 to 1024
[  437.665501][T10446] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  437.694580][T10446] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2138'.
[  437.762536][T10446] siw: device registration error -23
[  437.854373][T10470] 9pnet_fd: Insufficient options for proto=fd
[  437.902890][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  438.051970][T10479] loop4: detected capacity change from 0 to 8
[  438.106000][T10479] SQUASHFS error: lzo decompression failed, data probably corrupt
[  438.202928][T10479] SQUASHFS error: Failed to read block 0x91: -5
[  438.214312][T10479] SQUASHFS error: Unable to read metadata cache entry [8f]
[  438.225052][T10479] SQUASHFS error: Unable to read inode 0x11f
[  438.251854][T10482] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  438.522381][T10485] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  438.540339][T10485] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  438.692597][T10487] loop4: detected capacity change from 0 to 1024
[  438.701531][T10487] EXT4-fs: Ignoring removed nobh option
[  438.707280][T10487] EXT4-fs: Ignoring removed bh option
[  439.453598][T10487] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  439.497400][T10487] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  439.798181][T10497] loop5: detected capacity change from 0 to 47
[  441.208789][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  441.237972][T10494] loop5: detected capacity change from 0 to 1024
[  441.265575][T10502] loop0: detected capacity change from 0 to 256
[  441.272619][T10502] exfat: Deprecated parameter 'namecase'
[  441.307061][T10502] exfat: Deprecated parameter 'namecase'
[  441.316463][T10502] exfat: Unknown parameter 'zero_size_dir'
[  441.360485][T10502] loop0: detected capacity change from 0 to 64
[  441.385178][T10506] loop3: detected capacity change from 0 to 1024
[  441.529618][T10506] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  441.581203][T10512] 9pnet_fd: Insufficient options for proto=fd
[  441.605316][T10506] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2158'.
[  441.681283][T10506] siw: device registration error -23
[  442.020722][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  444.726983][T10535] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  444.748532][T10535] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  446.374298][T10551] loop5: detected capacity change from 0 to 47
[  446.437717][T10551] loop5: detected capacity change from 0 to 1024
[  446.762651][T10568] loop3: detected capacity change from 0 to 2048
[  446.772100][T10568] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  446.831987][T10571] futex_wake_op: syz.5.2178 tries to shift op by -1; fix this program
[  446.840650][T10574] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  446.862895][T10571] loop5: detected capacity change from 0 to 512
[  446.936482][T10571] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  446.961388][T10571] ext4 filesystem being mounted at /370/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  447.051582][   T27] audit: type=1800 audit(1743305388.755:1037): pid=10571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2178" name="file1" dev="loop5" ino=15 res=0 errno=0
[  447.084770][T10571] hub 2-0:1.0: USB hub found
[  447.094109][T10571] hub 2-0:1.0: 1 port detected
[  447.113210][T10571] netlink: 'syz.5.2178': attribute type 15 has an invalid length.
[  447.129796][   T27] audit: type=1800 audit(1743305388.785:1038): pid=10571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2178" name="file2" dev="loop5" ino=16 res=0 errno=0
[  447.216044][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  447.550383][T10602] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2187'.
[  449.182624][T10618] loop3: detected capacity change from 0 to 2048
[  449.881977][T10619] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  450.252427][T10624] futex_wake_op: syz.4.2195 tries to shift op by -1; fix this program
[  450.298841][T10624] loop4: detected capacity change from 0 to 512
[  450.409851][T10624] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  450.544947][T10624] ext4 filesystem being mounted at /428/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  451.323922][   T27] audit: type=1800 audit(1743305393.035:1039): pid=10624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2195" name="file1" dev="loop4" ino=15 res=0 errno=0
[  451.337329][T10624] hub 2-0:1.0: USB hub found
[  451.344839][   T27] audit: type=1800 audit(1743305393.045:1040): pid=10624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2195" name="file2" dev="loop4" ino=16 res=0 errno=0
[  451.802096][T10624] hub 2-0:1.0: 1 port detected
[  451.829607][T10642] netlink: 'syz.4.2195': attribute type 15 has an invalid length.
[  451.891928][T10644] 9pnet_fd: Insufficient options for proto=fd
[  452.252296][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  452.355857][T10653] loop0: detected capacity change from 0 to 8
[  452.450769][T10653] SQUASHFS error: lzo decompression failed, data probably corrupt
[  452.514421][T10653] SQUASHFS error: Failed to read block 0x91: -5
[  452.551346][T10653] SQUASHFS error: Unable to read metadata cache entry [8f]
[  452.614301][T10653] SQUASHFS error: Unable to read inode 0x11f
[  454.637269][T10676] loop0: detected capacity change from 0 to 256
[  455.733983][T10685] 9pnet_fd: Insufficient options for proto=fd
[  456.098660][T10687] futex_wake_op: syz.0.2212 tries to shift op by -1; fix this program
[  456.608849][T10687] loop0: detected capacity change from 0 to 512
[  456.668310][T10691] loop5: detected capacity change from 0 to 1024
[  456.759479][T10687] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  456.780339][T10691] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  456.790973][T10687] ext4 filesystem being mounted at /440/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  456.834925][T10691] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2213'.
[  456.861412][   T27] audit: type=1800 audit(1743305398.565:1041): pid=10687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2212" name="file1" dev="loop0" ino=15 res=0 errno=0
[  456.894063][T10687] hub 2-0:1.0: USB hub found
[  456.905678][T10687] hub 2-0:1.0: 1 port detected
[  456.917254][   T27] audit: type=1800 audit(1743305398.595:1042): pid=10687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2212" name="file2" dev="loop0" ino=16 res=0 errno=0
[  456.938953][T10691] siw: device registration error -23
[  456.942053][T10687] netlink: 'syz.0.2212': attribute type 15 has an invalid length.
[  457.053205][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  457.061393][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  457.834290][T10718] loop5: detected capacity change from 0 to 1024
[  459.787329][T10739] netlink: 'syz.0.2226': attribute type 2 has an invalid length.
[  459.891379][T10742] 9pnet_fd: Insufficient options for proto=fd
[  460.042242][T10745] loop4: detected capacity change from 0 to 256
[  460.063209][T10745] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  460.094526][T10746] futex_wake_op: syz.5.2229 tries to shift op by -1; fix this program
[  460.113821][T10748] loop0: detected capacity change from 0 to 1024
[  460.126056][T10746] loop5: detected capacity change from 0 to 512
[  460.170769][T10748] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  460.180101][T10746] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  460.197825][T10746] ext4 filesystem being mounted at /382/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  460.220699][T10748] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2230'.
[  460.245220][   T27] audit: type=1800 audit(1743305401.955:1043): pid=10746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2229" name="file1" dev="loop5" ino=15 res=0 errno=0
[  460.312840][T10755] hub 2-0:1.0: USB hub found
[  460.347705][T10755] hub 2-0:1.0: 1 port detected
[  460.379455][   T27] audit: type=1800 audit(1743305401.995:1044): pid=10755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2229" name="file2" dev="loop5" ino=16 res=0 errno=0
[  460.396081][T10746] netlink: 'syz.5.2229': attribute type 15 has an invalid length.
[  460.459961][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  460.745368][T10763] loop4: detected capacity change from 0 to 1024
[  461.159935][T10765] loop0: detected capacity change from 0 to 8
[  461.255851][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  461.271369][T10765] SQUASHFS error: lzo decompression failed, data probably corrupt
[  461.311604][T10765] SQUASHFS error: Failed to read block 0x91: -5
[  461.340991][T10765] SQUASHFS error: Unable to read metadata cache entry [8f]
[  461.349503][T10765] SQUASHFS error: Unable to read inode 0x11f
[  461.774801][T10778] loop0: detected capacity change from 0 to 256
[  462.462690][T10788] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  462.482935][T10788] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  464.056606][T10805] futex_wake_op: syz.3.2246 tries to shift op by -1; fix this program
[  464.080606][T10805] loop3: detected capacity change from 0 to 512
[  464.241138][T10805] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  464.287647][T10805] ext4 filesystem being mounted at /445/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  464.863918][   T27] audit: type=1800 audit(1743305406.465:1045): pid=10805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2246" name="file1" dev="loop3" ino=15 res=0 errno=0
[  464.919408][T10805] hub 2-0:1.0: USB hub found
[  464.969368][T10818] netlink: 'syz.3.2246': attribute type 15 has an invalid length.
[  464.987950][   T27] audit: type=1800 audit(1743305406.525:1046): pid=10805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2246" name="file2" dev="loop3" ino=16 res=0 errno=0
[  465.040716][T10805] hub 2-0:1.0: 1 port detected
[  465.166476][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  465.264862][T10825] loop5: detected capacity change from 0 to 8
[  465.307640][T10825] SQUASHFS error: lzo decompression failed, data probably corrupt
[  465.316491][T10825] SQUASHFS error: Failed to read block 0x91: -5
[  465.322964][T10825] SQUASHFS error: Unable to read metadata cache entry [8f]
[  465.335538][T10825] SQUASHFS error: Unable to read inode 0x11f
[  465.722582][T10835] loop5: detected capacity change from 0 to 256
[  466.425221][T10842] netlink: 'syz.3.2258': attribute type 7 has an invalid length.
[  466.433077][T10842] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2258'.
[  466.602582][T10848] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  467.012094][T10853] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  467.031424][T10853] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  467.229513][T10861] futex_wake_op: syz.3.2262 tries to shift op by -1; fix this program
[  467.281960][T10861] loop3: detected capacity change from 0 to 512
[  467.372952][T10861] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  467.482041][T10861] ext4 filesystem being mounted at /449/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  467.530976][   T27] audit: type=1800 audit(1743305409.235:1047): pid=10861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2262" name="file1" dev="loop3" ino=15 res=0 errno=0
[  467.571980][   T27] audit: type=1800 audit(1743305409.275:1048): pid=10861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2262" name="file2" dev="loop3" ino=16 res=0 errno=0
[  467.603701][T10861] hub 2-0:1.0: USB hub found
[  467.609050][T10861] hub 2-0:1.0: 1 port detected
[  467.665035][T10871] netlink: 'syz.3.2262': attribute type 15 has an invalid length.
[  467.904252][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  468.817501][T10890] netlink: 'syz.0.2272': attribute type 7 has an invalid length.
[  468.836956][T10890] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2272'.
[  469.684396][T10897] netlink: 'syz.3.2274': attribute type 1 has an invalid length.
[  469.733347][ T4301] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  469.799442][T10897] 8021q: adding VLAN 0 to HW filter on device bond2
[  469.933273][ T4301] usb 6-1: Using ep0 maxpacket: 16
[  469.954067][ T4301] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  469.997118][ T4301] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  470.035822][ T4301] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  470.063072][ T4301] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.091606][ T4301] usb 6-1: Product: syz
[  470.101736][ T4301] usb 6-1: Manufacturer: syz
[  470.111866][ T4301] usb 6-1: SerialNumber: syz
[  470.322912][T10910] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  470.677411][T10917] 9pnet_fd: Insufficient options for proto=fd
[  470.828074][T10921] loop3: detected capacity change from 0 to 512
[  471.592806][T10921] x_tables: ip_tables: tcp match: only valid for protocol 6
[  471.939698][ T4301] usb 6-1: 0:2 : does not exist
[  471.965927][ T4301] usb 6-1: USB disconnect, device number 2
[  471.992540][T10930] netlink: 'syz.4.2286': attribute type 7 has an invalid length.
[  472.013132][T10930] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2286'.
[  472.318339][T10942] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2291'.
[  472.333969][T10944] loop4: detected capacity change from 0 to 8
[  472.551923][T10944] SQUASHFS error: lzo decompression failed, data probably corrupt
[  472.580219][T10944] SQUASHFS error: Failed to read block 0x91: -5
[  472.609461][T10944] SQUASHFS error: Unable to read metadata cache entry [8f]
[  472.657806][T10944] SQUASHFS error: Unable to read inode 0x11f
[  472.890266][T10958] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  472.910814][T10958] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  473.930546][T10962] loop4: detected capacity change from 0 to 256
[  477.103180][ T4301] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  477.303125][ T4301] usb 6-1: Using ep0 maxpacket: 16
[  477.311973][ T4301] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  477.354467][ T4301] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  477.375762][ T4301] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  477.403741][ T4301] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.411793][ T4301] usb 6-1: Product: syz
[  477.440288][T10996] netlink: 'syz.4.2309': attribute type 1 has an invalid length.
[  477.448127][ T4301] usb 6-1: Manufacturer: syz
[  477.452929][ T4301] usb 6-1: SerialNumber: syz
[  477.528234][T10996] 8021q: adding VLAN 0 to HW filter on device bond1
[  477.578699][T11000] device ip6erspan0 entered promiscuous mode
[  477.795232][T11003] loop0: detected capacity change from 0 to 8
[  477.820394][T11003] SQUASHFS error: lzo decompression failed, data probably corrupt
[  477.829006][T11003] SQUASHFS error: Failed to read block 0x91: -5
[  477.836038][T11003] SQUASHFS error: Unable to read metadata cache entry [8f]
[  477.843892][T11003] SQUASHFS error: Unable to read inode 0x11f
[  478.043440][T11007] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  478.402006][T11011] loop0: detected capacity change from 0 to 256
[  479.406528][ T4301] usb 6-1: 0:2 : does not exist
[  479.520389][ T4301] usb 6-1: USB disconnect, device number 3
[  479.662887][T11019] 9pnet_fd: Insufficient options for proto=fd
[  482.273088][T11064] netlink: 'syz.2.2331': attribute type 10 has an invalid length.
[  482.281055][T11064] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2331'.
[  483.214879][T11080] loop4: detected capacity change from 0 to 512
[  486.188848][T11095] futex_wake_op: syz.3.2338 tries to shift op by -1; fix this program
[  486.310918][T11095] loop3: detected capacity change from 0 to 512
[  486.381601][T11095] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  486.421551][T11095] ext4 filesystem being mounted at /464/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  486.504123][   T27] audit: type=1800 audit(1743305428.215:1049): pid=11095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2338" name="file1" dev="loop3" ino=15 res=0 errno=0
[  486.547100][T11095] hub 2-0:1.0: USB hub found
[  486.553630][T11095] hub 2-0:1.0: 1 port detected
[  486.560369][T11095] netlink: 'syz.3.2338': attribute type 15 has an invalid length.
[  486.597583][   T27] audit: type=1800 audit(1743305428.255:1050): pid=11095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2338" name="file2" dev="loop3" ino=16 res=0 errno=0
[  486.631340][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  487.006160][T11113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.065526][T11115] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  487.092895][T11110] x_tables: ip_tables: tcp match: only valid for protocol 6
[  487.224060][T11119] loop3: detected capacity change from 0 to 47
[  487.356703][T11119] loop3: detected capacity change from 0 to 1024
[  487.406079][T11118] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.940698][T11105] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  488.151062][T11124] loop3: detected capacity change from 0 to 8
[  488.176454][T11124] SQUASHFS error: lzo decompression failed, data probably corrupt
[  488.193290][T11124] SQUASHFS error: Failed to read block 0x91: -5
[  488.214163][T11124] SQUASHFS error: Unable to read metadata cache entry [8f]
[  488.237395][T11124] SQUASHFS error: Unable to read inode 0x11f
[  488.550769][T11130] loop3: detected capacity change from 0 to 256
[  489.186774][T11137] netlink: 'syz.3.2350': attribute type 1 has an invalid length.
[  489.310311][T11137] 8021q: adding VLAN 0 to HW filter on device bond3
[  490.928204][T11152] futex_wake_op: syz.5.2354 tries to shift op by -1; fix this program
[  490.999012][T11152] loop5: detected capacity change from 0 to 512
[  491.061261][T11152] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  491.104581][T11152] ext4 filesystem being mounted at /403/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  491.197777][T11152] hub 2-0:1.0: USB hub found
[  491.223271][   T27] audit: type=1800 audit(1743305432.895:1051): pid=11152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2354" name="file1" dev="loop5" ino=15 res=0 errno=0
[  491.263078][T11152] hub 2-0:1.0: 1 port detected
[  491.290946][T11163] netlink: 'syz.5.2354': attribute type 15 has an invalid length.
[  491.316020][   T27] audit: type=1800 audit(1743305432.895:1052): pid=11152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2354" name="file2" dev="loop5" ino=16 res=0 errno=0
[  491.473580][T11167] loop0: detected capacity change from 0 to 47
[  491.621772][T11167] loop0: detected capacity change from 0 to 1024
[  492.235474][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  492.591862][T11176] loop0: detected capacity change from 0 to 8
[  492.662247][T11176] SQUASHFS error: lzo decompression failed, data probably corrupt
[  492.721569][T11176] SQUASHFS error: Failed to read block 0x91: -5
[  492.770192][T11176] SQUASHFS error: Unable to read metadata cache entry [8f]
[  492.820333][T11176] SQUASHFS error: Unable to read inode 0x11f
[  492.975123][T11182] loop3: detected capacity change from 0 to 512
[  493.215359][T11185] loop0: detected capacity change from 0 to 256
[  493.218022][T11184] loop5: detected capacity change from 0 to 1024
[  494.164320][T11184] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  494.234002][T11184] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2364'.
[  494.292223][T11197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2367'.
[  494.316233][T11184] siw: device registration error -23
[  494.424650][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  494.641558][T11206] futex_wake_op: syz.5.2369 tries to shift op by -1; fix this program
[  494.702457][T11203] loop5: detected capacity change from 0 to 512
[  494.782497][T11203] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  494.800348][T11212] x_tables: ip_tables: tcp match: only valid for protocol 6
[  494.954430][T11203] ext4 filesystem being mounted at /407/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  495.232829][   T27] audit: type=1800 audit(1743305436.935:1053): pid=11206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2369" name="file2" dev="loop5" ino=16 res=0 errno=0
[  495.235711][T11206] hub 2-0:1.0: USB hub found
[  495.309126][   T27] audit: type=1800 audit(1743305437.015:1054): pid=11203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2369" name="file1" dev="loop5" ino=15 res=0 errno=0
[  495.313907][T11203] netlink: 'syz.5.2369': attribute type 15 has an invalid length.
[  495.330544][T11206] hub 2-0:1.0: 1 port detected
[  495.457582][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  495.668540][T11226] loop3: detected capacity change from 0 to 8
[  495.713341][T11226] SQUASHFS error: lzo decompression failed, data probably corrupt
[  495.739342][T11226] SQUASHFS error: Failed to read block 0x91: -5
[  495.759450][T11226] SQUASHFS error: Unable to read metadata cache entry [8f]
[  495.781223][T11226] SQUASHFS error: Unable to read inode 0x11f
[  496.096964][T11230] loop3: detected capacity change from 0 to 256
[  499.087167][T11248] loop5: detected capacity change from 0 to 1024
[  499.237243][T11253] netlink: 'syz.3.2381': attribute type 1 has an invalid length.
[  499.307281][T11248] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  499.320919][T11253] 8021q: adding VLAN 0 to HW filter on device bond4
[  499.373872][T11248] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2379'.
[  499.388964][T11259] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 440: padding at end of block bitmap is not set
[  499.434968][T11248] siw: device registration error -23
[  499.550755][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  499.671817][T11268] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2384'.
[  499.709658][T11270] loop5: detected capacity change from 0 to 512
[  499.967064][T11278] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  499.987975][T11278] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  500.262742][T11281] loop3: detected capacity change from 0 to 8
[  501.175059][T11281] SQUASHFS error: lzo decompression failed, data probably corrupt
[  501.182965][T11281] SQUASHFS error: Failed to read block 0x91: -5
[  501.214901][T11281] SQUASHFS error: Unable to read metadata cache entry [8f]
[  501.242586][T11281] SQUASHFS error: Unable to read inode 0x11f
[  501.657309][T11294] loop3: detected capacity change from 0 to 256
[  502.457758][T11308] x_tables: ip_tables: tcp match: only valid for protocol 6
[  502.726976][T11307] siw: device registration error -23
[  503.757201][T11333] loop0: detected capacity change from 0 to 8
[  503.769445][T11328] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  503.808289][T11328] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  504.701936][T11333] SQUASHFS error: lzo decompression failed, data probably corrupt
[  504.752868][T11333] SQUASHFS error: Failed to read block 0x91: -5
[  504.792729][T11333] SQUASHFS error: Unable to read metadata cache entry [8f]
[  504.842059][T11333] SQUASHFS error: Unable to read inode 0x11f
[  504.853409][T11342] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2406'.
[  505.174747][T11345] loop0: detected capacity change from 0 to 256
[  505.262653][T11349] device ip6erspan0 entered promiscuous mode
[  505.265875][T11348] loop3: detected capacity change from 0 to 512
[  505.630791][T11353] loop0: detected capacity change from 0 to 1024
[  505.721401][T11353] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  505.750536][T11353] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2410'.
[  505.840012][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  505.911123][T11359] x_tables: ip_tables: tcp match: only valid for protocol 6
[  506.650622][T11374] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2417'.
[  507.915524][T11390] loop5: detected capacity change from 0 to 1024
[  507.959109][T11391] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2421'.
[  507.980018][T11390] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  508.017752][T11390] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2422'.
[  508.042286][T11390] siw: device registration error -23
[  508.219031][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  508.235062][T11402] loop0: detected capacity change from 0 to 512
[  509.357773][T11412] x_tables: ip_tables: tcp match: only valid for protocol 6
[  509.960665][T11414] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2429'.
[  510.139177][T11417] loop4: detected capacity change from 0 to 1024
[  511.050038][ T4694] hfsplus: b-tree write err: -5, ino 4
[  511.271459][T11434] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2435'.
[  511.330979][T11440] loop3: detected capacity change from 0 to 8
[  511.396548][T11440] SQUASHFS error: lzo decompression failed, data probably corrupt
[  511.420691][T11440] SQUASHFS error: Failed to read block 0x91: -5
[  511.442482][T11440] SQUASHFS error: Unable to read metadata cache entry [8f]
[  511.460532][T11440] SQUASHFS error: Unable to read inode 0x11f
[  511.677233][T11450] loop5: detected capacity change from 0 to 64
[  512.536688][T11455] loop3: detected capacity change from 0 to 256
[  513.138173][T11460] loop0: detected capacity change from 0 to 512
[  513.303334][T11471] loop3: detected capacity change from 0 to 1024
[  513.552001][T11474] x_tables: ip_tables: tcp match: only valid for protocol 6
[  515.202713][   T75] hfsplus: b-tree write err: -5, ino 4
[  515.327747][T11491] loop0: detected capacity change from 0 to 47
[  515.556087][T11492] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2452'.
[  516.122548][T11489] loop0: detected capacity change from 0 to 1024
[  516.126124][T11499] loop4: detected capacity change from 0 to 8
[  516.185814][T11499] SQUASHFS error: lzo decompression failed, data probably corrupt
[  516.203191][T11499] SQUASHFS error: Failed to read block 0x91: -5
[  516.209499][T11499] SQUASHFS error: Unable to read metadata cache entry [8f]
[  516.265364][T11499] SQUASHFS error: Unable to read inode 0x11f
[  517.589209][T11512] loop4: detected capacity change from 0 to 256
[  520.200375][T11543] loop4: detected capacity change from 0 to 1024
[  520.335704][T11545] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2466'.
[  520.829429][T11559] loop3: detected capacity change from 0 to 47
[  520.971491][T11559] loop3: detected capacity change from 0 to 1024
[  521.503418][   T33] hfsplus: b-tree write err: -5, ino 4
[  522.216076][T11552] loop0: detected capacity change from 0 to 32768
[  522.337039][T11552] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.2469 (11552)
[  522.858199][T11552] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  522.887095][T11552] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  522.896608][T11575] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  522.915760][T11579] loop3: detected capacity change from 0 to 64
[  522.931678][T11552] BTRFS info (device loop0): force zlib compression, level 3
[  522.957439][T11552] BTRFS info (device loop0): force clearing of disk cache
[  523.073230][T11552] BTRFS info (device loop0): setting nodatasum
[  523.090031][T11552] BTRFS info (device loop0): doing ref verification
[  523.133260][T11552] BTRFS info (device loop0): allowing degraded mounts
[  523.168219][T11585] netlink: 'syz.2.2478': attribute type 2 has an invalid length.
[  523.169479][T11552] BTRFS info (device loop0): trying to use backup root at mount time
[  523.186134][T11552] BTRFS info (device loop0): using free space tree
[  524.780075][T11552] BTRFS error (device loop0): open_ctree failed: -12
[  524.872203][T11613] 9pnet_fd: Insufficient options for proto=fd
[  526.255222][T11640] futex_wake_op: syz.5.2489 tries to shift op by -1; fix this program
[  526.302015][T11640] loop5: detected capacity change from 0 to 512
[  526.371188][T11640] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  526.382631][T11640] ext4 filesystem being mounted at /425/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  526.408562][   T27] audit: type=1800 audit(1743305468.115:1055): pid=11640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2489" name="file1" dev="loop5" ino=15 res=0 errno=0
[  526.440060][T11640] hub 2-0:1.0: USB hub found
[  526.460444][T11640] hub 2-0:1.0: 1 port detected
[  526.491381][T11640] netlink: 'syz.5.2489': attribute type 15 has an invalid length.
[  526.499499][   T27] audit: type=1800 audit(1743305468.145:1056): pid=11640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2489" name="file2" dev="loop5" ino=16 res=0 errno=0
[  526.689686][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  526.906878][T11653] netlink: 'syz.0.2493': attribute type 7 has an invalid length.
[  526.923972][T11653] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2493'.
[  526.970014][T11655] netlink: 'syz.5.2494': attribute type 2 has an invalid length.
[  527.150063][T11658] 9pnet_fd: Insufficient options for proto=fd
[  527.727676][T11680] futex_wake_op: syz.4.2503 tries to shift op by -1; fix this program
[  527.742214][T11680] loop4: detected capacity change from 0 to 512
[  527.760116][T11680] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  527.769745][T11680] ext4 filesystem being mounted at /490/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.821118][T11684] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  527.844315][   T27] audit: type=1800 audit(1743305469.545:1057): pid=11680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2503" name="file1" dev="loop4" ino=15 res=0 errno=0
[  527.881404][T11680] hub 2-0:1.0: USB hub found
[  527.900373][T11680] hub 2-0:1.0: 1 port detected
[  527.921992][   T27] audit: type=1800 audit(1743305469.575:1058): pid=11685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2503" name="file2" dev="loop4" ino=16 res=0 errno=0
[  527.947637][T11685] netlink: 'syz.4.2503': attribute type 15 has an invalid length.
[  528.109477][T11684] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  528.330844][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  528.389536][T11691] netlink: 'syz.2.2507': attribute type 1 has an invalid length.
[  528.409685][T11689] loop5: detected capacity change from 0 to 1024
[  528.458398][T11691] 8021q: adding VLAN 0 to HW filter on device bond1
[  528.475282][T11689] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  528.497210][T11689] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2506'.
[  528.740505][T11700] loop3: detected capacity change from 0 to 512
[  528.755103][T11700] EXT4-fs: Ignoring removed mblk_io_submit option
[  528.929359][T11700] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  529.481758][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  529.605787][T11705] loop4: detected capacity change from 0 to 1024
[  529.653085][   T27] audit: type=1800 audit(1743305471.305:1059): pid=11700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2505" name="file1" dev="loop3" ino=15 res=0 errno=0
[  529.773469][T11706] hfsplus: inconsistency in B*Tree (31095,1,255,1,0)
[  529.781052][T11706] hfsplus: xattr searching failed
[  529.806192][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  529.875541][T11710] 9pnet_fd: Insufficient options for proto=fd
[  530.008334][T11718] loop4: detected capacity change from 0 to 64
[  530.030796][T11717] futex_wake_op: syz.5.2514 tries to shift op by -1; fix this program
[  530.069740][T11717] loop5: detected capacity change from 0 to 512
[  530.140912][T11717] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  530.182392][T11717] ext4 filesystem being mounted at /432/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  530.211547][T11724] loop0: detected capacity change from 0 to 2048
[  530.242765][T11724] EXT4-fs: Ignoring removed mblk_io_submit option
[  530.271053][   T27] audit: type=1800 audit(1743305471.975:1060): pid=11717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2514" name="file1" dev="loop5" ino=15 res=0 errno=0
[  530.295552][T11717] hub 2-0:1.0: USB hub found
[  530.300363][T11717] hub 2-0:1.0: 1 port detected
[  530.309187][T11717] netlink: 'syz.5.2514': attribute type 15 has an invalid length.
[  530.320448][   T27] audit: type=1800 audit(1743305471.975:1061): pid=11717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2514" name="file2" dev="loop5" ino=16 res=0 errno=0
[  530.350144][T11724] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  530.457336][T11724] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2516: bg 0: block 234: padding at end of block bitmap is not set
[  530.476174][T11724] EXT4-fs (loop0): Remounting filesystem read-only
[  530.487337][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  530.563512][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  530.652281][T11742] netlink: 'syz.2.2521': attribute type 2 has an invalid length.
[  530.787400][T11744] loop4: detected capacity change from 0 to 1024
[  531.306423][T11753] 9pnet_fd: p9_fd_create_tcp (11753): problem connecting socket to 127.0.0.1
[  531.404766][T11744] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  531.797405][T11744] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2520'.
[  532.588152][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  533.023079][T11767] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2526'.
[  533.055463][T11767] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2526'.
[  533.298820][T11773] futex_wake_op: syz.0.2528 tries to shift op by -1; fix this program
[  533.345404][T11773] loop0: detected capacity change from 0 to 512
[  533.380213][T11775] loop5: detected capacity change from 0 to 64
[  533.590712][T11773] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  533.611819][T11773] ext4 filesystem being mounted at /504/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.642506][   T27] audit: type=1800 audit(1743305475.345:1062): pid=11773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2528" name="file1" dev="loop0" ino=15 res=0 errno=0
[  533.668252][T11773] hub 2-0:1.0: USB hub found
[  533.682860][T11773] hub 2-0:1.0: 1 port detected
[  533.719361][   T27] audit: type=1800 audit(1743305475.375:1063): pid=11773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2528" name="file2" dev="loop0" ino=16 res=0 errno=0
[  533.760072][T11773] netlink: 'syz.0.2528': attribute type 15 has an invalid length.
[  533.984374][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  534.120940][T11793] 9pnet_fd: Insufficient options for proto=fd
[  534.178684][T11798] loop0: detected capacity change from 0 to 1024
[  534.231418][T11798] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  534.289499][T11801] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  534.313871][T11798] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2535'.
[  534.511391][T11805] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2539'.
[  534.515080][T11808] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  534.543710][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  534.549933][T11805] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2539'.
[  535.587526][T11819] netlink: 'syz.2.2543': attribute type 2 has an invalid length.
[  536.484743][T11826] futex_wake_op: syz.2.2545 tries to shift op by -1; fix this program
[  536.614820][T11826] netlink: 'syz.2.2545': attribute type 15 has an invalid length.
[  536.923752][T11839] 9pnet_fd: Insufficient options for proto=fd
[  537.005595][T11841] loop4: detected capacity change from 0 to 1024
[  537.041352][T11843] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2551'.
[  537.059654][T11841] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  537.105122][T11841] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2550'.
[  539.274675][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  539.295766][T11864] netlink: 'syz.0.2555': attribute type 2 has an invalid length.
[  539.966989][T11882] loop4: detected capacity change from 0 to 47
[  540.066811][T11882] loop4: detected capacity change from 0 to 1024
[  541.322486][T11898] 9pnet_fd: Insufficient options for proto=fd
[  541.531245][T11902] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  541.549005][T11902] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  542.701416][T11910] loop4: detected capacity change from 0 to 1024
[  542.883188][T11910] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  543.300358][T11910] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2567'.
[  543.719719][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  544.972651][T11928] loop0: detected capacity change from 0 to 4096
[  545.180217][T11936] loop5: detected capacity change from 0 to 64
[  545.261127][T11928] ntfs3: loop0: no free space to extend mft
[  547.424999][T11955] loop4: detected capacity change from 0 to 512
[  547.425585][T11954] loop5: detected capacity change from 0 to 1024
[  547.751332][T11955] x_tables: ip_tables: tcp match: only valid for protocol 6
[  547.752488][T11954] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  548.354573][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  548.460371][T11985] 9pnet_fd: Insufficient options for proto=fd
[  548.558677][T11990] loop5: detected capacity change from 0 to 2048
[  548.611021][T11990] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  548.869110][T11995] loop3: detected capacity change from 0 to 2048
[  548.893906][T11995] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  549.319559][T11995] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  549.607163][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  550.183981][T12016] loop3: detected capacity change from 0 to 1024
[  550.257273][T12016] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  550.330447][T12016] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2600'.
[  550.746178][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  550.848958][T12034] 9pnet_fd: Insufficient options for proto=fd
[  551.098850][T12041] loop4: detected capacity change from 0 to 64
[  552.114710][T12052] futex_wake_op: syz.4.2611 tries to shift op by -1; fix this program
[  552.201875][T12055] loop4: detected capacity change from 0 to 512
[  552.239563][T12056] loop3: detected capacity change from 0 to 1024
[  552.323638][T12056] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  552.337582][T12064] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  552.339209][T12055] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  552.363598][T12055] ext4 filesystem being mounted at /514/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  552.404003][T12056] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2613'.
[  552.432590][   T27] audit: type=1800 audit(1743305494.135:1064): pid=12052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2611" name="file1" dev="loop4" ino=15 res=0 errno=0
[  552.440472][T12052] hub 2-0:1.0: USB hub found
[  552.460106][T12065] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  552.503219][   T27] audit: type=1800 audit(1743305494.135:1065): pid=12052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2611" name="file2" dev="loop4" ino=16 res=0 errno=0
[  552.519526][T12052] hub 2-0:1.0: 1 port detected
[  552.529445][T12055] netlink: 'syz.4.2611': attribute type 15 has an invalid length.
[  552.579876][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  552.653817][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  555.322753][T12096] loop0: detected capacity change from 0 to 64
[  555.446706][T12091] loop4: detected capacity change from 0 to 32768
[  555.455762][T12091] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.2621 (12091)
[  555.521902][T12091] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  555.560022][T12091] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  555.583812][T12091] BTRFS info (device loop4): using free space tree
[  555.672138][T12107] loop0: detected capacity change from 0 to 1024
[  555.878708][T12091] BTRFS info (device loop4): enabling ssd optimizations
[  555.927500][T12128] futex_wake_op: syz.3.2627 tries to shift op by -1; fix this program
[  555.944688][T12107] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  555.976238][T12128] loop3: detected capacity change from 0 to 512
[  555.989582][T12091] sp0: Synchronizing with TNC
[  556.011424][T12091] sp0: Found TNC
[  556.024261][T12128] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  556.043178][T12128] ext4 filesystem being mounted at /514/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  556.072915][   T27] audit: type=1800 audit(1743305497.775:1066): pid=12128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2627" name="file1" dev="loop3" ino=15 res=0 errno=0
[  556.103885][T12128] hub 2-0:1.0: USB hub found
[  556.112343][T12128] hub 2-0:1.0: 1 port detected
[  556.130272][T12128] netlink: 'syz.3.2627': attribute type 15 has an invalid length.
[  556.147542][   T27] audit: type=1800 audit(1743305497.805:1067): pid=12128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2627" name="file2" dev="loop3" ino=16 res=0 errno=0
[  556.189749][ T4258] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  556.205552][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  556.696617][T12145] hub 9-0:1.0: USB hub found
[  556.702241][T12145] hub 9-0:1.0: 1 port detected
[  557.487415][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  557.555486][T12153] loop3: detected capacity change from 0 to 64
[  557.708829][T12156] loop4: detected capacity change from 0 to 512
[  558.786789][T12166] x_tables: ip_tables: tcp match: only valid for protocol 6
[  560.874510][T12181] loop5: detected capacity change from 0 to 64
[  560.877342][T12179] futex_wake_op: syz.4.2642 tries to shift op by -1; fix this program
[  560.900328][T12181] hfs: dir_umask requires a value
[  560.928865][T12181] hfs: unable to parse mount options
[  560.954919][T12179] loop4: detected capacity change from 0 to 512
[  561.044077][T12179] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  561.068841][T12179] ext4 filesystem being mounted at /522/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  561.094497][T12195] loop5: detected capacity change from 0 to 8
[  561.111362][   T27] audit: type=1800 audit(1743305502.815:1068): pid=12179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2642" name="file1" dev="loop4" ino=15 res=0 errno=0
[  561.138200][T12179] hub 2-0:1.0: USB hub found
[  561.144108][T12179] hub 2-0:1.0: 1 port detected
[  561.144156][T12195] SQUASHFS error: lzo decompression failed, data probably corrupt
[  561.158957][T12179] netlink: 'syz.4.2642': attribute type 15 has an invalid length.
[  561.167015][T12195] SQUASHFS error: Failed to read block 0x91: -5
[  561.181862][   T27] audit: type=1800 audit(1743305502.845:1069): pid=12179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2642" name="file2" dev="loop4" ino=16 res=0 errno=0
[  561.204076][T12195] SQUASHFS error: Unable to read metadata cache entry [8f]
[  561.218643][T12195] SQUASHFS error: Unable to read inode 0x11f
[  561.234753][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  561.603197][T12204] loop5: detected capacity change from 0 to 256
[  562.740673][T12217] loop0: detected capacity change from 0 to 64
[  562.820692][T12218] loop3: detected capacity change from 0 to 512
[  562.945149][T12218] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2651: inode #1: comm syz.3.2651: iget: illegal inode #
[  563.029375][T12218] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2651: error while reading EA inode 1 err=-117
[  563.042819][T12218] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2651: inode #1: comm syz.3.2651: iget: illegal inode #
[  563.086424][T12218] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2651: error while reading EA inode 1 err=-117
[  563.120121][T12218] EXT4-fs (loop3): 1 orphan inode deleted
[  563.142044][T12218] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  564.296377][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  564.444085][T12233] futex_wake_op: syz.3.2656 tries to shift op by -1; fix this program
[  564.460801][T12233] loop3: detected capacity change from 0 to 512
[  564.558137][T12233] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  564.604686][T12233] ext4 filesystem being mounted at /519/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  564.728679][T12233] hub 2-0:1.0: USB hub found
[  564.743298][   T27] audit: type=1800 audit(1743305506.425:1070): pid=12233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2656" name="file1" dev="loop3" ino=15 res=0 errno=0
[  564.798636][T12233] hub 2-0:1.0: 1 port detected
[  564.837115][T12240] netlink: 'syz.3.2656': attribute type 15 has an invalid length.
[  564.873771][   T27] audit: type=1800 audit(1743305506.425:1071): pid=12233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2656" name="file2" dev="loop3" ino=16 res=0 errno=0
[  565.019891][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  565.293891][T12246] loop4: detected capacity change from 0 to 1024
[  565.373962][T12246] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  565.427747][T12255] loop3: detected capacity change from 0 to 47
[  565.497144][T12255] loop3: detected capacity change from 0 to 1024
[  566.262441][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  566.430501][T12265] loop4: detected capacity change from 0 to 512
[  566.863666][T12269] x_tables: ip_tables: tcp match: only valid for protocol 6
[  567.626455][T12275] loop5: detected capacity change from 0 to 64
[  567.674107][T12277] loop4: detected capacity change from 0 to 512
[  567.709286][T12277] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  567.756978][T12277] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.2667: casefold flag without casefold feature
[  567.805051][T12277] EXT4-fs (loop4): Remounting filesystem read-only
[  567.831011][T12277] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.2667: couldn't read orphan inode 15 (err -117)
[  568.290949][T12277] EXT4-fs (loop4): Remounting filesystem read-only
[  568.320004][T12277] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  568.684011][T12289] EXT4-fs error (device loop4): ext4_add_entry:2486: inode #2: comm syz.4.2667: Directory hole found for htree leaf block 0
[  568.785613][T12289] EXT4-fs (loop4): Remounting filesystem read-only
[  569.113579][T12289] EXT4-fs error (device loop4): ext4_add_entry:2486: inode #2: comm syz.4.2667: Directory hole found for htree leaf block 0
[  569.130659][T12289] EXT4-fs (loop4): Remounting filesystem read-only
[  569.160430][T12293] futex_wake_op: syz.5.2669 tries to shift op by -1; fix this program
[  569.267127][T12293] loop5: detected capacity change from 0 to 512
[  569.385534][T12293] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  569.431104][T12293] ext4 filesystem being mounted at /465/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  569.489518][T12299] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2670'.
[  569.529307][   T27] audit: type=1800 audit(1743305511.235:1072): pid=12293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2669" name="file1" dev="loop5" ino=15 res=0 errno=0
[  569.587450][T12293] hub 2-0:1.0: USB hub found
[  569.612719][T12293] hub 2-0:1.0: 1 port detected
[  569.642898][   T27] audit: type=1800 audit(1743305511.255:1073): pid=12293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2669" name="file2" dev="loop5" ino=16 res=0 errno=0
[  569.702017][T12293] netlink: 'syz.5.2669': attribute type 15 has an invalid length.
[  569.904072][ T4903] EXT4-fs (loop5): unmounting filesystem.
[  570.030443][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  570.441968][T12315] loop4: detected capacity change from 0 to 1024
[  570.516542][T12315] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  571.035148][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  571.052390][T12324] loop3: detected capacity change from 0 to 128
[  571.078383][T12324] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  571.124451][T12326] loop5: detected capacity change from 0 to 512
[  571.167137][ T4522] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  571.441024][T12329] x_tables: ip_tables: tcp match: only valid for protocol 6
[  572.526447][T12342] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2681'.
[  572.588160][T12344] futex_wake_op: syz.3.2682 tries to shift op by -1; fix this program
[  572.667116][T12344] loop3: detected capacity change from 0 to 512
[  572.735350][T12344] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  572.754695][T12344] ext4 filesystem being mounted at /525/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  572.770769][T12351] syz.4.2684[12351] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  572.770874][T12351] syz.4.2684[12351] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  572.799736][   T27] audit: type=1800 audit(1743305514.505:1074): pid=12344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2682" name="file1" dev="loop3" ino=15 res=0 errno=0
[  572.840356][T12344] hub 2-0:1.0: USB hub found
[  572.845647][T12344] hub 2-0:1.0: 1 port detected
[  572.852565][T12344] netlink: 'syz.3.2682': attribute type 15 has an invalid length.
[  572.900003][   T27] audit: type=1800 audit(1743305514.545:1075): pid=12344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2682" name="file2" dev="loop3" ino=16 res=0 errno=0
[  572.903538][ T4263] EXT4-fs (loop3): unmounting filesystem.
[  573.341444][T12360] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  573.403734][T12361] loop3: detected capacity change from 0 to 47
[  573.775176][T12359] loop3: detected capacity change from 0 to 1024
[  576.301944][T12387] loop3: detected capacity change from 0 to 8
[  576.340138][T12387] SQUASHFS error: lzo decompression failed, data probably corrupt
[  576.366840][T12387] SQUASHFS error: Failed to read block 0x91: -5
[  576.383289][T12387] SQUASHFS error: Unable to read metadata cache entry [8f]
[  576.413869][T12387] SQUASHFS error: Unable to read inode 0x11f
[  576.433483][T12392] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2695'.
[  576.587986][T12394] futex_wake_op: syz.2.2696 tries to shift op by -1; fix this program
[  576.640634][T12396] netlink: 'syz.4.2697': attribute type 7 has an invalid length.
[  576.719468][T12396] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2697'.
[  576.774536][T12394] netlink: 'syz.2.2696': attribute type 15 has an invalid length.
[  577.683932][T12405] loop3: detected capacity change from 0 to 256
[  578.051829][T12409] loop4: detected capacity change from 0 to 47
[  578.070248][T12412] loop0: detected capacity change from 0 to 256
[  578.116670][T12409] loop4: detected capacity change from 0 to 1024
[  578.799688][T12424] hub 6-0:1.0: USB hub found
[  578.805293][T12424] hub 6-0:1.0: 1 port detected
[  581.400607][T12440] Invalid ELF header magic: != ELF
[  583.289448][T12452] loop3: detected capacity change from 0 to 47
[  583.406777][T12452] loop3: detected capacity change from 0 to 1024
[  584.191218][T12463] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2716'.
[  584.657931][T12478] loop4: detected capacity change from 0 to 512
[  584.706735][T12482] loop3: detected capacity change from 0 to 8
[  584.719294][T12456] loop0: detected capacity change from 0 to 40427
[  584.735174][T12478] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  584.750888][T12482] SQUASHFS error: lzo decompression failed, data probably corrupt
[  584.760234][T12456] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x5
[  584.771242][T12456] ================================================================================
[  584.775361][T12482] SQUASHFS error: Failed to read block 0x91: -5
[  584.781770][T12456] UBSAN: shift-out-of-bounds in fs/f2fs/super.c:919:5
[  584.794817][T12456] shift exponent 75 is too large for 64-bit type 'unsigned long'
[  584.802577][T12456] CPU: 1 PID: 12456 Comm: syz.0.2711 Not tainted 6.1.132-syzkaller #0
[  584.807911][T12478] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.2721: iget: bad extended attribute block 512
[  584.810739][T12456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  584.833506][T12456] Call Trace:
[  584.836815][T12456]  <TASK>
[  584.837069][T12482] SQUASHFS error: Unable to read metadata cache entry [8f]
[  584.839751][T12456]  dump_stack_lvl+0x1e3/0x2cb
[  584.851683][T12456]  ? nf_tcp_handle_invalid+0x647/0x647
[  584.857180][T12456]  ? panic+0x764/0x764
[  584.859950][T12482] SQUASHFS error: Unable to read inode 0x11f
[  584.861267][T12456]  ? lockdep_hardirqs_on+0x94/0x130
[  584.872502][T12456]  ? __kmem_cache_free+0x25c/0x3c0
[  584.877664][T12456]  __ubsan_handle_shift_out_of_bounds+0x3bf/0x420
[  584.884149][T12456]  parse_options+0x4ad6/0x4ae0
[  584.888957][T12456]  ? kasan_set_track+0x60/0x70
[  584.893759][T12456]  ? kasan_set_track+0x4b/0x70
[  584.898565][T12456]  ? f2fs_fill_super+0x2353/0x6d90
[  584.903754][T12456]  ? default_options+0xa60/0xa60
[  584.908748][T12456]  ? f2fs_fill_super+0x2353/0x6d90
[  584.913914][T12456]  ? rcu_is_watching+0x11/0xb0
[  584.918709][T12456]  ? f2fs_fill_super+0x2353/0x6d90
[  584.923871][T12456]  ? kstrdup+0x51/0x70
[  584.927977][T12456]  ? memcpy+0x3c/0x60
[  584.932003][T12456]  f2fs_fill_super+0x237f/0x6d90
[  584.937035][T12456]  ? kill_f2fs_super+0x3c0/0x3c0
[  584.942031][T12456]  ? set_blocksize+0x1c6/0x350
[  584.946853][T12456]  mount_bdev+0x2c9/0x3f0
[  584.951231][T12456]  ? kill_f2fs_super+0x3c0/0x3c0
[  584.956230][T12456]  legacy_get_tree+0xeb/0x180
[  584.960943][T12456]  ? trace_raw_output_f2fs__rw_end+0x110/0x110
[  584.967151][T12456]  vfs_get_tree+0x88/0x270
[  584.971625][T12456]  do_new_mount+0x2ba/0xb40
[  584.976177][T12456]  ? ns_capable+0x85/0xe0
[  584.980553][T12456]  ? do_move_mount_old+0x160/0x160
[  584.985722][T12456]  __se_sys_mount+0x2d5/0x3c0
[  584.990447][T12456]  ? __x64_sys_mount+0xc0/0xc0
[  584.995261][T12456]  ? syscall_enter_from_user_mode+0x2e/0x230
[  585.001276][T12456]  ? lockdep_hardirqs_on+0x94/0x130
[  585.006513][T12456]  ? __x64_sys_mount+0x1c/0xc0
[  585.011321][T12456]  do_syscall_64+0x3b/0xb0
[  585.015765][T12456]  ? clear_bhb_loop+0x45/0xa0
[  585.020483][T12456]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  585.026408][T12456] RIP: 0033:0x7f189f58e90a
[  585.030869][T12456] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  585.050512][T12456] RSP: 002b:00007f18a049de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  585.058960][T12456] RAX: ffffffffffffffda RBX: 00007f18a049def0 RCX: 00007f189f58e90a
[  585.066961][T12456] RDX: 0000200000000240 RSI: 00002000000000c0 RDI: 00007f18a049deb0
[  585.074969][T12456] RBP: 0000200000000240 R08: 00007f18a049def0 R09: 0000000000000000
[  585.082971][T12456] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000000c0
[  585.089874][T12478] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.2721: couldn't read orphan inode 15 (err -117)
[  585.090951][T12456] R13: 00007f18a049deb0 R14: 0000000000005505 R15: 00002000000006c0
[  585.110778][T12456]  </TASK>
[  585.113771][T12478] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  585.123281][T12456] ================================================================================
[  585.140422][T12456] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  585.147665][T12456] CPU: 1 PID: 12456 Comm: syz.0.2711 Not tainted 6.1.132-syzkaller #0
[  585.155845][T12456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  585.165928][T12456] Call Trace:
[  585.169229][T12456]  <TASK>
[  585.172183][T12456]  dump_stack_lvl+0x1e3/0x2cb
[  585.176895][T12456]  ? nf_tcp_handle_invalid+0x647/0x647
[  585.182381][T12456]  ? panic+0x764/0x764
[  585.186487][T12456]  ? vscnprintf+0x59/0x80
[  585.190851][T12456]  panic+0x318/0x764
[  585.194783][T12456]  ? check_panic_on_warn+0x1d/0xa0
[  585.199923][T12456]  ? memcpy_page_flushcache+0xfc/0xfc
[  585.205324][T12456]  ? dump_stack_lvl+0x24f/0x2cb
[  585.210201][T12456]  ? lockdep_hardirqs_on+0x94/0x130
[  585.215439][T12456]  check_panic_on_warn+0x7e/0xa0
[  585.220407][T12456]  __ubsan_handle_shift_out_of_bounds+0x3de/0x420
[  585.226889][T12456]  parse_options+0x4ad6/0x4ae0
[  585.231690][T12456]  ? kasan_set_track+0x60/0x70
[  585.236478][T12456]  ? kasan_set_track+0x4b/0x70
[  585.241284][T12456]  ? f2fs_fill_super+0x2353/0x6d90
[  585.246463][T12456]  ? default_options+0xa60/0xa60
[  585.251453][T12456]  ? f2fs_fill_super+0x2353/0x6d90
[  585.256598][T12456]  ? rcu_is_watching+0x11/0xb0
[  585.261388][T12456]  ? f2fs_fill_super+0x2353/0x6d90
[  585.266537][T12456]  ? kstrdup+0x51/0x70
[  585.270636][T12456]  ? memcpy+0x3c/0x60
[  585.274650][T12456]  f2fs_fill_super+0x237f/0x6d90
[  585.279671][T12456]  ? kill_f2fs_super+0x3c0/0x3c0
[  585.284652][T12456]  ? set_blocksize+0x1c6/0x350
[  585.289458][T12456]  mount_bdev+0x2c9/0x3f0
[  585.293822][T12456]  ? kill_f2fs_super+0x3c0/0x3c0
[  585.298795][T12456]  legacy_get_tree+0xeb/0x180
[  585.303496][T12456]  ? trace_raw_output_f2fs__rw_end+0x110/0x110
[  585.309692][T12456]  vfs_get_tree+0x88/0x270
[  585.314153][T12456]  do_new_mount+0x2ba/0xb40
[  585.318688][T12456]  ? ns_capable+0x85/0xe0
[  585.323056][T12456]  ? do_move_mount_old+0x160/0x160
[  585.324088][T12478] EXT4-fs (loop4): unmounting filesystem.
[  585.333936][T12456]  __se_sys_mount+0x2d5/0x3c0
[  585.338660][T12456]  ? __x64_sys_mount+0xc0/0xc0
[  585.343466][T12456]  ? syscall_enter_from_user_mode+0x2e/0x230
[  585.349481][T12456]  ? lockdep_hardirqs_on+0x94/0x130
[  585.354714][T12456]  ? __x64_sys_mount+0x1c/0xc0
[  585.359521][T12456]  do_syscall_64+0x3b/0xb0
[  585.363961][T12456]  ? clear_bhb_loop+0x45/0xa0
[  585.368704][T12456]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  585.374638][T12456] RIP: 0033:0x7f189f58e90a
[  585.379080][T12456] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  585.398719][T12456] RSP: 002b:00007f18a049de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  585.407182][T12456] RAX: ffffffffffffffda RBX: 00007f18a049def0 RCX: 00007f189f58e90a
[  585.415203][T12456] RDX: 0000200000000240 RSI: 00002000000000c0 RDI: 00007f18a049deb0
[  585.423235][T12456] RBP: 0000200000000240 R08: 00007f18a049def0 R09: 0000000000000000
[  585.431232][T12456] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000000c0
[  585.439228][T12456] R13: 00007f18a049deb0 R14: 0000000000005505 R15: 00002000000006c0
[  585.447245][T12456]  </TASK>
[  585.450576][T12456] Kernel Offset: disabled
[  585.454990][T12456] Rebooting in 86400 seconds..