last executing test programs:

17.58504069s ago: executing program 2 (id=644):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x294ef98252e47195, 0x31, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @b}})
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080))

16.808111341s ago: executing program 2 (id=650):
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0100feffffff00000000050000001800018014"], 0x2c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x5c, 0x24, 0x400, 0x70bd2d, 0x25dfdbff, {0xf}, [@generic="cdb63dde", @generic="be6f253e09a0eb17bd188546d87c54b5dc549a66062c0d5fc1d0279786cda6059afb1cf5568eb76361e6c8306cee7d91287c2768e08f332640cbcd4dc952896999"]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000090}, 0x20000000)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x4e21, 0x0, @empty, 0x8}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000000000000a00000000000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x190)

16.342731655s ago: executing program 2 (id=651):
r0 = inotify_init1(0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000040)='./file0\x00', 0xd0000121)
inotify_add_watch(r0, &(0x7f00000000c0)='.\x00', 0xa4000061)
open(&(0x7f0000000000)='./file0\x00', 0x100000, 0xa0)

16.246351771s ago: executing program 2 (id=654):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000100), 0x1, 0x599, &(0x7f0000000540)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r0 = syz_io_uring_setup(0x49b, &(0x7f0000000000)={0x0, 0xf62c, 0x1, 0x3, 0x37d}, &(0x7f0000001e40)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

15.666116875s ago: executing program 2 (id=663):
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x381, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x5032})
io_setup(0x11, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000006c0)=[&(0x7f00000000c0)={0x20000000, 0x0, 0x7, 0x8, 0x0, r0, &(0x7f0000000080)='\x00', 0x1}])

13.44918948s ago: executing program 2 (id=679):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x0, 0x0, {@in6_addr=@mcast1}}}]}, 0x38}}, 0x0)

12.867605418s ago: executing program 32 (id=679):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x0, 0x0, {@in6_addr=@mcast1}}}]}, 0x38}}, 0x0)

12.262335579s ago: executing program 1 (id=692):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x400000001e1101, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0x4148, 0x0)

9.420833464s ago: executing program 4 (id=713):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000340)={0x14, r3, 0x70d, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)

9.242183981s ago: executing program 4 (id=715):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r0, r0, 0x2e}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

9.040800504s ago: executing program 4 (id=718):
openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @local=@item_4={0x3, 0x2, 0x0, "45501821"}, @global=@item_012={0x1, 0x1, 0x9, "f5"}, @global=@item_012={0x1, 0x1, 0x7, "84"}, @main=@item_4={0x3, 0x0, 0xb, "9e3ce079"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f0000000040)={0x3, 0x100, 0x7})
ioctl$HIDIOCGSTRING(r1, 0x81044804, 0x0)

9.001657872s ago: executing program 1 (id=719):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x7}, 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000300)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14)
syz_emit_ethernet(0x3e, &(0x7f0000000240)=ANY=[], 0x0)

8.871785187s ago: executing program 1 (id=720):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0xe41, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x21a8f5, 0x0)

5.852713185s ago: executing program 4 (id=734):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = open(&(0x7f0000000340)='./file1\x00', 0x4000, 0x0)
preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)

4.51080934s ago: executing program 4 (id=739):
syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000440)='./file0\x00', 0x2008410, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES64], 0x1, 0x553d, &(0x7f00000024c0)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcsW/cVBgA8O9850tbQISAMgRQkRhgocm1tHSEARQx8CcgRemlBK4U2gy0ikBZYEKZuyAYEUICha3/Q+dG6lK2DhmCxAyyz07dNlJOUbBN8/tJz+/z1fX73rtTlC/PCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ2nkvXkmKuJsdpsdx+drd3fXlrN9+rM/c3rw3l7Us7hw00HfvHn3y7fZq9eT0bOXkm/qTAQAA4HjolvV9RNxPtxazPpnO6/+0vCar+X98bhyX9fzjdf/27vqJ4p/myvr/j98fvLQ30PR4nOymK6uj4cKTqfT+oym23vMHXtHLVz7/2Us3f0OSDzde3Enz9ex8f+fO+/08nKojWwDgMM6UfRGU3w9l/aDJxAA4NnqVwrus/7vTzeYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUIedjXimjDsRMdd7GGe2d9eX9+tvb96bK9uFW7c2q/fMbpFGxMrqaJjWOJe2u37j5mdLo9HwWv3B6Yg45H+fioijSePjCa45aKzi4xkNrOGBQacdaTQaJMX705Z8jjIoP3tHf+eGviABAPDUSouW1fX3063F7LXOTMQ/Pz1a/79RiWPC+v/BJxfuVseq1v+D2mbYfvNrV76Yv37j5lurV5YuDy8PP3/77OCdwbmL589fnM/WamF+JZLhQtNpAgAA8D/WL1q1/k9mntz/P1WJY8L6/8sfBl9Xx+qq//f1cNOv6UwAAACOo/5e9MJrf//V2eeKTr8fXy2trV0bjI9752fHx1rTPaSpolXr/+5M01kBAAAAddjZ6Dyy/3+pEseE+//P/vzyr9V7diPiZMTViBieWb46ulTfdFqtjl9UzgfqNz1TAAAAmnKyaNX9/zR//j/Ze+QhiYg3Xx/H5d+6mqT+737w7S/VsarP/5+rb4qtlMyO1yPvZyN6s01nBAAAwNPsRNGyYv/PdGvx099OfdT3/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4NAAD//1a+NFg=")
lsetxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0, 0x1)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000040)='system.posix_acl_access\x00', 0x0, 0x1c, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0)
pwritev(r0, &(0x7f0000000340)=[{0x0}, {&(0x7f00000002c0)="2d02", 0x2}], 0x2, 0x3, 0x0)

4.283799019s ago: executing program 1 (id=740):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0xc000001)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000200)=@gcm_256={{0x303, 0x36}, "f1ff5ef2fe299917", "9e8ecc7bb5352776725f1047711330ff2bb17b5508000000000000009bc400", '\\]?\x00'}, 0x38)

3.809322024s ago: executing program 3 (id=744):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000d80)="bc14", 0x2}], 0x1, 0x0, 0x0, 0x4000010}, 0x20004011)
recvmsg$unix(r1, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40002002)

3.514093079s ago: executing program 1 (id=746):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000180)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)

3.433282694s ago: executing program 0 (id=748):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000000f00000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x1, 0x8, 0xb}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r2, r1, 0x7}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r2, &(0x7f00000003c0), &(0x7f0000000000)=@tcp6=r0}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)

3.282611979s ago: executing program 1 (id=749):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000200000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.100710811s ago: executing program 0 (id=750):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@mcast1, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}}, {{@in=@dev, 0x0, 0x32}, 0x0, @in=@remote, 0x0, 0x4}}, 0xe8)
connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x28, r3, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14}]}, 0x28}}, 0x0)

2.805188071s ago: executing program 0 (id=752):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xe099, 0x0, 0x1, 0xb5}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)

2.694911562s ago: executing program 6 (id=681):
syz_clone3(&(0x7f0000000100)={0x801400, &(0x7f00000000c0)=<r0=>0xffffffffffffffff, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r1)
r2 = eventfd(0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
write$eventfd(r2, &(0x7f0000000a80)=0x7, 0x8)

2.57263255s ago: executing program 5 (id=753):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x3f}]}}}]}, 0x40}}, 0x0)
sendto$packet(r0, &(0x7f0000000000)='1', 0x1, 0x40081, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x4, 0x6, @local}, 0x14)

2.337727954s ago: executing program 0 (id=754):
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
symlinkat(&(0x7f0000000080)='./file0\x00', r2, &(0x7f00000000c0)='./file0\x00')
unlinkat(r2, &(0x7f0000000040)='./file0\x00', 0x0)

2.160024104s ago: executing program 6 (id=755):
creat(&(0x7f0000000140)='./file0\x00', 0x8)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0x6f, 0x0, 0x0, 0x803}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl,debug=0x0000000000000006,aname=,nodevmap'])

2.036911841s ago: executing program 4 (id=756):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000640)=ANY=[], 0x0, 0x251, &(0x7f0000000e80)="$eJzs3cFqE1sYB/BvkrRN710ki7u6XLgDunBV2j5BilQQu1KyUBdabAuShIKFQKsYuvIJfBKfw41v4AMI3emiMDKZtGlhrBaTptTfb9OPmfM/55vphKzm5Pl/vc7W7t7O4ZvPUa8nUWlFKzmKaEYlcgsBANw037IsjrLC5ZK1yrR6AgCm6xe//xevsCUAYMoePX7yYG1jY/1hmtYjeu/67SSKv8X5tZ14Gd3YjuVoxHFEdqqo793fWI9ammvG7d6g386TvWcfR/OvfYkY5leiEc3y/EpaOJMf9Ntz8ddo/VaeX41G/FOeXy3JR3s+7tw60/9SNOLTi9iNbmxFnh3n366k6d3s/dfXT/OO83wy6LcXhuPGsuqV/3MAAAAAAAAAAAAAAAAAAAAAALixltI0TbPsQ5Zl2eDc/jvV4+H5pfRE8/z+PEW+ZH+g6nCuM/vrLOdLJMX4cb4W/9aiNstrBwAAAAAAAAAAAAAAAAAAgOtib/+gs9ntbr+aaHHyWv/kZ/7dIqqj1rpJxDXoZ1gs5v1MbsLaBXf+/7jkWq1Lrh6V/YPOydPV2UziJ6n6lB6SrOQmVH+Ymp/Q6vN/T/YqkoiYO72ZFw2uxNyEPykAAAAAAAAAAAAAAAAAAMAVG7/0W3LycAYNAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAMjH//vyiS0fHxkZJiMBp00ZhREfUZXhwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/jO8BAAD//+d1c0M=")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x1f8, 0x110, 0x110, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@arp={@local, @rand_addr=0x64010100, 0x0, 0x0, 0x0, 0x0, {@empty, {[0x0, 0x0, 0xff]}}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'pimreg1\x00'}, 0xc0, 0x130}, @mangle={0x0, 'mangle\x00', 0x0, {@mac, @empty, @multicast1, @loopback, 0x8, 0xffffffff}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, {@empty, {[0x0, 0xff]}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@arp={@private=0xa010100, @remote, 0xff, 0xffffff, 0xc, 0xe, {@empty, {[0xff, 0x0, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0x0, 0xff, 0xff, 0xff, 0xff]}}, 0x2, 0x3, 0x5, 0x1, 0x7, 0x2000, 'veth1_macvtap\x00', 'veth0_virt_wifi\x00', {}, {0xff}, 0x0, 0x1}, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x0, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x27f)

2.034803836s ago: executing program 5 (id=757):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffff}}, 0x0}, 0x94)
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x217e, 0x4)
r1 = dup2(r0, r0)
write$tun(r1, &(0x7f0000000040)=ANY=[@ANYRES64, @ANYRES8], 0x46)
recvmmsg(r1, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2000, 0x0)

2.013431862s ago: executing program 3 (id=758):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000240)={[{@nombcache}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@grpjquota}, {}]}, 0x0, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0/../file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
truncate(&(0x7f0000000040)='./file2\x00', 0x81c00)

1.88112258s ago: executing program 0 (id=759):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f0000000180)=0x8, 0x4)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x40010002, 0x0)

1.683095295s ago: executing program 6 (id=760):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xcd1d, 0x10100, 0x1}, &(0x7f0000000000)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x20, 0x0, @fd_index=0x5, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
io_uring_enter(r0, 0x26c3, 0xdffffffb, 0x4c, 0x0, 0x0)

1.622297565s ago: executing program 5 (id=761):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd28, 0x4, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0x1, 0xfff1}, {0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x200080d0}, 0x20000800)

1.589318475s ago: executing program 0 (id=762):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$EVIOCGMASK(r0, 0x80104592, 0x0)

1.264363471s ago: executing program 3 (id=763):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x3, 0x25, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x21}, 0x94)
close(r0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000001100)={0x0, <r2=>0x0}, 0x8)
r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000040)=r2, 0x4)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000440)={r3, r1}, 0xc)

1.052185756s ago: executing program 6 (id=764):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e06bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b27663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3800000000000000009c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488a0200000000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e4a59414329a7c7f2fad6bc871f5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561fe589e0d12969bc982ff3f0000006c0c6c747d9a1cc500bb89283a16ff10feea20bdac0000000000000000ca06f256a55591019465f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ee40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a3dc4e97f7fda840bcdd3afaa0d7c3c229de4f0f4ac4d04f1a4e52e38325ca2e5f1f9caaa7234053eca09ec3c8c16940bc3edfb2e016f355391c0e7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141604089f034d2f87e5440c05ab845013f2325f1a39018603038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x5}, 0x1c)
syz_emit_ethernet(0x52, &(0x7f0000000840)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @local, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x18, 0x11, 0x1, @remote, @mcast2, {[], {0x4e20, 0xe22, 0x18, 0x0, @wg=@data={0x4, 0xf, 0x6}}}}}}}, 0x0)

980.432209ms ago: executing program 5 (id=765):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x3, 0x0, &(0x7f0000000080))
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000200)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8, 0x0, 0x10000, 0x0, 0x4})

827.639223ms ago: executing program 3 (id=766):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
close(0x3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

602.272963ms ago: executing program 5 (id=767):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={0x0, 0xf4}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x4c, 0x10, 0xffffff1f, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x34080}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6, 0x3, 0xa6}, @IFLA_GRE_REMOTE={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x28}}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x4c}}, 0x0)

562.608374ms ago: executing program 3 (id=768):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0xe, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x24, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x2}]}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x800)

480.629782ms ago: executing program 6 (id=769):
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000000), 0x4240a2a0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
splice(r0, 0x0, r3, 0x0, 0x20000000c, 0x0)

205.344844ms ago: executing program 6 (id=770):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
ioctl$NBD_DO_IT(r0, 0xab03)
ioctl$NBD_CLEAR_SOCK(r0, 0xab04)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r2, 0xffffffffffffffff, 0x0)

135.649992ms ago: executing program 3 (id=771):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000001800)='_', 0x1}], 0x1}, 0x4000000)
setsockopt$sock_attach_bpf(r0, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x100000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0xe}, {0x0, 0xffe0}}}, 0x24}}, 0x0)

0s ago: executing program 5 (id=772):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xaa, 0x1881)
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000380)='./file0\x00', 0x800000, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRES8=0x0, @ANYRES8=0x0, @ANYRES16, @ANYRES16, @ANYRES8], 0x0, 0x1cc, &(0x7f0000000700)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF1xS3vdmlN+Z0566motk2VmaPXUlkcWk0vtMXKTXMwjwcwQmnpkUbEQQ3ZiTk5qUTELQ8Wtv////z/BwHLd/ppKswSnwx95DockTQcdpiM+HlkzGks4J0lpirGxZSqcPfNBfh2bxhGGRyuYN9Z55jXWFaZOzWvIS6rKqsqaN3HixpmNnY2NKyfWRaX5rWJsSXHZ1NTJyOSwRU1gM7Oh+iQb7Qnv2lc9THJg7fHwaz5lrPQ6lfmS8cIiqVMrqmZO+KI0m9HwO8MdnrIVEhoaThJXJCwaTBg//P/fwAL1e5pCGGOSGptY25Yzc0KY+dncFii0JJ9gCj3KsXSmhMUBoaqTPy013zokus3Y9tSB7QzP4eM8awr6BI2OSzA4LRT8L8NQcSs5oaGhTGMt01LbBV+KNP5KeK02dspgcLdnWgYLUJYGELkSypMF60lIXuGho6lplJKc0LBJIiHJrcDwJcPWPbC4gkWbCgMDw3ZGWNxCwDVGhlEwCkbBKBgFo2AUjIJRMApGwSgYBSMIAAIAAP//BwaXcw==")
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000080)=0x4)
r2 = inotify_init1(0x0)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x400, &(0x7f0000002980)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x4, 'syz0\x00'}, 0x5, 0x31, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.102' (ED25519) to the list of known hosts.
[  102.536490][ T5828] cgroup: Unknown subsys name 'net'
[  102.658296][ T5828] cgroup: Unknown subsys name 'cpuset'
[  102.668786][ T5828] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  104.442415][ T5828] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  107.516115][ T5856] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  107.526839][ T5856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  107.535905][ T5856] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  107.543990][ T5856] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.546297][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  107.551479][ T5856] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  107.559024][ T5857] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  107.566534][ T5856] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  107.572827][ T5857] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.579487][ T5856] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  107.586805][ T5857] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  107.594213][ T5856] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  107.601373][ T5857] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  107.608515][ T5856] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  107.621331][ T5856] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.630117][ T5856] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  107.634861][ T5857] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  107.678610][ T5856] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  107.678861][ T5857] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  107.686438][ T5856] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  107.693144][ T5862] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  107.700682][ T5856] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  107.707234][ T5862] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  107.731184][ T5858] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  107.735373][ T5862] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  107.739756][ T5864] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  107.750345][ T5862] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  107.768918][ T5854] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  107.794897][ T5864] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  107.818264][ T5864] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  108.717078][ T5842] chnl_net:caif_netlink_parms(): no params data found
[  108.783605][ T5853] chnl_net:caif_netlink_parms(): no params data found
[  108.821518][ T5848] chnl_net:caif_netlink_parms(): no params data found
[  108.885205][ T5839] chnl_net:caif_netlink_parms(): no params data found
[  109.054904][ T5841] chnl_net:caif_netlink_parms(): no params data found
[  109.149986][ T5840] chnl_net:caif_netlink_parms(): no params data found
[  109.269939][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.277640][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.285656][ T5842] bridge_slave_0: entered allmulticast mode
[  109.293465][ T5842] bridge_slave_0: entered promiscuous mode
[  109.342470][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.350702][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.358167][ T5853] bridge_slave_0: entered allmulticast mode
[  109.366372][ T5853] bridge_slave_0: entered promiscuous mode
[  109.375839][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.383002][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.390282][ T5853] bridge_slave_1: entered allmulticast mode
[  109.398880][ T5853] bridge_slave_1: entered promiscuous mode
[  109.424464][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.431751][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.439490][ T5842] bridge_slave_1: entered allmulticast mode
[  109.447103][ T5842] bridge_slave_1: entered promiscuous mode
[  109.492522][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.500106][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.507465][ T5848] bridge_slave_0: entered allmulticast mode
[  109.516062][ T5848] bridge_slave_0: entered promiscuous mode
[  109.524864][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.532058][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.539417][ T5848] bridge_slave_1: entered allmulticast mode
[  109.551190][ T5848] bridge_slave_1: entered promiscuous mode
[  109.654521][   T51] Bluetooth: hci0: command tx timeout
[  109.667584][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.674910][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.682102][ T5839] bridge_slave_0: entered allmulticast mode
[  109.690390][ T5839] bridge_slave_0: entered promiscuous mode
[  109.699780][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.707888][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.715379][ T5839] bridge_slave_1: entered allmulticast mode
[  109.723236][ T5839] bridge_slave_1: entered promiscuous mode
[  109.733604][ T5864] Bluetooth: hci5: command tx timeout
[  109.737805][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.739672][   T51] Bluetooth: hci3: command tx timeout
[  109.752954][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.808630][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.822538][ T5864] Bluetooth: hci2: command tx timeout
[  109.824205][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.828415][   T51] Bluetooth: hci4: command tx timeout
[  109.867233][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.878495][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.886517][ T5841] bridge_slave_0: entered allmulticast mode
[  109.893502][   T51] Bluetooth: hci1: command tx timeout
[  109.900118][ T5841] bridge_slave_0: entered promiscuous mode
[  109.919380][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.993227][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.002012][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.009742][ T5841] bridge_slave_1: entered allmulticast mode
[  110.017488][ T5841] bridge_slave_1: entered promiscuous mode
[  110.042216][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.088211][ T5853] team0: Port device team_slave_0 added
[  110.097699][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.110023][ T5842] team0: Port device team_slave_0 added
[  110.120120][ T5842] team0: Port device team_slave_1 added
[  110.174782][ T5853] team0: Port device team_slave_1 added
[  110.185336][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.230502][ T1221] cfg80211: failed to load regulatory.db
[  110.264687][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.271970][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.280179][ T5840] bridge_slave_0: entered allmulticast mode
[  110.289124][ T5840] bridge_slave_0: entered promiscuous mode
[  110.300022][ T5848] team0: Port device team_slave_0 added
[  110.338105][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.345298][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.371462][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.389867][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.400934][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.407947][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.434437][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.446518][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.454371][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.461580][ T5840] bridge_slave_1: entered allmulticast mode
[  110.469881][ T5840] bridge_slave_1: entered promiscuous mode
[  110.478786][ T5848] team0: Port device team_slave_1 added
[  110.504523][ T5839] team0: Port device team_slave_0 added
[  110.513457][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.579604][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.586690][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.614364][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.628010][ T5839] team0: Port device team_slave_1 added
[  110.687675][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.700833][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.742193][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.749601][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.775742][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.817143][ T5841] team0: Port device team_slave_0 added
[  110.826489][ T5841] team0: Port device team_slave_1 added
[  110.849439][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.857209][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.883837][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.897374][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.904412][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.930481][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.958715][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.965810][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.991871][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.062570][ T5840] team0: Port device team_slave_0 added
[  111.072987][ T5840] team0: Port device team_slave_1 added
[  111.093850][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.100840][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.127328][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.139340][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.146860][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.173001][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.240012][ T5842] hsr_slave_0: entered promiscuous mode
[  111.247018][ T5842] hsr_slave_1: entered promiscuous mode
[  111.301040][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.308162][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.334540][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.366641][ T5853] hsr_slave_0: entered promiscuous mode
[  111.373231][ T5853] hsr_slave_1: entered promiscuous mode
[  111.379754][ T5853] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  111.387636][ T5853] Cannot create hsr debugfs directory
[  111.444804][ T5848] hsr_slave_0: entered promiscuous mode
[  111.451374][ T5848] hsr_slave_1: entered promiscuous mode
[  111.458016][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  111.465681][ T5848] Cannot create hsr debugfs directory
[  111.481569][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.488842][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.516691][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.530203][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.537292][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.564340][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.706697][ T5839] hsr_slave_0: entered promiscuous mode
[  111.713391][ T5839] hsr_slave_1: entered promiscuous mode
[  111.719648][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  111.728010][ T5839] Cannot create hsr debugfs directory
[  111.733604][   T51] Bluetooth: hci0: command tx timeout
[  111.814561][ T5864] Bluetooth: hci5: command tx timeout
[  111.818188][ T5841] hsr_slave_0: entered promiscuous mode
[  111.820146][   T51] Bluetooth: hci3: command tx timeout
[  111.826751][ T5841] hsr_slave_1: entered promiscuous mode
[  111.838193][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  111.845867][ T5841] Cannot create hsr debugfs directory
[  111.898574][   T51] Bluetooth: hci4: command tx timeout
[  111.903525][ T5864] Bluetooth: hci2: command tx timeout
[  111.973804][ T5864] Bluetooth: hci1: command tx timeout
[  112.062972][ T5840] hsr_slave_0: entered promiscuous mode
[  112.069692][ T5840] hsr_slave_1: entered promiscuous mode
[  112.076787][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  112.084906][ T5840] Cannot create hsr debugfs directory
[  112.672208][ T5842] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  112.688603][ T5842] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  112.700960][ T5842] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  112.716257][ T5842] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  112.812752][ T5848] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  112.846622][ T5848] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  112.859499][ T5848] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  112.882031][ T5848] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  112.982779][ T5841] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  113.005552][ T5841] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  113.018501][ T5841] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  113.032421][ T5841] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  113.142227][ T5853] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  113.158321][ T5853] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  113.185668][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.197185][ T5853] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  113.208827][ T5853] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  113.298032][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[  113.335057][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.342349][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.368554][ T5839] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  113.389049][ T5839] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  113.406141][ T5839] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  113.421595][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.428868][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.491430][ T5839] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  113.607662][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.639710][ T5840] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  113.674089][ T5840] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  113.718560][ T5840] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  113.738273][ T5840] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  113.755959][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[  113.823588][ T5864] Bluetooth: hci0: command tx timeout
[  113.827273][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.836209][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.871451][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.878754][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.893930][ T5864] Bluetooth: hci3: command tx timeout
[  113.895304][   T51] Bluetooth: hci5: command tx timeout
[  113.975541][   T51] Bluetooth: hci2: command tx timeout
[  113.980994][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.987788][ T5864] Bluetooth: hci4: command tx timeout
[  114.000341][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.054281][   T51] Bluetooth: hci1: command tx timeout
[  114.085476][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[  114.178212][ T4067] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.185443][ T4067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.202488][ T5848] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  114.242444][ T5853] 8021q: adding VLAN 0 to HW filter on device team0
[  114.279661][ T4067] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.287522][ T4067] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.338140][ T4067] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.345447][ T4067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.375974][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.383183][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.471973][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.522418][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.627841][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.680010][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[  114.720035][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.790143][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.797382][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.826476][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.833704][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.870821][ T5840] 8021q: adding VLAN 0 to HW filter on device team0
[  114.967861][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.975091][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.028936][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.036192][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.079858][ T5842] veth0_vlan: entered promiscuous mode
[  115.237236][ T5842] veth1_vlan: entered promiscuous mode
[  115.272638][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.301291][ T5839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  115.567025][ T5842] veth0_macvtap: entered promiscuous mode
[  115.645262][ T5841] veth0_vlan: entered promiscuous mode
[  115.658089][ T5842] veth1_macvtap: entered promiscuous mode
[  115.699702][ T5841] veth1_vlan: entered promiscuous mode
[  115.820869][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.893728][   T51] Bluetooth: hci0: command tx timeout
[  115.899037][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.922545][ T5841] veth0_macvtap: entered promiscuous mode
[  115.973964][   T51] Bluetooth: hci3: command tx timeout
[  115.975724][ T5864] Bluetooth: hci5: command tx timeout
[  115.986697][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.012325][ T5848] veth0_vlan: entered promiscuous mode
[  116.029439][ T5842] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.038654][ T5842] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.047544][ T5842] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.057556][ T5864] Bluetooth: hci4: command tx timeout
[  116.057606][ T5842] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.071868][ T5864] Bluetooth: hci2: command tx timeout
[  116.102518][ T5841] veth1_macvtap: entered promiscuous mode
[  116.124395][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.143487][ T5864] Bluetooth: hci1: command tx timeout
[  116.197158][ T5848] veth1_vlan: entered promiscuous mode
[  116.232104][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.273198][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.313768][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.321729][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.347723][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.392782][ T5853] veth0_vlan: entered promiscuous mode
[  116.452793][ T5841] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.465090][ T5841] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.474357][ T5841] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.483097][ T5841] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.508715][ T5848] veth0_macvtap: entered promiscuous mode
[  116.522749][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.534819][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.563096][ T5848] veth1_macvtap: entered promiscuous mode
[  116.612726][ T5853] veth1_vlan: entered promiscuous mode
[  116.738238][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.779575][ T5840] veth0_vlan: entered promiscuous mode
[  116.796874][ T5842] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  116.841119][ T5840] veth1_vlan: entered promiscuous mode
[  116.896598][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.909461][ T5853] veth0_macvtap: entered promiscuous mode
[  116.977257][ T5853] veth1_macvtap: entered promiscuous mode
[  117.017131][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.036896][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.048885][ T5848] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.066738][ T5848] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.081085][ T5848] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.089990][ T5848] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.195504][ T5990] binder: 5989:5990 ioctl c0306201 0 returned -14
[  117.220055][ T4067] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.229663][ T4067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.286916][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.307023][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.351830][ T5840] veth0_macvtap: entered promiscuous mode
[  117.404173][ T5853] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.412963][ T5853] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.432402][ T5853] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.447593][ T5853] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.472701][ T5839] veth0_vlan: entered promiscuous mode
[  117.492142][ T5840] veth1_macvtap: entered promiscuous mode
[  117.665722][ T5839] veth1_vlan: entered promiscuous mode
[  117.737991][   T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.750581][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.773431][   T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.941247][ T6002] ALSA: seq fatal error: cannot create timer (-16)
[  117.964810][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.983082][ T4067] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.997145][ T5839] veth0_macvtap: entered promiscuous mode
[  118.038558][ T4067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.064860][ T5840] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.081896][ T5840] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.093001][ T5840] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.112491][ T5840] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.194120][ T6006] loop0: detected capacity change from 0 to 2048
[  118.205287][ T5839] veth1_macvtap: entered promiscuous mode
[  118.272850][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.304058][ T6006]  loop0: p1 < > p4
[  118.311345][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.344059][ T6006] loop0: p4 size 722688 extends beyond EOD, truncated
[  118.429342][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[  118.545576][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.580822][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.583820][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.652429][ T5839] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.715182][ T5839] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.758670][ T5839] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.790001][ T5839] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.827464][   T73] Bluetooth: hci6: Frame reassembly failed (-84)
[  118.943201][ T5867] udevd[5867]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  118.956711][ T5860] udevd[5860]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  119.128816][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.174275][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.341503][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.373793][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.426775][    C1] Unknown status report in ack skb
[  119.481181][   T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.510212][   T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.716079][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.754530][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.799776][ T6028] netlink: 'syz.0.19': attribute type 12 has an invalid length.
[  119.833590][ T6028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.19'.
[  119.890695][ T6028] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  119.901272][ T6028] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  119.911573][ T6028] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  119.921199][ T6028] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  119.949203][ T6028] netlink: 'syz.0.19': attribute type 12 has an invalid length.
[  119.968313][ T6033] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  119.973773][ T6028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.19'.
[  119.993237][ T6028] Zero length message leads to an empty skb
[  120.825902][ T6047] loop4: detected capacity change from 0 to 128
[  120.855788][ T5864] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  120.857661][   T51] Bluetooth: hci6: command 0x1003 tx timeout
[  121.024327][ T6047] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  121.104508][ T6047] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  121.233434][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  121.325387][ T6047] fscrypt (loop4, inode 12): Unsupported encryption modes (contents 9, filenames 3)
[  121.440009][    T9] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  121.453316][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.545529][    T9] usb 1-1: config 0 descriptor??
[  121.942325][ T5839] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  122.056894][    T9] elan 0003:04F3:0755.0001: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0
[  122.198529][   T30] audit: type=1326 audit(1753727767.280:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  122.215556][    T9] usb 1-1: USB disconnect, device number 2
[  122.339847][   T30] audit: type=1326 audit(1753727767.300:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  122.427789][   T30] audit: type=1326 audit(1753727767.300:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  122.536276][   T30] audit: type=1326 audit(1753727767.300:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  122.704755][   T30] audit: type=1326 audit(1753727767.300:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  122.783345][   T30] audit: type=1326 audit(1753727767.300:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  122.818420][ T6068] fido_id[6068]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  122.840002][   T30] audit: type=1326 audit(1753727767.300:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  122.915274][   T30] audit: type=1326 audit(1753727767.300:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  123.027397][   T30] audit: type=1326 audit(1753727767.300:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  123.106290][   T30] audit: type=1326 audit(1753727767.300:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dcf8e9a9 code=0x7fc00000
[  123.755486][ T6088] input: syz1 as /devices/virtual/input/input5
[  123.846200][ T6094] loop4: detected capacity change from 0 to 256
[  123.898991][ T6091] loop1: detected capacity change from 0 to 2048
[  123.951566][ T6094] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xcc9b7de9, utbl_chksum : 0xe619d30d)
[  124.031908][ T6091] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  124.274589][ T6099] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  124.577676][ T6105] netlink: 4 bytes leftover after parsing attributes in process `syz.5.48'.
[  124.651681][ T6105] bridge_slave_1: left allmulticast mode
[  124.692398][ T6105] bridge_slave_1: left promiscuous mode
[  124.735886][ T6105] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.911611][ T6105] bridge_slave_0: left allmulticast mode
[  124.975413][ T6105] bridge_slave_0: left promiscuous mode
[  125.023879][ T6105] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.474376][ T6113] loop3: detected capacity change from 0 to 64
[  125.609721][ T6109] loop4: detected capacity change from 0 to 65536
[  125.671967][ T6111] loop1: detected capacity change from 0 to 4096
[  125.721487][ T6109] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  125.757915][ T6111] NILFS (loop1): invalid segment: Checksum error in segment payload
[  125.766386][ T6111] NILFS (loop1): trying rollback from an earlier position
[  125.823772][ T6113] hfs: bad catalog entry type 0
[  125.841223][ T6109] XFS (loop4): Ending clean mount
[  125.843090][ T6111] NILFS (loop1): recovery complete
[  125.873241][ T6109] XFS (loop4): Quotacheck needed: Please wait.
[  125.980430][ T6109] XFS (loop4): Quotacheck: Done.
[  125.999043][ T6126] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  126.199120][ T5839] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  127.009046][ T6042] kernel write not supported for file /sequencer2 (pid: 6042 comm: kworker/1:6)
[  127.221189][ T6140] vlan2: entered allmulticast mode
[  127.260441][ T6140] macvtap0: entered allmulticast mode
[  127.270706][ T6140] veth0_macvtap: entered allmulticast mode
[  127.436261][ T5864] Bluetooth: hci1: ISO packet too small
[  128.252136][ T6165] loop2: detected capacity change from 0 to 1024
[  128.295147][ T6165] =======================================================
[  128.295147][ T6165] WARNING: The mand mount option has been deprecated and
[  128.295147][ T6165]          and is ignored by this kernel. Remove the mand
[  128.295147][ T6165]          option from the mount to silence this warning.
[  128.295147][ T6165] =======================================================
[  128.330091][    C0] vkms_vblank_simulate: vblank timer overrun
[  128.494042][ T6165] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.496478][ T6177] netlink: 12 bytes leftover after parsing attributes in process `syz.5.76'.
[  128.583723][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  128.724461][ T6165] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4112: comm syz.2.73: Allocating blocks 497-513 which overlap fs metadata
[  128.763535][    T9] usb 4-1: Using ep0 maxpacket: 8
[  128.804584][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  128.812350][ T6165] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 3 with error 117
[  128.841644][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  128.880689][ T6165] EXT4-fs (loop2): This should not happen!! Data will be lost
[  128.880689][ T6165] 
[  128.889113][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  128.945454][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  128.970341][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  128.988799][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.091499][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.236926][    T9] usb 4-1: usb_control_msg returned -32
[  129.242842][    T9] usbtmc 4-1:16.0: can't read capabilities
[  130.017261][ T6212] Bluetooth: MGMT ver 1.23
[  130.148160][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  130.303048][ T6222] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  130.319205][    T9] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  130.341060][ T6225] loop5: detected capacity change from 0 to 128
[  130.362144][ T6225] EXT4-fs: Ignoring removed nomblk_io_submit option
[  130.391139][ T6225] EXT4-fs: Ignoring removed nomblk_io_submit option
[  130.394934][    T9] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  130.442926][    T9] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  130.456998][ T6225] EXT4-fs (loop5): Test dummy encryption mode enabled
[  130.480769][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.561333][ T6210] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  130.577627][ T6225] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  130.655258][ T6225] ext4 filesystem being mounted at /18/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  130.676740][    T9] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  130.771276][ T6224] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  130.948398][    T9] usb 1-1: USB disconnect, device number 3
[  131.379427][ T6238] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  131.423590][   T55] usb 4-1: USB disconnect, device number 2
[  131.429488][ T6238] macvtap1: entered promiscuous mode
[  131.430229][ T6238] macvtap1: entered allmulticast mode
[  131.461095][ T6238] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  131.539456][ T6238] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  131.575255][ T6238] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  132.828469][ T6265] loop3: detected capacity change from 0 to 128
[  132.910163][ T6265] EXT4-fs (loop3): Test dummy encryption mode enabled
[  132.982476][ T6265] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.004691][ T6265] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  133.049139][ T6272] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  133.185160][ T6265] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  133.475148][ T6282] netlink: 4 bytes leftover after parsing attributes in process `syz.5.118'.
[  133.655317][ T5853] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.933456][ T6286] netlink: 8 bytes leftover after parsing attributes in process `syz.0.120'.
[  135.002046][ T6284] loop2: detected capacity change from 0 to 32768
[  135.263968][ T6284] JBD2: Ignoring recovery information on journal
[  135.500913][ T6284] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  135.718993][ T6294] loop4: detected capacity change from 0 to 32768
[  135.890915][ T6294] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  136.205086][ T6294] XFS (loop4): Ending clean mount
[  136.240343][ T6294] XFS (loop4): Quotacheck needed: Please wait.
[  136.298719][ T6344] mmap: syz.0.137 (6344) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  136.340314][ T5840] ocfs2: Unmounting device (7,2) on (node local)
[  136.364728][ T6294] XFS (loop4): Quotacheck: Done.
[  136.794823][ T5839] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  137.465753][ T6358] Illegal XDP return value 4290799864 on prog  (id 32) dev N/A, expect packet loss!
[  138.408238][ T6378] process 'syz.3.155' launched './file1' with NULL argv: empty string added
[  138.931180][ T6364] loop4: detected capacity change from 0 to 131072
[  138.973441][ T6364] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0)
[  138.981956][ T6364] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  138.998838][ T6364] F2FS-fs (loop4): invalid crc value
[  139.102108][ T6364] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  139.109451][ T6364] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  139.241815][ T6364] F2FS-fs (loop4): Stopped filesystem due to reason: 0
[  139.438054][ T6398] bond0: entered promiscuous mode
[  139.463381][ T6398] bond_slave_0: entered promiscuous mode
[  139.479221][ T6398] bond_slave_1: entered promiscuous mode
[  139.527357][ T6398] batadv0: entered promiscuous mode
[  139.566778][ T6398] hsr1: entered allmulticast mode
[  139.571907][ T6398] bond0: entered allmulticast mode
[  139.606467][ T6402] fuse: Bad value for 'fd'
[  139.615795][ T6398] bond_slave_0: entered allmulticast mode
[  139.660012][ T6398] bond_slave_1: entered allmulticast mode
[  139.675164][ T6402] ./file0: Can't lookup blockdev
[  139.701320][ T6398] batadv0: entered allmulticast mode
[  139.711540][ T6398] 8021q: adding VLAN 0 to HW filter on device hsr1
[  139.731548][ T6398] bond0: left promiscuous mode
[  139.745455][ T6398] bond_slave_0: left promiscuous mode
[  139.797316][ T6398] bond_slave_1: left promiscuous mode
[  139.873610][ T6398] batadv0: left promiscuous mode
[  140.595803][ T6419] netlink: 'syz.3.171': attribute type 11 has an invalid length.
[  140.633403][ T6419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.171'.
[  140.711890][ T6419] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  140.720748][ T6419] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  140.729606][ T6419] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  140.738383][ T6419] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  140.852182][ T6419] netlink: 'syz.3.171': attribute type 11 has an invalid length.
[  140.874933][ T6419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.171'.
[  141.115470][ T6042] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  141.285439][ T6432] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  141.334010][ T6042] usb 2-1: Using ep0 maxpacket: 8
[  141.385409][ T6042] usb 2-1: config 0 has no interfaces?
[  141.404528][ T6042] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[  141.463348][ T6042] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.522878][ T6042] usb 2-1: Product: syz
[  141.533202][ T6042] usb 2-1: Manufacturer: syz
[  141.548413][ T6042] usb 2-1: SerialNumber: syz
[  141.572078][ T6042] usb 2-1: config 0 descriptor??
[  141.790362][ T6439] loop2: detected capacity change from 0 to 1024
[  141.863396][ T1204] usb 2-1: USB disconnect, device number 2
[  142.103852][ T6439] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.121713][    T0] NOHZ tick-stop error: local softirq work is pending, handler #340!!!
[  142.132372][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  142.331229][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.983748][ T1204] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  144.165436][ T1204] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  144.191655][ T1204] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  144.223095][ T1204] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  144.239439][ T1204] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  144.273726][ T1204] usb 2-1: SerialNumber: syz
[  144.510919][ T1204] usb 2-1: 0:2 : does not exist
[  144.558633][ T1204] usb 2-1: unit 2 not found!
[  144.621616][ T1204] usb 2-1: USB disconnect, device number 3
[  144.727291][ T5867] udevd[5867]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  145.653235][ T6501] Bluetooth: MGMT ver 1.23
[  145.820049][ T6489] loop4: detected capacity change from 0 to 32768
[  145.928683][ T6489] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.199 (6489)
[  146.021937][ T6489] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  146.064955][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  146.073131][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  146.080688][ T6489] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  146.125732][ T6489] BTRFS info (device loop4): using free-space-tree
[  146.533346][ T6485] loop2: detected capacity change from 0 to 32768
[  147.059311][ T5839] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  147.063218][ T6485] syz.2.196: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  147.254897][ T6485] CPU: 1 UID: 0 PID: 6485 Comm: syz.2.196 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  147.254950][ T6485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  147.254977][ T6485] Call Trace:
[  147.255073][ T6485]  <TASK>
[  147.255089][ T6485]  dump_stack_lvl+0x16c/0x1f0
[  147.255140][ T6485]  warn_alloc+0x248/0x3a0
[  147.255193][ T6485]  ? __pfx_warn_alloc+0x10/0x10
[  147.255262][ T6485]  ? __bch2_darray_resize_noprof+0xf6/0x2d0
[  147.255299][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.255344][ T6485]  ? __vmalloc_node_noprof+0xad/0xf0
[  147.255392][ T6485]  __vmalloc_node_range_noprof+0x101b/0x14b0
[  147.255450][ T6485]  ? __bch2_darray_resize_noprof+0xf6/0x2d0
[  147.255498][ T6485]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  147.255540][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.255583][ T6485]  ? __alloc_pages_noprof+0xb/0x1b0
[  147.255652][ T6485]  ? ___kmalloc_large_node+0x84/0x1e0
[  147.255697][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.255754][ T6485]  __kvmalloc_node_noprof+0x30a/0x620
[  147.255808][ T6485]  ? __bch2_darray_resize_noprof+0xf6/0x2d0
[  147.255852][ T6485]  ? rcu_is_watching+0x12/0xc0
[  147.255908][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.255958][ T6485]  ? kfree+0x24f/0x4d0
[  147.255999][ T6485]  ? __bch2_darray_resize_noprof+0xf6/0x2d0
[  147.256050][ T6485]  ? __bch2_darray_resize_noprof+0xf6/0x2d0
[  147.256133][ T6485]  __bch2_darray_resize_noprof+0xf6/0x2d0
[  147.256176][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.256234][ T6485]  bch2_fs_btree_write_buffer_init+0x1bb/0x240
[  147.256285][ T6485]  bch2_fs_init_rw+0x21d/0x340
[  147.256330][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.256376][ T6485]  bch2_fs_alloc+0x184d/0x23f0
[  147.256438][ T6485]  ? __pfx_bch2_fs_alloc+0x10/0x10
[  147.256511][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.256568][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.256619][ T6485]  ? __bch2_darray_resize_noprof+0x1cd/0x2d0
[  147.256667][ T6485]  bch2_fs_open+0x838/0xc50
[  147.256736][ T6485]  ? __pfx_bch2_fs_open+0x10/0x10
[  147.256792][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.256857][ T6485]  ? sget+0x627/0x740
[  147.256910][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.256958][ T6485]  ? sget+0x524/0x740
[  147.257009][ T6485]  ? __pfx_bch2_noset_super+0x10/0x10
[  147.257067][ T6485]  bch2_fs_get_tree+0xcb0/0x1b70
[  147.257146][ T6485]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[  147.257249][ T6485]  ? __pfx_aa_get_newest_label+0x10/0x10
[  147.257309][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.257359][ T6485]  ? trace_cap_capable+0x18d/0x200
[  147.257413][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.257464][ T6485]  ? apparmor_capable+0x114/0x1d0
[  147.257512][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.257561][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.257614][ T6485]  vfs_get_tree+0x8e/0x340
[  147.257660][ T6485]  path_mount+0x1414/0x2020
[  147.257723][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.257765][ T6485]  ? kmem_cache_free+0x2d1/0x4d0
[  147.257815][ T6485]  ? __pfx_path_mount+0x10/0x10
[  147.257885][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.257927][ T6485]  ? putname+0x154/0x1a0
[  147.257966][ T6485]  __x64_sys_mount+0x28d/0x310
[  147.258026][ T6485]  ? __pfx___x64_sys_mount+0x10/0x10
[  147.258082][ T6485]  ? srso_alias_return_thunk+0x5/0xfbef5
[  147.258140][ T6485]  do_syscall_64+0xcd/0x4c0
[  147.258185][ T6485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.258222][ T6485] RIP: 0033:0x7fb0dcf9014a
[  147.258252][ T6485] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.258291][ T6485] RSP: 002b:00007fb0dde52e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  147.258331][ T6485] RAX: ffffffffffffffda RBX: 00007fb0dde52ef0 RCX: 00007fb0dcf9014a
[  147.258355][ T6485] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 00007fb0dde52eb0
[  147.258379][ T6485] RBP: 0000200000000140 R08: 00007fb0dde52ef0 R09: 0000000002800000
[  147.258402][ T6485] R10: 0000000002800000 R11: 0000000000000246 R12: 0000200000000100
[  147.258424][ T6485] R13: 00007fb0dde52eb0 R14: 0000000000005a7a R15: 0000200000002080
[  147.258471][ T6485]  </TASK>
[  147.258519][ T6485] Mem-Info:
[  147.809102][ T6485] active_anon:27446 inactive_anon:0 isolated_anon:0
[  147.809102][ T6485]  active_file:10207 inactive_file:40325 isolated_file:0
[  147.809102][ T6485]  unevictable:768 dirty:468 writeback:0
[  147.809102][ T6485]  slab_reclaimable:10448 slab_unreclaimable:99997
[  147.809102][ T6485]  mapped:44156 shmem:19641 pagetables:1274
[  147.809102][ T6485]  sec_pagetables:0 bounce:0
[  147.809102][ T6485]  kernel_misc_reclaimable:0
[  147.809102][ T6485]  free:1278446 free_pcp:14915 free_cma:0
[  147.957768][ T6485] Node 0 active_anon:106000kB inactive_anon:0kB active_file:40880kB inactive_file:161096kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:176668kB dirty:1860kB writeback:0kB shmem:73460kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:6144kB writeback_tmp:0kB kernel_stack:12616kB pagetables:4796kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  148.043591][ T6485] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  148.119502][ T6485] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  148.247909][ T6485] lowmem_reserve[]: 0 2480 2482 2482 2482
[  148.291779][ T6485] Node 0 DMA32 free:1198120kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:99356kB inactive_anon:0kB active_file:40880kB inactive_file:159780kB unevictable:1536kB writepending:1860kB present:3129332kB managed:2540356kB mlocked:0kB bounce:0kB free_pcp:51544kB local_pcp:17176kB free_cma:0kB
[  148.392620][ T6485] lowmem_reserve[]: 0 0 1 1 1
[  148.411811][ T6563] loop4: detected capacity change from 0 to 256
[  148.442948][ T6485] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  148.474843][ T6563] exfat: Deprecated parameter 'namecase'
[  148.568583][ T6563] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  148.657862][ T6485] lowmem_reserve[]: 0 0 0 0 0
[  148.716425][ T6485] Node 1 Normal free:3899624kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:19712kB local_pcp:10816kB free_cma:0kB
[  148.799023][ T6485] lowmem_reserve[]: 0 0 0 0 0
[  148.841450][ T6485] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  148.860355][ T6485] Node 0 DMA32: 2*4kB (ME) 2*8kB (ME) 2*16kB (ME) 1*32kB (M) 3*64kB (UME) 1*128kB (U) 2*256kB (ME) 1*512kB (E) 0*1024kB 1*2048kB (M) 289*4096kB (M) = 1187224kB
[  148.924585][ T6485] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  148.976649][ T6485] Node 1 Normal: 198*4kB (UME) 50*8kB (UME) 38*16kB (UME) 101*32kB (UME) 31*64kB (UME) 3*128kB (UM) 4*256kB (UME) 4*512kB (UM) 2*1024kB (ME) 2*2048kB (UE) 948*4096kB (M) = 3899624kB
[  149.055780][ T6576] ALSA: mixer_oss: invalid OSS volume ':'
[  149.203412][ T6576] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  149.221812][ T6485] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  149.257536][ T6576] ALSA: mixer_oss: invalid OSS volume '3'
[  149.294187][ T6576] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  149.335516][ T6576] ALSA: mixer_oss: invalid OSS volume '4'
[  149.362288][ T6485] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  149.383197][ T6576] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  149.438751][ T6576] ALSA: mixer_oss: invalid OSS volume '5'
[  149.475149][ T6485] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  149.638998][ T6485] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  149.733934][ T6485] 70633 total pagecache pages
[  149.738705][ T6485] 0 pages in swap cache
[  149.742905][ T6485] Free swap  = 124996kB
[  149.807785][ T6485] Total swap = 124996kB
[  149.841246][ T6485] 2097051 pages RAM
[  149.872496][ T6485] 0 pages HighMem/MovableOnly
[  149.900720][ T6485] 429984 pages reserved
[  149.935638][ T6485] 0 pages cma reserved
[  149.971791][ T6595] loop4: detected capacity change from 0 to 512
[  150.038391][ T6485] bcachefs (loop2): shutdown complete
[  150.058271][ T6595] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.185783][ T6600] warning: `syz.0.238' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  150.193327][   T30] kauditd_printk_skb: 49 callbacks suppressed
[  150.193352][   T30] audit: type=1804 audit(1753727795.260:61): pid=6595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.237" name="/newroot/25/bus/bus" dev="loop4" ino=18 res=1 errno=0
[  150.404125][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.773644][   T30] audit: type=1800 audit(1753727796.850:62): pid=6627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.250" name="file1" dev="tmpfs" ino=314 res=0 errno=0
[  153.708460][ T1221] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  153.819575][ T6662] v: renamed from ip6_vti0 (while UP)
[  153.895350][ T1221] usb 2-1: Using ep0 maxpacket: 8
[  153.995502][ T1221] usb 2-1: unable to get BOS descriptor or descriptor too short
[  154.019405][ T1221] usb 2-1: config 4 interface 0 has no altsetting 0
[  154.113202][ T1221] usb 2-1: string descriptor 0 read error: -22
[  154.122772][ T1221] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  154.170781][ T1221] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  154.296698][ T1221] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  154.350289][ T1221] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  154.394241][ T1221] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  154.414204][ T1221] usb 2-1: media controller created
[  154.480669][   T55] libceph: connect (1)[c::]:6789 error -101
[  154.515232][ T1221] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  154.530349][   T55] libceph: mon0 (1)[c::]:6789 connect error
[  154.540881][ T5850] libceph: connect (1)[c::]:6789 error -101
[  154.575815][ T5850] libceph: mon0 (1)[c::]:6789 connect error
[  154.744075][ T6680] netlink: 'syz.3.272': attribute type 29 has an invalid length.
[  154.762203][ T1221] zl10353_read_register: readreg error (reg=127, ret==0)
[  154.801775][ T6485] bcachefs: bch2_fs_get_tree() error: ENOMEM
[  154.830984][ T6680] netlink: 'syz.3.272': attribute type 29 has an invalid length.
[  154.864626][ T6680] netlink: 500 bytes leftover after parsing attributes in process `syz.3.272'.
[  154.886617][ T5850] libceph: connect (1)[c::]:6789 error -101
[  154.892903][ T5850] libceph: mon0 (1)[c::]:6789 connect error
[  154.903888][   T55] libceph: connect (1)[c::]:6789 error -101
[  154.923255][   T55] libceph: mon0 (1)[c::]:6789 connect error
[  154.997280][ T1221] usb 2-1: USB disconnect, device number 4
[  155.059407][ T6669] ceph: No mds server is up or the cluster is laggy
[  155.059953][ T6673] ceph: No mds server is up or the cluster is laggy
[  155.503690][ T6691] syz.5.277 uses obsolete (PF_INET,SOCK_PACKET)
[  156.005132][ T6702] loop4: detected capacity change from 0 to 128
[  156.030950][ T6702] EXT4-fs: Ignoring removed nobh option
[  156.132992][ T6702] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  156.156503][ T6702] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  156.460825][ T5839] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  156.825487][ T6732] loop2: detected capacity change from 0 to 512
[  156.979909][ T6732] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.073928][ T6733] "syz.5.293" (6733) uses obsolete ecb(arc4) skcipher
[  157.102683][ T6735] loop3: detected capacity change from 0 to 4096
[  157.118695][   T30] audit: type=1804 audit(1753727802.200:63): pid=6732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.291" name="/newroot/33/bus/bus" dev="loop2" ino=18 res=1 errno=0
[  157.227227][ T6735] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.277765][ T6748] team0: entered promiscuous mode
[  157.283131][ T6748] team_slave_0: entered promiscuous mode
[  157.291671][ T6748] team_slave_1: entered promiscuous mode
[  157.300055][ T6748] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  157.313726][ T6748] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  157.444142][ T6735] fs-verity: sha256 using implementation "sha256-x86_64"
[  157.531244][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.726253][ T5853] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.825817][   T30] audit: type=1800 audit(1753727802.910:64): pid=6761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.299" name="file1" dev="tmpfs" ino=197 res=0 errno=0
[  158.147555][ T6766] netlink: 6 bytes leftover after parsing attributes in process `syz.3.302'.
[  158.346771][ T6772] loop3: detected capacity change from 0 to 64
[  158.362156][ T6772] minix: Unknown parameter 'ÿÿØXÃWÓK3Mëe—ªuo6¶ÈؾЭg	D.gJìÓ0'
[  158.416077][ T6772] netlink: 104 bytes leftover after parsing attributes in process `syz.3.305'.
[  159.126183][   T55] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  159.287521][ T6793] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  159.303344][   T55] usb 3-1: Using ep0 maxpacket: 8
[  159.329020][   T55] usb 3-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  159.346598][   T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.372778][   T55] usb 3-1: Product: syz
[  159.387244][   T55] usb 3-1: Manufacturer: syz
[  159.405403][   T55] usb 3-1: SerialNumber: syz
[  159.434876][   T55] usb 3-1: config 0 descriptor??
[  159.484011][   T55] gspca_main: sq905-2.14.0 probing 2770:9120
[  159.845308][ T6801] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.321'.
[  160.222963][ T6812] loop4: detected capacity change from 0 to 2048
[  160.519056][   T55] gspca_sq905: bulk read fail (-22) len 0/4
[  160.534260][   T55] sq905 3-1:0.0: probe with driver sq905 failed with error -5
[  160.543361][ T6812] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  160.637367][ T6816] input: syz1 as /devices/virtual/input/input6
[  160.651002][ T6812] UDF-fs: error (device loop4): udf_truncate_tail_extent: Extent after EOF in inode 1368
[  160.782034][   T55] usb 3-1: USB disconnect, device number 2
[  161.148481][ T6829] fuse: Bad value for 'fd'
[  161.313736][ T5850] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  161.483392][ T5850] usb 4-1: Using ep0 maxpacket: 8
[  161.506351][ T5850] usb 4-1: unable to get BOS descriptor or descriptor too short
[  161.530822][ T5850] usb 4-1: config 4 has an invalid interface number: 147 but max is 0
[  161.555218][ T5850] usb 4-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[  161.585879][ T5850] usb 4-1: config 4 has no interface number 0
[  161.604721][ T5850] usb 4-1: string descriptor 0 read error: -22
[  161.611470][ T5850] usb 4-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  161.636739][ T5850] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.692312][ T5850] usb 4-1: Found UVC 0.02 device <unnamed> (04f2:b746)
[  161.710008][ T5850] usb 4-1: No valid video chain found.
[  161.882800][ T5850] usb 4-1: USB disconnect, device number 3
[  162.475579][ T6852] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  162.642026][ T6843] loop2: detected capacity change from 0 to 40427
[  162.687401][ T6843] F2FS-fs (loop2): build fault injection rate: 690
[  162.711738][ T6843] F2FS-fs (loop2): invalid crc value
[  162.782978][ T5864] Bluetooth: hci5: link tx timeout
[  162.789019][ T5864] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  162.799113][   T51] Bluetooth: hci5: link tx timeout
[  162.805977][   T51] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  162.845318][   T51] Bluetooth: hci5: link tx timeout
[  162.850524][   T51] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  163.071605][ T6843] F2FS-fs (loop2): Start checkpoint disabled!
[  163.150617][ T6843] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  163.555126][ T6848] loop4: detected capacity change from 0 to 32768
[  163.592228][   T73] kworker/u8:5: attempt to access beyond end of device
[  163.592228][   T73] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  163.673683][ T6848] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  163.700600][   T73] CPU: 1 UID: 0 PID: 73 Comm: kworker/u8:5 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  163.700649][   T73] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.700673][   T73] Workqueue: writeback wb_workfn (flush-7:2)
[  163.700727][   T73] Call Trace:
[  163.700738][   T73]  <TASK>
[  163.700752][   T73]  dump_stack_lvl+0x16c/0x1f0
[  163.700794][   T73]  f2fs_handle_critical_error+0x621/0x9f0
[  163.700860][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.700903][   T73]  ? f2fs_build_fault_attr+0x53/0x1f0
[  163.700959][   T73]  f2fs_write_end_io+0x785/0xc20
[  163.701018][   T73]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  163.701080][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.701129][   T73]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  163.701184][   T73]  bio_endio+0x70d/0x850
[  163.701233][   T73]  submit_bio_noacct+0x56d/0x1eb0
[  163.701299][   T73]  __submit_merged_bio+0x33c/0x770
[  163.701360][   T73]  __submit_merged_write_cond+0x319/0x3f0
[  163.701427][   T73]  f2fs_write_cache_pages+0x2067/0x2570
[  163.701492][   T73]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  163.701545][   T73]  ? __pfx_f2fs_sync_meta_pages+0x10/0x10
[  163.701677][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.701730][   T73]  f2fs_write_data_pages+0x4ad/0xd90
[  163.701777][   T73]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  163.701828][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.701891][   T73]  ? __lock_acquire+0xb8a/0x1c90
[  163.701948][   T73]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  163.701989][   T73]  do_writepages+0x27a/0x600
[  163.702036][   T73]  ? __pfx_do_writepages+0x10/0x10
[  163.702072][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.702116][   T73]  ? reacquire_held_locks+0xcd/0x1f0
[  163.702173][   T73]  ? writeback_sb_inodes+0x3a4/0xf90
[  163.702219][   T73]  __writeback_single_inode+0x160/0xfb0
[  163.702263][   T73]  ? __pfx___writeback_single_inode+0x10/0x10
[  163.702302][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.702342][   T73]  ? do_raw_spin_unlock+0x172/0x230
[  163.702382][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.702431][   T73]  writeback_sb_inodes+0x601/0xf90
[  163.702493][   T73]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  163.702531][   T73]  ? ret_from_fork_asm+0x1a/0x30
[  163.702637][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.702785][   T73]  ? rcu_is_watching+0x12/0xc0
[  163.702832][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.702883][   T73]  ? queue_io+0x3f6/0x520
[  163.702921][   T73]  wb_writeback+0x419/0xb70
[  163.702970][   T73]  ? __pfx_wb_writeback+0x10/0x10
[  163.703005][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.703059][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.703135][   T73]  ? mark_held_locks+0x49/0x80
[  163.703198][   T73]  wb_workfn+0x14d/0xbe0
[  163.703242][   T73]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  163.703311][   T73]  ? __pfx_wb_workfn+0x10/0x10
[  163.703356][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.703402][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.703449][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.703489][   T73]  ? rcu_is_watching+0x12/0xc0
[  163.703542][   T73]  process_one_work+0x9cf/0x1b70
[  163.703600][   T73]  ? __pfx_process_one_work+0x10/0x10
[  163.703638][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.703692][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.703733][   T73]  ? assign_work+0x1a0/0x250
[  163.703780][   T73]  worker_thread+0x6c8/0xf10
[  163.703828][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.703881][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.703923][   T73]  ? __kthread_parkme+0x19e/0x250
[  163.703972][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.704017][   T73]  ? __pfx_worker_thread+0x10/0x10
[  163.704056][   T73]  kthread+0x3c5/0x780
[  163.704091][   T73]  ? __pfx_kthread+0x10/0x10
[  163.704127][   T73]  ? srso_alias_return_thunk+0x5/0xfbef5
[  163.704169][   T73]  ? rcu_is_watching+0x12/0xc0
[  163.704215][   T73]  ? __pfx_kthread+0x10/0x10
[  163.704251][   T73]  ret_from_fork+0x5d7/0x6f0
[  163.704303][   T73]  ? __pfx_kthread+0x10/0x10
[  163.704339][   T73]  ret_from_fork_asm+0x1a/0x30
[  163.704401][   T73]  </TASK>
[  164.403404][   T73] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  164.517626][ T6889] loop3: detected capacity change from 0 to 32768
[  164.567573][ T6889] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  164.641564][ T6848] XFS (loop4): Ending clean mount
[  164.675436][ T6889] XFS (loop3): Ending clean mount
[  164.682838][ T6889] XFS (loop3): Quotacheck needed: Please wait.
[  164.738933][ T6889] XFS (loop3): Quotacheck: Done.
[  164.863365][   T51] Bluetooth: hci5: command 0x0406 tx timeout
[  165.037352][ T5839] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  165.065960][ T5853] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  166.190584][ T5850] IPVS: starting estimator thread 0...
[  166.200688][ T6928] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  166.313520][ T6934] IPVS: using max 21 ests per chain, 50400 per kthread
[  166.573416][ T5850] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  166.725559][ T5850] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  166.767851][ T5850] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 1616, setting to 64
[  166.806290][ T5850] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  166.841480][ T5850] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.878049][ T5850] usb 3-1: Product: syz
[  166.895974][ T5850] usb 3-1: Manufacturer: syz
[  166.922934][ T5850] usb 3-1: SerialNumber: syz
[  166.962910][ T6930] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  167.242191][ T6930] loop2: detected capacity change from 0 to 1024
[  167.433603][ T5850] cdc_ncm 3-1:1.0: bind() failure
[  167.480364][ T6956] syzkaller1: entered promiscuous mode
[  167.493346][ T5850] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  167.510593][ T6956] syzkaller1: entered allmulticast mode
[  167.532163][ T5850] cdc_ncm 3-1:1.1: bind() failure
[  167.722949][ T5850] usb 3-1: USB disconnect, device number 3
[  167.902433][ T6960] tls_set_device_offload_rx: netdev not found
[  168.090368][ T6963] loop4: detected capacity change from 0 to 2048
[  168.249885][ T6963] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.668446][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.021456][ T6991] loop4: detected capacity change from 0 to 128
[  169.214579][ T6991] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  169.319947][ T6991] ext4 filesystem being mounted at /52/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  169.459363][ T6999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.390'.
[  170.011592][ T5839] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.031041][ T7006] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~	
[  170.566595][ T6985] loop3: detected capacity change from 0 to 32768
[  170.639981][ T6985] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.387 (6985)
[  170.732774][ T6985] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  170.747423][ T7023] netlink: 8 bytes leftover after parsing attributes in process `syz.4.400'.
[  170.783092][ T6985] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm
[  170.814949][ T6985] BTRFS info (device loop3): using free-space-tree
[  171.707967][ T5853] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  171.883593][ T6042] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  172.064729][ T6042] usb 5-1: Using ep0 maxpacket: 32
[  172.099311][ T6042] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  172.150930][ T6042] usb 5-1: config 0 has no interface number 0
[  172.164663][ T6042] usb 5-1: config 0 interface 184 has no altsetting 0
[  172.182952][ T6042] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  172.197628][ T6042] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.220964][ T6042] usb 5-1: Product: syz
[  172.236115][ T6042] usb 5-1: Manufacturer: syz
[  172.250578][ T6042] usb 5-1: SerialNumber: syz
[  172.260213][ T7060] loop3: detected capacity change from 0 to 128
[  172.275545][ T6042] usb 5-1: config 0 descriptor??
[  172.315828][ T6042] smsc75xx v1.0.0
[  172.375189][ T7060] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  172.453150][ T7060] ext4 filesystem being mounted at /64/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  172.724597][ T5853] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  173.113785][ T7066] loop2: detected capacity change from 0 to 128
[  173.404281][ T7071] syz.2.411: attempt to access beyond end of device
[  173.404281][ T7071] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128
[  173.457859][ T7071] syz.2.411: attempt to access beyond end of device
[  173.457859][ T7071] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[  173.537188][ T7071] syz.2.411: attempt to access beyond end of device
[  173.537188][ T7071] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[  173.565013][ T6042] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -71
[  173.592123][ T6042] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[  173.623580][ T7071] syz.2.411: attempt to access beyond end of device
[  173.623580][ T7071] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[  173.640200][ T6042] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  173.664844][ T6042] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  173.680489][ T6042] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  173.691840][ T6042] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  173.707119][ T6042] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  173.716008][ T7071] syz.2.411: attempt to access beyond end of device
[  173.716008][ T7071] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[  173.779939][ T6042] usb 5-1: USB disconnect, device number 2
[  173.834764][ T7071] syz.2.411: attempt to access beyond end of device
[  173.834764][ T7071] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[  173.896601][ T7071] syz.2.411: attempt to access beyond end of device
[  173.896601][ T7071] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[  173.985475][ T7083] loop3: detected capacity change from 0 to 2048
[  174.008742][ T7071] syz.2.411: attempt to access beyond end of device
[  174.008742][ T7071] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[  174.036152][ T7083] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  174.114129][ T7071] syz.2.411: attempt to access beyond end of device
[  174.114129][ T7071] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[  174.224079][ T7071] syz.2.411: attempt to access beyond end of device
[  174.224079][ T7071] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[  174.828087][ T7104] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  175.688980][ T7096] loop3: detected capacity change from 0 to 32768
[  176.744496][ T7157] trusted_key: syz.1.449 sent an empty control message without MSG_MORE.
[  176.782021][ T7122] loop4: detected capacity change from 0 to 32768
[  176.893702][ T1221] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  176.924466][ T7122] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  177.049468][ T7122] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  177.053502][ T1221] usb 1-1: Using ep0 maxpacket: 32
[  177.070413][ T1221] usb 1-1: config 0 has no interfaces?
[  177.080069][ T1221] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  177.098285][ T1221] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.129554][ T1221] usb 1-1: Product: syz
[  177.144245][ T1221] usb 1-1: Manufacturer: syz
[  177.163922][ T1221] usb 1-1: SerialNumber: syz
[  177.182785][ T7162] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.223140][ T1221] usb 1-1: config 0 descriptor??
[  177.530204][ T5839] ocfs2: Unmounting device (7,4) on (node local)
[  177.652154][   T55] usb 1-1: USB disconnect, device number 4
[  177.784232][ T7174] netlink: 4 bytes leftover after parsing attributes in process `syz.5.456'.
[  178.075123][ T7160] loop3: detected capacity change from 0 to 40427
[  178.132436][ T7160] F2FS-fs (loop3): heap/no_heap options were deprecated
[  178.150221][ T7160] F2FS-fs (loop3): build fault injection rate: 19
[  178.177383][ T7160] F2FS-fs (loop3): build fault injection type: 0x3bfe8c
[  178.271418][ T7160] F2FS-fs (loop3): invalid crc value
[  178.340883][ T7160] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of __f2fs_build_free_nids+0x207/0xfe0
[  178.468698][ T7187] loop2: detected capacity change from 0 to 4096
[  178.524486][ T7187] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  178.739751][ T7187] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  178.823488][ T7160] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_get_node_info+0x532/0xec0
[  179.113969][ T7160] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  179.264711][ T7160] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_get_node_info+0x532/0xec0
[  179.353683][   T30] audit: type=1800 audit(1753727824.440:65): pid=7160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.444" name="file1" dev="loop3" ino=10 res=0 errno=0
[  179.461793][ T7160] F2FS-fs (loop3): inject inconsistent footer in sanity_check_node_footer of __get_node_folio+0x12d/0x1b0
[  179.524199][ T7160] F2FS-fs (loop3): inconsistent node block, node_type:1, nid:10, node_footer[nid:10,ino:10,ofs:0,cpver:0,blkaddr:0]
[  179.560576][ T7214] loop2: detected capacity change from 0 to 256
[  179.632348][   T30] audit: type=1800 audit(1753727824.690:66): pid=7160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.444" name="file1" dev="loop3" ino=10 res=0 errno=0
[  179.689768][ T7214] exfat: Deprecated parameter 'utf8'
[  179.743358][ T7214] exfat: Deprecated parameter 'utf8'
[  179.748947][ T7214] exfat: Deprecated parameter 'utf8'
[  179.815746][ T5853] bio_check_eod: 80 callbacks suppressed
[  179.815771][ T5853] syz-executor: attempt to access beyond end of device
[  179.815771][ T5853] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  179.860136][ T7214] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  179.918500][ T5853] CPU: 1 UID: 0 PID: 5853 Comm: syz-executor Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  179.918546][ T5853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  179.918567][ T5853] Call Trace:
[  179.918578][ T5853]  <TASK>
[  179.918592][ T5853]  dump_stack_lvl+0x16c/0x1f0
[  179.918636][ T5853]  f2fs_handle_critical_error+0x621/0x9f0
[  179.918694][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.918739][ T5853]  ? f2fs_build_fault_attr+0x53/0x1f0
[  179.918796][ T5853]  f2fs_write_end_io+0x785/0xc20
[  179.918858][ T5853]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  179.918921][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.918974][ T5853]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  179.919030][ T5853]  bio_endio+0x70d/0x850
[  179.919079][ T5853]  submit_bio_noacct+0x56d/0x1eb0
[  179.919152][ T5853]  __submit_merged_bio+0x33c/0x770
[  179.919215][ T5853]  __submit_merged_write_cond+0x319/0x3f0
[  179.919286][ T5853]  f2fs_write_cache_pages+0x2067/0x2570
[  179.919353][ T5853]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  179.919492][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.919538][ T5853]  ? exit_to_user_mode_loop+0xeb/0x110
[  179.919588][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.919630][ T5853]  ? __lock_acquire+0xb8a/0x1c90
[  179.919714][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.919846][ T5853]  ? check_path.constprop.0+0x24/0x50
[  179.919899][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.919950][ T5853]  f2fs_write_data_pages+0x4ad/0xd90
[  179.920029][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  179.920096][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.920152][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  179.920195][ T5853]  do_writepages+0x27a/0x600
[  179.920245][ T5853]  ? __pfx_do_writepages+0x10/0x10
[  179.920282][ T5853]  ? do_raw_spin_unlock+0x172/0x230
[  179.920324][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.920367][ T5853]  ? _raw_spin_unlock+0x28/0x50
[  179.920429][ T5853]  filemap_fdatawrite_wbc+0x104/0x160
[  179.920470][ T5853]  ? __pfx_stack_trace_save+0x10/0x10
[  179.920523][ T5853]  __filemap_fdatawrite_range+0xb2/0xf0
[  179.920575][ T5853]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  179.920627][ T5853]  ? check_path.constprop.0+0x24/0x50
[  179.920733][ T5853]  ? find_held_lock+0x2b/0x80
[  179.920780][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.920824][ T5853]  ? do_raw_spin_unlock+0x172/0x230
[  179.920865][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.920915][ T5853]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  179.920977][ T5853]  block_operations+0x2a3/0xfd0
[  179.921030][ T5853]  ? __pfx_block_operations+0x10/0x10
[  179.921068][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.921173][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.921216][ T5853]  ? down_write+0x14d/0x200
[  179.921258][ T5853]  ? __pfx_down_write+0x10/0x10
[  179.921302][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.921345][ T5853]  ? rcu_is_watching+0x12/0xc0
[  179.921398][ T5853]  f2fs_write_checkpoint+0x2b8/0x4c60
[  179.921448][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.921490][ T5853]  ? kfree+0x2b4/0x4d0
[  179.921527][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.921574][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.921616][ T5853]  ? rcu_is_watching+0x12/0xc0
[  179.921661][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.921704][ T5853]  ? kthread_stop+0x273/0x650
[  179.921768][ T5853]  kill_f2fs_super+0x3c2/0x470
[  179.921811][ T5853]  ? __pfx_kill_f2fs_super+0x10/0x10
[  179.921852][ T5853]  ? lockdep_hardirqs_on+0x7c/0x110
[  179.921907][ T5853]  deactivate_locked_super+0xc1/0x1a0
[  179.921954][ T5853]  deactivate_super+0xde/0x100
[  179.922001][ T5853]  cleanup_mnt+0x225/0x450
[  179.922053][ T5853]  task_work_run+0x150/0x240
[  179.922093][ T5853]  ? __pfx_task_work_run+0x10/0x10
[  179.922136][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  179.922182][ T5853]  ? __pfx___x64_sys_umount+0x10/0x10
[  179.922246][ T5853]  exit_to_user_mode_loop+0xeb/0x110
[  179.922289][ T5853]  do_syscall_64+0x3f6/0x4c0
[  179.922332][ T5853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.922394][ T5853] RIP: 0033:0x7f7ec4d8fcd7
[  179.922422][ T5853] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  179.922457][ T5853] RSP: 002b:00007fff32b0c2d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  179.922490][ T5853] RAX: 0000000000000000 RBX: 00007f7ec4e10b55 RCX: 00007f7ec4d8fcd7
[  179.922513][ T5853] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff32b0c390
[  179.922535][ T5853] RBP: 00007fff32b0c390 R08: 0000000000000000 R09: 0000000000000000
[  179.922557][ T5853] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff32b0d420
[  179.922580][ T5853] R13: 00007f7ec4e10b55 R14: 000000000002bd8e R15: 00007fff32b0d460
[  179.922628][ T5853]  </TASK>
[  179.922641][ T5853] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  181.012381][ T7232] loop2: detected capacity change from 0 to 128
[  181.107003][ T7232] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  181.164991][   T30] audit: type=1326 audit(1753727826.250:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd22878e9a9 code=0x7fc00000
[  181.196296][ T7232] ext4 filesystem being mounted at /62/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  182.077485][ T5840] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  182.093428][ T1221] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  182.257308][ T7255] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.472'.
[  182.284429][ T1221] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  182.303790][ T1221] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.352687][ T1221] usb 2-1: config 0 descriptor??
[  182.385193][ T1221] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  182.592629][ T1221] gp8psk: usb in 128 operation failed.
[  182.608468][ T1221] gp8psk: usb in 137 operation failed.
[  182.624241][ T1221] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  182.634507][ T7262] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  182.658953][ T1221] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  182.687629][ T1221] usb 2-1: media controller created
[  182.727637][ T7260] loop4: detected capacity change from 0 to 4096
[  182.763875][ T7260] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  182.807956][ T1221] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  182.860737][ T7264] loop3: detected capacity change from 0 to 256
[  182.917036][ T7264] exfat: Deprecated parameter 'utf8'
[  182.943148][ T1221] gp8psk_fe: Frontend attached
[  182.950193][ T7264] exfat: Deprecated parameter 'utf8'
[  182.963531][ T7260] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  182.982607][ T1221] usb 2-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  182.995364][ T7264] exfat: Deprecated parameter 'utf8'
[  183.012316][ T7260] ntfs3(loop4): Failed to load $Extend (-22).
[  183.021445][ T1221] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  183.040614][ T7260] ntfs3(loop4): Failed to initialize $Extend.
[  183.085509][ T7264] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  183.380640][ T1221] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  183.438360][ T1221] gp8psk: found Genpix USB device pID = 203 (hex)
[  183.651606][ T5850] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  183.735304][ T1204] usb 2-1: USB disconnect, device number 5
[  183.843906][ T5850] usb 3-1: Using ep0 maxpacket: 32
[  183.873121][ T5850] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  183.902254][ T5850] usb 3-1: config 0 has no interface number 0
[  183.930949][ T5850] usb 3-1: config 0 interface 184 has no altsetting 0
[  183.961376][ T5850] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  183.996842][ T1204] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  183.998536][ T5850] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.061785][ T5850] usb 3-1: Product: syz
[  184.093564][ T5850] usb 3-1: Manufacturer: syz
[  184.098211][ T5850] usb 3-1: SerialNumber: syz
[  184.130055][ T5850] usb 3-1: config 0 descriptor??
[  184.159946][ T5850] smsc75xx v1.0.0
[  184.357569][ T7284] loop4: detected capacity change from 0 to 128
[  184.483112][ T7284] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  184.545015][ T7284] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.613610][ T1221] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  184.667414][ T7284] EXT4-fs (loop4): shut down requested (2)
[  184.674580][ T7284] syz.4.499 (pid 7284) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  184.766833][ T5839] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  184.818361][ T1221] usb 4-1: Using ep0 maxpacket: 8
[  184.838033][ T1221] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  184.853546][ T1221] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  184.871624][ T1221] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  184.920630][ T1221] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  184.957768][ T1221] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  185.032264][ T1221] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  185.186578][ T1221] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.278420][ T7293] input: syz1 as /devices/virtual/input/input7
[  185.400172][ T5850] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -71
[  185.413322][ T5850] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[  185.433665][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  185.463401][ T1221] usb 4-1: GET_CAPABILITIES returned 0
[  185.466376][ T5850] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  185.468927][ T1221] usbtmc 4-1:16.0: can't read capabilities
[  185.507186][ T5947] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  185.520415][ T5850] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  185.561223][ T5850] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  185.600331][ T5850] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  185.638924][ T5850] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  185.673347][ T5947] usb 5-1: Using ep0 maxpacket: 8
[  185.697020][ T5850] usb 3-1: USB disconnect, device number 4
[  185.703546][ T5947] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 13
[  185.730138][ T5947] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  185.763713][ T5947] usb 5-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[  185.771961][ T5947] usb 5-1: Product: syz
[  185.816149][ T5947] usb 5-1: Manufacturer: syz
[  185.820814][ T5947] usb 5-1: SerialNumber: syz
[  185.844294][ T5947] usb 5-1: config 0 descriptor??
[  185.864112][ T5947] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  185.873987][ T1221] usb 4-1: USB disconnect, device number 4
[  185.886314][ T7285] usbtmc 4-1:16.0: usb_control_msg returned -71
[  186.874329][ T5947] gspca_zc3xx: reg_w_i err -71
[  186.880162][ T7315] ALSA: mixer_oss: invalid OSS volume ''
[  187.463377][ T5947] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  187.493426][ T5947] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  187.541879][ T5947] usb 5-1: USB disconnect, device number 3
[  188.073512][ T7351] batadv_slave_0: entered promiscuous mode
[  188.219976][ T7348] batadv_slave_0: left promiscuous mode
[  188.748179][ T7357] netlink: 14 bytes leftover after parsing attributes in process `syz.4.528'.
[  188.821380][ T7357] hsr_slave_0: left promiscuous mode
[  188.883814][ T7357] hsr_slave_1: left promiscuous mode
[  188.899850][ T7355] loop3: detected capacity change from 0 to 4096
[  188.994834][ T7355] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  189.147478][ T7355] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  189.566609][ T7347] loop2: detected capacity change from 0 to 32768
[  189.635432][ T7347] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.523 (7347)
[  189.750556][ T7347] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  189.819467][ T7347] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  189.880328][ T7347] BTRFS info (device loop2): disk space caching is enabled
[  189.931627][ T7347] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  190.217752][ T7347] BTRFS info (device loop2): rebuilding free space tree
[  190.392576][ T7347] BTRFS info (device loop2): disabling free space tree
[  190.423442][ T7347] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  190.475869][ T7347] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  191.032139][ T7407] loop4: detected capacity change from 0 to 128
[  191.206121][ T5840] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  191.234769][ T7411] syz.4.544: attempt to access beyond end of device
[  191.234769][ T7411] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128
[  191.370036][ T7411] syz.4.544: attempt to access beyond end of device
[  191.370036][ T7411] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[  191.510442][ T7411] syz.4.544: attempt to access beyond end of device
[  191.510442][ T7411] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128
[  191.625023][ T7411] syz.4.544: attempt to access beyond end of device
[  191.625023][ T7411] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128
[  191.713597][ T7411] syz.4.544: attempt to access beyond end of device
[  191.713597][ T7411] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128
[  191.765792][ T7411] syz.4.544: attempt to access beyond end of device
[  191.765792][ T7411] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128
[  192.094383][ T7411] syz.4.544: attempt to access beyond end of device
[  192.094383][ T7411] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128
[  192.175406][ T7411] syz.4.544: attempt to access beyond end of device
[  192.175406][ T7411] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[  192.266419][ T7411] syz.4.544: attempt to access beyond end of device
[  192.266419][ T7411] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[  192.664531][   T57] kworker/u8:4: attempt to access beyond end of device
[  192.664531][   T57] loop4: rw=1, sector=297, nr_sectors = 8 limit=128
[  192.723424][ T6042] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  192.862969][ T7454] overlayfs: failed to clone upperpath
[  192.898318][ T6042] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  192.922614][ T6042] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.963826][ T6042] usb 3-1: config 0 descriptor??
[  193.835332][    C0] Unknown status report in ack skb
[  193.963515][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  194.245089][ T6042] usb 3-1: Cannot set autoneg
[  194.274004][ T6042] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  194.341963][ T6042] usb 3-1: USB disconnect, device number 5
[  196.064219][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  196.458704][ T7513] loop4: detected capacity change from 0 to 512
[  196.527459][ T7513] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  196.603782][ T7513] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  196.670529][ T7513] EXT4-fs (loop4): 1 truncate cleaned up
[  196.758754][ T7513] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.125381][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  197.135353][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  197.477712][ T7528] loop3: detected capacity change from 0 to 256
[  197.501230][ T7528] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  197.538582][ T7528] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  197.606788][ T7528] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  197.832612][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.897478][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  198.210635][ T7511] loop2: detected capacity change from 0 to 40427
[  198.704042][ T7511] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  198.823724][ T7511] capability: warning: `syz.2.588' uses deprecated v2 capabilities in a way that may be insecure
[  198.848322][ T7553] loop3: detected capacity change from 0 to 128
[  199.070425][ T7557] bio_check_eod: 81 callbacks suppressed
[  199.070450][ T7557] syz.3.598: attempt to access beyond end of device
[  199.070450][ T7557] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[  199.094711][ T5840] syz-executor: attempt to access beyond end of device
[  199.094711][ T5840] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  199.121376][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: syz-executor Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  199.121422][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  199.121443][ T5840] Call Trace:
[  199.121455][ T5840]  <TASK>
[  199.121468][ T5840]  dump_stack_lvl+0x16c/0x1f0
[  199.121515][ T5840]  f2fs_handle_critical_error+0x621/0x9f0
[  199.121574][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.121618][ T5840]  ? f2fs_build_fault_attr+0x53/0x1f0
[  199.121679][ T5840]  f2fs_write_end_io+0x785/0xc20
[  199.121742][ T5840]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  199.121808][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.121863][ T5840]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  199.121920][ T5840]  bio_endio+0x70d/0x850
[  199.121971][ T5840]  submit_bio_noacct+0x56d/0x1eb0
[  199.122040][ T5840]  __submit_merged_bio+0x33c/0x770
[  199.122105][ T5840]  __submit_merged_write_cond+0x319/0x3f0
[  199.122186][ T5840]  f2fs_write_cache_pages+0x2067/0x2570
[  199.122259][ T5840]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  199.122307][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.122349][ T5840]  ? __lock_acquire+0x622/0x1c90
[  199.122421][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.122565][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.122614][ T5840]  ? mod_memcg_lruvec_state+0x394/0x610
[  199.122665][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.122796][ T5840]  f2fs_write_data_pages+0x4ad/0xd90
[  199.122848][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  199.122885][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.122939][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.122989][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  199.123034][ T5840]  do_writepages+0x27a/0x600
[  199.123083][ T5840]  ? __pfx_do_writepages+0x10/0x10
[  199.123117][ T5840]  ? do_raw_spin_unlock+0x172/0x230
[  199.123168][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.123210][ T5840]  ? _raw_spin_unlock+0x28/0x50
[  199.123272][ T5840]  filemap_fdatawrite_wbc+0x104/0x160
[  199.123320][ T5840]  __filemap_fdatawrite_range+0xb2/0xf0
[  199.123374][ T5840]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  199.123494][ T5840]  ? find_held_lock+0x2b/0x80
[  199.123542][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.123586][ T5840]  ? do_raw_spin_unlock+0x172/0x230
[  199.123625][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.123677][ T5840]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  199.123744][ T5840]  block_operations+0x2a3/0xfd0
[  199.123789][ T5840]  ? __pfx___schedule+0x10/0x10
[  199.123849][ T5840]  ? __pfx_block_operations+0x10/0x10
[  199.123954][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.123994][ T5840]  ? down_write+0x14d/0x200
[  199.124034][ T5840]  ? __pfx_down_write+0x10/0x10
[  199.124077][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.124118][ T5840]  ? rcu_is_watching+0x12/0xc0
[  199.124177][ T5840]  f2fs_write_checkpoint+0x2b8/0x4c60
[  199.124229][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.124272][ T5840]  ? kfree+0x2b4/0x4d0
[  199.124309][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.124358][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.124400][ T5840]  ? rcu_is_watching+0x12/0xc0
[  199.124447][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.124488][ T5840]  ? kthread_stop+0x273/0x650
[  199.124554][ T5840]  kill_f2fs_super+0x3c2/0x470
[  199.124598][ T5840]  ? __pfx_kill_f2fs_super+0x10/0x10
[  199.124641][ T5840]  ? lockdep_hardirqs_on+0x7c/0x110
[  199.124695][ T5840]  deactivate_locked_super+0xc1/0x1a0
[  199.124739][ T5840]  deactivate_super+0xde/0x100
[  199.124782][ T5840]  cleanup_mnt+0x225/0x450
[  199.124830][ T5840]  task_work_run+0x150/0x240
[  199.124868][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  199.124901][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  199.124946][ T5840]  ? __pfx___x64_sys_umount+0x10/0x10
[  199.125006][ T5840]  exit_to_user_mode_loop+0xeb/0x110
[  199.125072][ T5840]  do_syscall_64+0x3f6/0x4c0
[  199.125160][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.125193][ T5840] RIP: 0033:0x7fb0dcf8fcd7
[  199.125219][ T5840] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  199.125249][ T5840] RSP: 002b:00007ffc607c6728 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  199.125279][ T5840] RAX: 0000000000000000 RBX: 00007fb0dd010b55 RCX: 00007fb0dcf8fcd7
[  199.125300][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc607c67e0
[  199.125320][ T5840] RBP: 00007ffc607c67e0 R08: 0000000000000000 R09: 0000000000000000
[  199.125339][ T5840] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc607c7870
[  199.125359][ T5840] R13: 00007fb0dd010b55 R14: 00000000000308cc R15: 00007ffc607c78b0
[  199.125407][ T5840]  </TASK>
[  199.607903][ T5840] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  199.613045][ T7560] ip6gre1: entered allmulticast mode
[  199.671286][ T7557] syz.3.598: attempt to access beyond end of device
[  199.671286][ T7557] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[  199.685255][ T7557] syz.3.598: attempt to access beyond end of device
[  199.685255][ T7557] loop3: rw=2049, sector=185, nr_sectors = 8 limit=128
[  199.699048][ T7557] syz.3.598: attempt to access beyond end of device
[  199.699048][ T7557] loop3: rw=2049, sector=201, nr_sectors = 8 limit=128
[  199.712759][ T7557] syz.3.598: attempt to access beyond end of device
[  199.712759][ T7557] loop3: rw=2049, sector=217, nr_sectors = 8 limit=128
[  199.726580][ T7557] syz.3.598: attempt to access beyond end of device
[  199.726580][ T7557] loop3: rw=2049, sector=233, nr_sectors = 8 limit=128
[  199.740425][ T7557] syz.3.598: attempt to access beyond end of device
[  199.740425][ T7557] loop3: rw=2049, sector=249, nr_sectors = 8 limit=128
[  199.754087][ T7557] syz.3.598: attempt to access beyond end of device
[  199.754087][ T7557] loop3: rw=2049, sector=265, nr_sectors = 8 limit=128
[  199.767818][ T7557] syz.3.598: attempt to access beyond end of device
[  199.767818][ T7557] loop3: rw=2049, sector=281, nr_sectors = 8 limit=128
[  200.264485][ T6042] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  200.435231][ T6042] usb 1-1: Using ep0 maxpacket: 8
[  200.486812][ T6042] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  200.508442][ T6042] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.543630][ T6042] usb 1-1: Product: syz
[  200.547859][ T6042] usb 1-1: Manufacturer: syz
[  200.552477][ T6042] usb 1-1: SerialNumber: syz
[  200.617221][ T6042] usb 1-1: config 0 descriptor??
[  200.666542][ T6042] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  201.082237][ T7566] loop4: detected capacity change from 0 to 32768
[  201.170576][ T7566] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  201.287052][ T7566] XFS (loop4): Ending clean mount
[  201.301923][ T7566] XFS (loop4): Quotacheck needed: Please wait.
[  201.376151][ T7566] XFS (loop4): Quotacheck: Done.
[  201.469708][   T30] audit: type=1800 audit(1753727846.550:68): pid=7566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.606" name="file2" dev="loop4" ino=9287 res=0 errno=0
[  201.695825][ T5839] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  201.914692][ T6042] gspca_sonixj: reg_w1 err -71
[  202.003583][ T6042] sonixj 1-1:0.0: probe with driver sonixj failed with error -71
[  202.059747][ T6042] usb 1-1: USB disconnect, device number 5
[  202.301561][ T7606] Set syz0 is full, maxelem 0 reached
[  202.765354][ T7618] netlink: 14 bytes leftover after parsing attributes in process `syz.5.626'.
[  202.845389][ T7618] hsr_slave_0: left promiscuous mode
[  202.873787][ T7618] hsr_slave_1: left promiscuous mode
[  204.683422][ T7659] loop2: detected capacity change from 0 to 256
[  204.717518][ T7659] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  204.746944][ T7659] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  204.818279][ T7659] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  205.481338][ T7669] loop4: detected capacity change from 0 to 4096
[  205.538921][ T7669] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  205.970834][ T7680] loop2: detected capacity change from 0 to 1024
[  206.041640][ T7680] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  206.086722][ T7688] ip6gre1: entered allmulticast mode
[  206.098023][ T7680] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  206.224685][   T30] audit: type=1800 audit(1753727851.290:69): pid=7680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.654" name="file1" dev="loop2" ino=15 res=0 errno=0
[  206.274007][ T1204] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  206.441100][ T5840] EXT4-fs error (device loop2): ext4_readdir:262: inode #2: block 16: comm syz-executor: path /88/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  206.466096][ T1204] usb 1-1: Using ep0 maxpacket: 16
[  206.520852][ T1204] usb 1-1: config 0 interface 0 has no altsetting 0
[  206.527682][ T1204] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  206.561865][ T1204] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.570079][ T5840] EXT4-fs error (device loop2): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /88/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  206.573396][ T5947] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  206.606616][ T5974] bond0: (slave bond_slave_0): interface is now down
[  206.629986][ T1204] usb 1-1: config 0 descriptor??
[  206.634345][ T7703] netlink: 'syz.4.662': attribute type 10 has an invalid length.
[  206.648781][ T5974] bond0: (slave bond_slave_1): interface is now down
[  206.665975][ T5840] EXT4-fs error (device loop2): ext4_empty_dir:3115: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  206.694497][ T7703] syz_tun: entered promiscuous mode
[  206.721549][ T5974] bond0: (slave bond_slave_0): interface is now down
[  206.732083][ T7703] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  206.751895][ T5974] bond0: (slave bond_slave_1): interface is now down
[  206.773977][ T5840] EXT4-fs error (device loop2): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /88/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  206.803318][ T5974] bond0: (slave syz_tun): interface is now down
[  206.813974][ T5840] EXT4-fs error (device loop2): ext4_empty_dir:3115: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  206.839571][ T5974] bond0: now running without any active interface!
[  206.902443][ T5840] EXT4-fs error (device loop2): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /88/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  206.907474][ T5947] usb 2-1: Using ep0 maxpacket: 16
[  206.936615][ T5947] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  206.948339][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.964229][ T5947] usb 2-1: Product: syz
[  206.968461][ T5947] usb 2-1: Manufacturer: syz
[  206.973111][ T5947] usb 2-1: SerialNumber: syz
[  206.994636][ T7707] netlink: 'syz.3.664': attribute type 10 has an invalid length.
[  207.007553][ T5947] usb 2-1: config 0 descriptor??
[  207.009339][ T5840] EXT4-fs error (device loop2): ext4_empty_dir:3115: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  207.039628][ T5947] ssu100 2-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  207.040379][ T5840] EXT4-fs error (device loop2): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /88/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  207.065856][ T7707] team0: Device hsr_slave_0 failed to register rx_handler
[  207.160520][ T1204] hid (null): unknown global tag 0xe
[  207.166125][ T1204] hid (null): unknown global tag 0xd
[  207.171615][ T1204] hid (null): unknown global tag 0xe
[  207.196926][ T5840] EXT4-fs error (device loop2): ext4_empty_dir:3115: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  207.197584][ T1204] hid (null): invalid report_size 58068
[  207.274420][ T1204] hid (null): invalid report_count 497205603
[  207.296309][ T5840] EXT4-fs error (device loop2): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /88/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  207.313449][ T1204] hid (null): invalid report_count -400155653
[  207.334327][ T1204] hid (null): unknown global tag 0x35
[  207.432916][ T1204] usb 1-1: USB disconnect, device number 6
[  207.454863][ T7714] loop3: detected capacity change from 0 to 512
[  207.496985][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  207.503732][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  207.538409][ T7714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.583594][ T7714] ext4 filesystem being mounted at /103/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.686713][   T30] audit: type=1800 audit(1753727852.770:70): pid=7714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.667" name="file1" dev="loop3" ino=15 res=0 errno=0
[  207.810812][ T7723] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  207.833201][ T7723] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  207.897578][ T5853] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.101692][ T7732] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  208.280618][ T5947] ssu100 2-1:0.0: probe with driver ssu100 failed with error -71
[  208.314779][ T5947] usb 2-1: USB disconnect, device number 7
[  208.541060][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  208.899507][ T7745] loop3: detected capacity change from 0 to 512
[  208.942495][ T7745] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  209.001668][ T7745] EXT4-fs (loop3): 1 truncate cleaned up
[  209.019267][ T7745] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.781050][ T5853] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.222173][ T7773] macvlan0: entered promiscuous mode
[  210.487460][ T7773] macvlan0 (unregistering): left promiscuous mode
[  210.517652][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  210.530781][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  210.546061][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  210.562055][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  210.571918][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  211.081451][ T7795] loop4: detected capacity change from 0 to 128
[  211.117984][ T7793] loop3: detected capacity change from 0 to 1024
[  211.125779][ T7793] ext4: Unknown parameter 'uid<00000000000000000000'
[  211.184318][ T7795] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  211.238175][ T7795] ext4 filesystem being mounted at /109/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  211.242213][ T7780] chnl_net:caif_netlink_parms(): no params data found
[  211.777410][ T5839] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  211.836268][ T7780] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.854049][ T7780] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.862729][ T7780] bridge_slave_0: entered allmulticast mode
[  211.895524][ T7780] bridge_slave_0: entered promiscuous mode
[  211.913933][ T7780] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.921111][ T7780] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.953252][ T7780] bridge_slave_1: entered allmulticast mode
[  211.997151][ T7780] bridge_slave_1: entered promiscuous mode
[  212.097450][ T7811] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  212.216810][ T7780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.241417][ T7780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.448586][ T7826] netlink: 'syz.5.709': attribute type 4 has an invalid length.
[  212.457831][ T7826] netlink: 152 bytes leftover after parsing attributes in process `syz.5.709'.
[  212.560258][ T7826] : renamed from bond0 (while UP)
[  212.613905][ T5864] Bluetooth: hci1: command tx timeout
[  212.630854][ T7780] team0: Port device team_slave_0 added
[  212.655514][ T7780] team0: Port device team_slave_1 added
[  212.775454][ T7780] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.788658][ T7780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.816430][ T7780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.841839][ T7780] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.849179][ T7780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.879342][ T7780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.091697][ T7780] hsr_slave_0: entered promiscuous mode
[  213.124718][ T7780] hsr_slave_1: entered promiscuous mode
[  213.147272][ T7780] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.158125][ T7780] Cannot create hsr debugfs directory
[  213.383766][ T5947] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  213.579324][ T5947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  213.608878][ T5947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  213.645964][ T5947] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  213.700814][ T5947] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  213.750835][ T5947] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.798366][ T5947] usb 5-1: config 0 descriptor??
[  213.913114][ T7780] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  213.972831][ T7780] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  214.027767][ T7780] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  214.064303][ T7780] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  214.299679][ T5947] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  214.499189][ T7780] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.676834][ T7780] 8021q: adding VLAN 0 to HW filter on device team0
[  214.696621][ T5864] Bluetooth: hci1: command tx timeout
[  214.776704][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.784033][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.861105][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.868381][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.111081][ T7780] 8021q: adding VLAN 0 to HW filter on device batadv0
[  216.396403][ T1204] usb 5-1: USB disconnect, device number 4
[  216.453884][ T7896] loop4: detected capacity change from 0 to 1024
[  216.828389][ T7899] loop3: detected capacity change from 0 to 32768
[  216.836743][ T5864] Bluetooth: hci1: command tx timeout
[  216.909577][ T7896] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  216.958351][ T7899] OCFS2: ERROR (device loop3): __ocfs2_find_path: Owner 75 has invalid tree depth 2304 in extent list
[  216.971098][ T7899] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  216.981806][ T7899] OCFS2: Returning error to the calling process.
[  216.988963][ T7899] (syz.3.735,7899,1):ocfs2_find_leaf:1948 ERROR: status = -30
[  216.996547][ T7899] (syz.3.735,7899,1):ocfs2_get_clusters_nocache:421 ERROR: status = -30
[  217.008105][ T7899] (syz.3.735,7899,1):ocfs2_get_clusters:634 ERROR: status = -30
[  217.016269][ T7899] (syz.3.735,7899,1):ocfs2_extent_map_get_blocks:681 ERROR: status = -30
[  217.024756][ T7899] (syz.3.735,7899,1):ocfs2_bmap:468 ERROR: get_blocks() failed, block = 0
[  217.033374][ T7899] (syz.3.735,7899,1):ocfs2_bmap:470 ERROR: status = -30
[  217.040358][ T7899] jbd2_journal_init_inode: Cannot locate journal superblock
[  217.047708][ T7899] (syz.3.735,7899,1):ocfs2_journal_init:973 ERROR: Linux journal layer error
[  217.056685][ T7899] (syz.3.735,7899,1):ocfs2_check_volume:2347 ERROR: Could not initialize journal!
[  217.065980][ T7899] (syz.3.735,7899,1):ocfs2_check_volume:2432 ERROR: status = -22
[  217.073784][ T7899] (syz.3.735,7899,1):ocfs2_mount_volume:1764 ERROR: status = -22
[  217.079159][   T30] audit: type=1800 audit(1753727862.140:71): pid=7896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.734" name="file1" dev="loop4" ino=15 res=0 errno=0
[  217.088441][ T7899] (syz.3.735,7899,1):ocfs2_fill_super:1177 ERROR: status = -22
[  217.247898][   T30] audit: type=1804 audit(1753727862.320:72): pid=7907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.734" name="/newroot/114/file1/file1" dev="loop4" ino=15 res=1 errno=0
[  217.279120][   T30] audit: type=1800 audit(1753727862.320:73): pid=7907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.734" name="file1" dev="loop4" ino=15 res=0 errno=0
[  217.611508][ T7912] loop3: detected capacity change from 0 to 128
[  217.631880][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.750128][   T30] audit: type=1800 audit(1753727862.830:74): pid=7912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.738" name="file1" dev="loop3" ino=1048614 res=0 errno=0
[  218.052400][ T7780] veth0_vlan: entered promiscuous mode
[  218.079607][ T7914] bio_check_eod: 102 callbacks suppressed
[  218.079629][ T7914] syz.3.738: attempt to access beyond end of device
[  218.079629][ T7914] loop3: rw=0, sector=121, nr_sectors = 8 limit=128
[  218.129560][ T7780] veth1_vlan: entered promiscuous mode
[  218.302784][   T49] kworker/u8:3: attempt to access beyond end of device
[  218.302784][   T49] loop3: rw=1, sector=129, nr_sectors = 912 limit=128
[  218.322115][ T7780] veth0_macvtap: entered promiscuous mode
[  218.357886][ T7780] veth1_macvtap: entered promiscuous mode
[  218.471552][ T7780] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.524630][ T7780] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.568740][ T7780] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.583459][ T7780] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.621985][ T7780] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.651450][ T7780] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.854478][ T5864] Bluetooth: hci1: command tx timeout
[  219.020442][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.054037][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.168528][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.195734][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.250321][ T7918] loop4: detected capacity change from 0 to 40427
[  219.299540][ T7918] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  219.335104][ T7918] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  219.736765][ T7918] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  219.766490][ T7918] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  220.432993][ T7965] loop3: detected capacity change from 0 to 2048
[  220.444405][ T7965] EXT4-fs: Ignoring removed mblk_io_submit option
[  220.486616][ T7965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.590359][ T7965] overlayfs: fs on './file0/../file0' does not support file handles, falling back to index=off,nfs_export=off.
[  220.629862][ T7965] evm: overlay not supported
[  220.907822][ T5853] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.943691][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  221.295519][ T7988] overlayfs: failed to clone upperpath
[  221.543930][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  221.708863][ T7995] netlink: 'syz.5.767': attribute type 1 has an invalid length.
[  221.916317][ T7995] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.979344][ T8001] loop4: detected capacity change from 0 to 256
[  222.013373][ T8001] FAT-fs (loop4): bogus number of FAT sectors
[  222.036874][ T8001] FAT-fs (loop4): Can't find a valid FAT filesystem
[  222.174517][ T8006] 
[  222.176899][ T8006] ======================================================
[  222.183979][ T8006] WARNING: possible circular locking dependency detected
[  222.191027][ T8006] 6.16.0-syzkaller #0 Not tainted
[  222.196071][ T8006] ------------------------------------------------------
[  222.203104][ T8006] syz.6.770/8006 is trying to acquire lock:
[  222.209016][ T8006] ffff88802682c188 (&set->update_nr_hwq_lock){++++}-{4:4}, at: blk_mq_update_nr_hw_queues+0x32/0xcb0
[  222.219973][ T8006] 
[  222.219973][ T8006] but task is already holding lock:
[  222.227430][ T8006] ffff88802682c230 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x150/0xda0
[  222.236392][ T8006] 
[  222.236392][ T8006] which lock already depends on the new lock.
[  222.236392][ T8006] 
[  222.246795][ T8006] 
[  222.246795][ T8006] the existing dependency chain (in reverse order) is:
[  222.255820][ T8006] 
[  222.255820][ T8006] -> #2 (&nbd->config_lock){+.+.}-{4:4}:
[  222.263676][ T8006]        __mutex_lock+0x199/0xb90
[  222.268764][ T8006]        refcount_dec_and_mutex_lock+0x51/0xc0
[  222.275049][ T8006]        nbd_config_put+0x31/0x750
[  222.280192][ T8006]        nbd_release+0xb7/0x190
[  222.285071][ T8006]        blkdev_put_whole+0xb0/0xf0
[  222.290317][ T8006]        bdev_release+0x47e/0x6d0
[  222.295378][ T8006]        blkdev_release+0x15/0x20
[  222.300449][ T8006]        __fput+0x402/0xb70
[  222.304971][ T8006]        fput_close_sync+0x118/0x260
[  222.310269][ T8006]        __x64_sys_close+0x8b/0x120
[  222.315482][ T8006]        do_syscall_64+0xcd/0x4c0
[  222.320525][ T8006]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.326965][ T8006] 
[  222.326965][ T8006] -> #1 (&disk->open_mutex){+.+.}-{4:4}:
[  222.334832][ T8006]        __mutex_lock+0x199/0xb90
[  222.339892][ T8006]        __del_gendisk+0xf5/0xbd0
[  222.344935][ T8006]        del_gendisk+0x13e/0x1e0
[  222.349885][ T8006]        loop_control_ioctl+0x4f1/0x630
[  222.355469][ T8006]        __x64_sys_ioctl+0x18e/0x210
[  222.360779][ T8006]        do_syscall_64+0xcd/0x4c0
[  222.365831][ T8006]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.372265][ T8006] 
[  222.372265][ T8006] -> #0 (&set->update_nr_hwq_lock){++++}-{4:4}:
[  222.380733][ T8006]        __lock_acquire+0x126f/0x1c90
[  222.386146][ T8006]        lock_acquire+0x179/0x350
[  222.391186][ T8006]        down_write+0x92/0x200
[  222.395973][ T8006]        blk_mq_update_nr_hw_queues+0x32/0xcb0
[  222.402266][ T8006]        nbd_start_device+0x172/0xcd0
[  222.407661][ T8006]        nbd_ioctl+0x219/0xda0
[  222.412442][ T8006]        blkdev_ioctl+0x277/0x6d0
[  222.417497][ T8006]        __x64_sys_ioctl+0x18e/0x210
[  222.422908][ T8006]        do_syscall_64+0xcd/0x4c0
[  222.427956][ T8006]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.434391][ T8006] 
[  222.434391][ T8006] other info that might help us debug this:
[  222.434391][ T8006] 
[  222.444625][ T8006] Chain exists of:
[  222.444625][ T8006]   &set->update_nr_hwq_lock --> &disk->open_mutex --> &nbd->config_lock
[  222.444625][ T8006] 
[  222.458878][ T8006]  Possible unsafe locking scenario:
[  222.458878][ T8006] 
[  222.466424][ T8006]        CPU0                    CPU1
[  222.471855][ T8006]        ----                    ----
[  222.477225][ T8006]   lock(&nbd->config_lock);
[  222.481835][ T8006]                                lock(&disk->open_mutex);
[  222.488978][ T8006]                                lock(&nbd->config_lock);
[  222.496105][ T8006]   lock(&set->update_nr_hwq_lock);
[  222.501320][ T8006] 
[  222.501320][ T8006]  *** DEADLOCK ***
[  222.501320][ T8006] 
[  222.509470][ T8006] 1 lock held by syz.6.770/8006:
[  222.514415][ T8006]  #0: ffff88802682c230 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x150/0xda0
[  222.523799][ T8006] 
[  222.523799][ T8006] stack backtrace:
[  222.529696][ T8006] CPU: 0 UID: 0 PID: 8006 Comm: syz.6.770 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  222.529736][ T8006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  222.529757][ T8006] Call Trace:
[  222.529770][ T8006]  <TASK>
[  222.529783][ T8006]  dump_stack_lvl+0x116/0x1f0
[  222.529822][ T8006]  print_circular_bug+0x275/0x350
[  222.529877][ T8006]  check_noncircular+0x14c/0x170
[  222.529930][ T8006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.529975][ T8006]  ? __entry_text_end+0x1020b6/0x1020b9
[  222.530016][ T8006]  __lock_acquire+0x126f/0x1c90
[  222.530077][ T8006]  lock_acquire+0x179/0x350
[  222.530105][ T8006]  ? blk_mq_update_nr_hw_queues+0x32/0xcb0
[  222.530162][ T8006]  ? __pfx___might_resched+0x10/0x10
[  222.530211][ T8006]  down_write+0x92/0x200
[  222.530246][ T8006]  ? blk_mq_update_nr_hw_queues+0x32/0xcb0
[  222.530300][ T8006]  ? __pfx_down_write+0x10/0x10
[  222.530337][ T8006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.530375][ T8006]  ? __mutex_lock+0x1ca/0xb90
[  222.530413][ T8006]  blk_mq_update_nr_hw_queues+0x32/0xcb0
[  222.530467][ T8006]  ? __pfx___mutex_lock+0x10/0x10
[  222.530502][ T8006]  ? trace_cap_capable+0x18d/0x200
[  222.530544][ T8006]  nbd_start_device+0x172/0xcd0
[  222.530582][ T8006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.530625][ T8006]  nbd_ioctl+0x219/0xda0
[  222.530662][ T8006]  ? __pfx_nbd_ioctl+0x10/0x10
[  222.530701][ T8006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.530739][ T8006]  ? find_held_lock+0x2b/0x80
[  222.530865][ T8006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.530912][ T8006]  ? __pfx_nbd_ioctl+0x10/0x10
[  222.530948][ T8006]  blkdev_ioctl+0x277/0x6d0
[  222.530993][ T8006]  ? __pfx_blkdev_ioctl+0x10/0x10
[  222.531040][ T8006]  ? __pfx_blkdev_ioctl+0x10/0x10
[  222.531086][ T8006]  __x64_sys_ioctl+0x18e/0x210
[  222.531126][ T8006]  do_syscall_64+0xcd/0x4c0
[  222.531163][ T8006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.531196][ T8006] RIP: 0033:0x7f59fab8e9a9
[  222.531223][ T8006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.531255][ T8006] RSP: 002b:00007f59fb914038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  222.531285][ T8006] RAX: ffffffffffffffda RBX: 00007f59fadb6080 RCX: 00007f59fab8e9a9
[  222.531307][ T8006] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003
[  222.531327][ T8006] RBP: 00007f59fac10d69 R08: 0000000000000000 R09: 0000000000000000
[  222.531347][ T8006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.531366][ T8006] R13: 0000000000000001 R14: 00007f59fadb6080 R15: 00007ffe873c4198
[  222.531399][ T8006]  </TASK>
[  222.807827][ T8008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.771'.
[  222.873776][ T8003] block nbd6: shutting down sockets
[  230.055907][ T5863] Bluetooth: hci4: command 0x0406 tx timeout
[  230.055933][ T5858] Bluetooth: hci3: command 0x0406 tx timeout
[  230.055954][ T5862] Bluetooth: hci0: command 0x0406 tx timeout
[  230.068039][ T5858] Bluetooth: hci2: command 0x0406 tx timeout