last executing test programs:

6m19.594209785s ago: executing program 32 (id=407):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c)
r1 = socket$inet6(0x10, 0x2, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='westwood\x00', 0x9)
sendto$inet6(r1, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)

5m0.66442298s ago: executing program 33 (id=796):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYBLOB="055b7d"], 0x14}}, 0x40000)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000200), r1)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="1d32000000000000000010"], 0x30}}, 0x0)

3m55.051670321s ago: executing program 34 (id=1069):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="10010000", @ANYRES16, @ANYBLOB="c88845e7e05ae52d00009300000008001317"], 0x1c}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})

3m14.23085961s ago: executing program 7 (id=1454):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e20, @loopback}, 0x5, 0x0, 0x2}}, 0x2e)
close(r2)

3m14.04831405s ago: executing program 7 (id=1456):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

3m13.806845597s ago: executing program 7 (id=1459):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x7, r2, 0x2030000, 0x10000, 0x0, 0x5, 0x19575c, 0x3029fa, 0xfffffffffffffdfd})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000040)={0x18, r1})

3m13.209173259s ago: executing program 7 (id=1465):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x3810082, &(0x7f0000000280)=ANY=[@ANYBLOB='undelete,gid=', @ANYRESDEC=0x0, @ANYBLOB=',gid=forget,rootdir=00000000000000001055,iocharset=cp864,unhide,gid=ignore,mode=00000000000000000000001,anchor=00000000000000000000,\x00'], 0x1, 0xc3c, &(0x7f0000002680)="$eJzs3U9sHNd9B/DfGy7Fld1WTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpVlIRRzC8CVuFIXpkiCpBrZSAumlx56CFAUPeREoDUKpGhgNIXRI9O6QHLxocipJ6KFjaDogS0C5BSwmNm34pKibEUkJUr6fGzquzvz3ux789YzsqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN979dzxE+lBtwIAuJ8ujH/1+En3fwB4rFzy//8AAAAAAAAAAAAAALDfpSjiqUgxd2EtTVbvu+rnO4M3bk6Mjm1f7WCqag5U5cuf+omTp05/6cWRM70835n5iPq77bPx+vilc41XZq/PzbcXFtpTjYmZzpXZqfZdH2Gn9bc6Wp2AxvU3bkxdvbrQOPnCqU27bw5/OPTk4eGzI88de7ZXdmJ0bGx8o0i9v3ztnhvSdacZHgeiiGOR4vnv/SS1IqKInZ+L+v0d+60OVp04WnViYnSs6sh0pzWzWO682DsRRUSjr1Kzd462H4uoDd7XPtxZM2KpbH7Z4KNl98bnWvOty9PtxsXW/GJnsTM7czF1W1v2pxFFnEkRyxGxOnT74QajiFqk+M6htXQ5IgZ65+GL1cTgO7ej2MM+3oWynY3BiOXiIRizfWwoingtUvz0vSNxJV9nqmvNFyJeK/PdiLfLfDkilV+M0xEfbPM94uFUiyL+ohz/s2tpqroe9K4r57/W+MrM1dm+sr3ryi94f7jtSvGA7g8Ht+T9sc+vTfUoolVd8dfSvf9mBwAAAAAAAAAAAAAAAIDddjCK+EykePXf/7iaVxzVvPRDZ0d+f/iX++eMP/MxxynLvhARS8Xdzck9kCcGXkwXU3rAc4kfZ/Uo4k/i3Wr+37cedGMAAAAAAAAAAAAAAAAAAAAea0X8OFK89P6RtBz9a4p3Zq41LrUuT3dXhe2t/dtbM319fX29kbrZzDmZcynncs6VnKs5o8j1czZzTuZcyrmccyXnas4YyPVzNnNO5lzKuZxzJedqzqjl+jmbOSdzLuVczrmSczVn7JO1ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHiVFFPHzSPHtb6ylSBHRjJiMbq4MPejWAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACloVTE9yNF4w+at7bVIiJV/3YdKX85Hc0DZX4ymiNlvhzNczlbVdaa33oA7WdnBlMRP4oUQ/V3bg14Hv/B7rtbX4N4+5sb7z5b6+ZAb+fwh0NPHj50dmTs15650+u0XQOOnu/M3LjZmBgdGxvv21zLn/7Jvm3D+XOL3ek6EbHw5ltvtKan2/P3/qL8Cuyg+kP0ItX2pqdD+6WDXmx+EbV90YwH03ceA+X9/4NI8dvv/0fvht+9/9fjl7rvbt3h42d/unH/f2nrge7y/l/bWi/f/8t7+nb3/6f6tr2UfzcyWIuoL16fGzwcUV94861jneuta+1r7ZnTx49/eWTky6eODx6IqF/tTLf7Xu3K6QIAAAAAAAAAAAAAAAC4f1IRvxspWj9aS42IuFnN1xo+O/LcsWcHYqCab7Vp3vbr45fONV6ZvT43315YaE81JmY6V2an2nf7cfVqutfE6NiedOZjHdzj9h+svzI79+Z859ofLW67/4n6ucsLi/OtK9vvjoNRRDT7txytGjwxOlY1errTmqmqXtx2Mv0vbjAV8Z+R4srpRvp83pbn/2+d4b9p/v/S1gPt0fz/T/RtKz8zpSJ+Fil+6y+fic9X7XwibjtnudzfRoqjZz6Xy8WBslyvDd3nCnRnBpZl/zdS/OPPN5ftzYd8aqPsibs+sQ+JcvwPRYrv//l349fzts3Pf9h+/J/YeqA9Gv+n+7Y9sel5BTvuOnn8j0WKl596J34jb/uo53/0nr1xJBe+9XyOPRr/T/VtG86f+5u703UAAAAAAAAAAICH2mAq4u8ixQ/GaunFvO1u/v7f1NYD7dHf//p037ap3Vmv6GNf7PikAgAAAMA+MZiK+HGkuLb4zq051Jvnf/fN//ydjfmfo2nL3urP+X6lem7Abv75X7/h/LmTO+82AAAAAAAAAAAAAAAAAAAA7CspFfFiXk99sprPn7ZZ3L1bbiVSvPrfz/fKHY5io+hw9Wv9wuzMsXPT07NXWouty9Ptxvhc60q7rPt0pFj7m8/lukW1vnpvvfnuGu8ba7HPR4qxv++V7a7F3lub/Ole2aX2ibLsJyLFf/3D5rK9daw/tXHck2XZv44UX//n7cse3ih7qiz73Ujxw683emWfKMv2no/66Y2yL1yZLXZ7SAAAAAAAAAAAAAAAAAAAAHgMDaYi/ixS/M/15Vtz+fP6/4N9bytvf7Nvvf8tblbr/A9X6//f6fW9rP9fPVdg6U6fCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj6YURbwVKeYurKWVofJ9V/18Z+bGzYnRse2rHUxVzYGqfPlTP3Hy1OkvvThyppcfXX+3fSZeH790rvHK7PW5+fbCQnuqMTHTuTI71b7rI+y0/lZHqxPQuP7GjamrVxcaJ184tWn3zeEPh548PHx25Lljz/bKToyOjY33lakN3vOn3ybdYfuBKOKvIsXz3/tJ+sFQRBE7Pxcf893ZawerThytOjExOlZ1ZLrTmlksd17snYgiotFXqdk7R/dhLHakGbFUNr9s8NGye+NzrfnW5el242JrfrGz2JmduZi6rS3704gizqSI5YhYHbr9cINRxBuR4juH1tK/DEUM9M7DFy+krx4/eed2FHvYx7tQtrMxGLFcfNSYbdNhNhmKIv4pUvz0vSPxr0MRtej+xBciXivz3Yi3ozveqfxinI74wGl9ZNSiiP8rx//sWnpvqLwe9K4r57/W+MrM1dm+sr3ryub7w0A8dPeH+2mf30/qUcQPqyv+Wvo3/10DAAAAAAAAAAAAAAAA7CNF/GqkeOn9I6maH3xrTnFn5lrjUuvydHdaX2/uX2/O9Pr6+nojdbOZczLnUs7lnCs5V3NGkevnbJZZX1+fzO+Xci7nXMm5mjMGcv2czT/Mjcrvl3Iu51zJuZozarl+zmbOyZxLOZdzruRczRn7ZO4eAAAAAAAAAAAAAAAAAADwaCmqf1J8+xtraX2oWl96oLdvxXqgj7z/DwAA//9cO/Ma")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
write$uinput_user_dev(r0, &(0x7f0000000640)={'syz0\x00', {0x3, 0x6, 0x7}, 0x49, [0x3, 0x0, 0x4, 0x1, 0x1, 0x5, 0xfb, 0x3, 0x8, 0xf, 0x7, 0x3, 0xfffffffe, 0x101, 0x400, 0x3, 0x4, 0x3, 0x8, 0x4, 0xfc, 0xfffffffe, 0x2, 0x100, 0x8000, 0xfff, 0x400, 0x0, 0x5, 0x401, 0x9, 0x3, 0x10, 0x3, 0x4, 0x0, 0x27, 0x7, 0x0, 0x8, 0x1192, 0x8, 0x5, 0x8, 0x7, 0x2, 0x10001, 0x7, 0x2b2, 0x4, 0x1ad0, 0x1, 0x6, 0x1, 0xedbe, 0x4, 0x2, 0x7, 0xa3, 0xfffffff8, 0x6, 0x80, 0x2, 0x81], [0x1, 0x8001, 0x563, 0x2, 0x0, 0x0, 0x4, 0x854f000, 0x2, 0x93, 0xfffffff6, 0xd2, 0x8b, 0x8ab, 0x3, 0x2a6d2895, 0x5, 0x3, 0x100, 0x1, 0x6, 0x200, 0x5, 0x7, 0x4a63, 0x5, 0x9, 0x8, 0x0, 0x9, 0x4, 0xf, 0x7, 0x401, 0x7, 0x8, 0x8000, 0xff, 0x4, 0xb0f, 0x8001, 0xdfcf, 0xc1f40800, 0x9, 0x2, 0x2, 0x6, 0x0, 0x9, 0xf, 0x0, 0x2, 0xfffff2a1, 0x9, 0x3cb, 0x5bda, 0x1, 0xdefe, 0x7, 0x7, 0x4, 0x524, 0x8001, 0x1], [0x6, 0x4, 0x7, 0xe000, 0x7, 0x3, 0x23, 0xc, 0x2, 0x4, 0x6, 0xfffffff8, 0x9, 0x300000, 0x80000001, 0x4, 0x8, 0x4, 0xd, 0x9, 0x8001, 0x2, 0x2, 0x4, 0x7, 0x1, 0x6, 0x2, 0x400, 0x20400, 0xff, 0x166, 0x7, 0xc8f, 0x3, 0x8, 0x3, 0x1, 0x1000, 0x7fffffff, 0x9, 0x8, 0x1000, 0x10, 0x6, 0xfeb, 0x100, 0x8, 0x3ff, 0x39, 0xa18858f, 0x9, 0x1, 0x9, 0xffc00000, 0x7, 0x4, 0x9, 0x4, 0x3, 0xfffffffd, 0x40, 0x5ff, 0x3a], [0xaeaf, 0x6, 0x2, 0x7ff, 0x3ff, 0x800, 0x8, 0x6, 0x1, 0x5, 0x9, 0x10000, 0x8a4, 0x5, 0xdd, 0xb5, 0x2, 0x1, 0x2, 0xcb32, 0x3, 0xf018, 0x9, 0x0, 0xda19, 0x80000001, 0x10001, 0x0, 0x4, 0x0, 0x5, 0xcc1, 0x8, 0x3, 0x2, 0xb, 0x3, 0x1, 0x0, 0xb7b, 0xffffff4a, 0x4, 0x7886, 0xbf8d, 0x9, 0x46dc, 0x1, 0x40, 0x9, 0x9, 0x10001, 0x1, 0x8, 0x10, 0x770, 0x0, 0x10001, 0x3ff, 0x5, 0x7, 0x8, 0x7d1, 0x1, 0x8]}, 0x45c)

3m12.568596238s ago: executing program 7 (id=1471):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="180000000000000017010fff03000000010000000000000000000000000000001701000002000000000000007005baa38d33e2e1650de8f13f421b2d4b60252e76171216e42961c3b08d4d3dacb0a7089ff7cbfd613d46fa95d6e2f6e76ac3266c9b1a531c4bcf0e7071f117cca4e883b4a6eb5dee7a9ab4d05d7ee311ab1c55b817285e0c3714ee6137e3b8553de667701a7c93437583b5f0b285a188098c1ac4ebac40b315ff8db6f736992497879a42b95248fed4d4888970573d0e88ceead26d97e172588a3ad30fbd01b7bbeeaa668e835f7ae3113fe2d949bb47bc0b2c62541714cc0538601ae4bab19d69a5addee134dd447034da6dd89704603d31a3d25b9d5f46cfd43d9e29aac7422920d98e1463256bd4cc929373ad9000000000faf6a95a04ad3b9db9b230f8224a3d6db187a94e5dadfe181d20d3a4bd08e8b0e6eeb79fdee230dd852a36dfc9046d03b8f316b2d460ca5d08c515d914db8ce430ea0237911c440ee750fe787aaffa83b809651c529e4cf68c8219a827ea003c59e3e51b00cd7f9464f37be2eb3e1475819ad37edcc238b85ab205a2b394916815d9cf7bf3f8e3d19a4697756299e21f2afd3ae31e0f09b8153965635216de47156f4e5fc97cb04f9c5e13256be1d9e0a94f9c6387940de1bcd7b532d16ebba216601cf23be6a7c259550bd059a5a7aee85eb558de8201c1d9c7b29e27313f61cf0b07dd790071bdbceabdd32ce2bcc279b1575a1431b03e5dc37307d15a2782175c87dad1a3aadf48b382bea4ae0b423edee0e12ada4c1dacc40bf387630792ab5c7ed6e2ef7e8a77268b0ff8978ccddfa8da4521d24b3fddc70d181c20caa9a584df9b2e"], 0x18}], 0x4924924924924fd, 0x0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

3m11.949667119s ago: executing program 7 (id=1474):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x110, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r0, 0x32, &(0x7f00000000c0)=@un=@abs={0x1, 0x0, 0x4e20}})
io_uring_enter(r1, 0x3516, 0x483, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x1000, 0x8000, 0x40024e}, 0x0, 0x0)

3m11.429254293s ago: executing program 35 (id=1474):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x110, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r0, 0x32, &(0x7f00000000c0)=@un=@abs={0x1, 0x0, 0x4e20}})
io_uring_enter(r1, 0x3516, 0x483, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x1000, 0x8000, 0x40024e}, 0x0, 0x0)

2m42.417727037s ago: executing program 6 (id=1647):
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000280)={0xaa, 0x28})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})

2m40.362988754s ago: executing program 6 (id=1663):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r1, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x10)
set_robust_list(&(0x7f00000000c0)={0x0, 0x8}, 0x18)

2m39.982713896s ago: executing program 6 (id=1669):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x55)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000040)={0x4, 0x0, 0x3, 0x1d, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a2666343392fda11504800f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a90139264a9ee8081973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})

2m39.514133192s ago: executing program 6 (id=1674):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

2m39.27872954s ago: executing program 6 (id=1676):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000019c0)=ANY=[@ANYBLOB="1c00000e"], 0x73)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)

2m38.585474942s ago: executing program 8 (id=1681):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x0)

2m38.585331545s ago: executing program 6 (id=1682):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x402}}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000280)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4)

2m37.499733171s ago: executing program 36 (id=1682):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x402}}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000280)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4)

2m37.485940914s ago: executing program 8 (id=1685):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='lp\x00', 0x3)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x8, @empty}, 0x1c)
shutdown(r0, 0x1)

2m37.10299852s ago: executing program 8 (id=1686):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$inet(r1, &(0x7f0000002f40)={0x0, 0x0, 0x0}, 0x20000000)
recvmmsg$unix(r1, &(0x7f0000003740)=[{{0x0, 0x0, &(0x7f0000001b00)=[{&(0x7f0000000680)=""/237, 0xed}], 0x1}}], 0x1, 0x42, 0x0)

2m36.891425543s ago: executing program 8 (id=1689):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

2m36.554363024s ago: executing program 8 (id=1692):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000002c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c726573765f6c6576656c3d30303030303030303030303030303030303030302c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c646174613d77726974656261636b2c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00149e0cb4c679a55808f10855fc0d9b9d7241cc60c5c0b35a9ce6bd73d50a863d736b7f64cdbf2582b25c868128f5a0c3ca71ea7a85f79743e17bbb3291a3c43eb49fcfcab9a806f939773a5895370494ec438f24b77c23cb13a0c7c11503d4e4a25d5e8142cc163f75ca2557bc5b3dd2856dbf2f4fbffb092b1a8d3f410d0daefab8a2f41a23713a02fa9349bc76bc637fe28f733ee38a6de0e2174f54e7f4ebc705a06c4b7d76bcc94f8985dbf4791afe238c9f24f48c0f98d3898ad1f3597c15fdc241ce161617ca162b1d4a17900f12843677d372e706"], 0x1, 0x443b, &(0x7f0000010200)="$eJzs3c9PXNUeAPBzL7SFvrYP+rroS17yJnlNnlFDoCuVGimlpdBiTbWNcTMdYNqiA9PAYFx0gbsmrkxcGBeNJu5YNSzc1j/Bjcu6bqILNyYmjZiZuQPcy0wYGwYk/XwW3Lnn1z0z33vPPXdxOXGicnduKTe3lCss5Mozt5fO5j4ul5bniyHeI02Pf2jvjk97OnGe7Pe59yK7duHSuzfPhvD97I9P19fX10NVd2hqaMvn3369P7N12xBn6lTbbd7abvkghHAq+Xw41Z+uEML734UQhRDOJ2mjybY3hHA81PNu3v/sVm6XevPoSfFc/tnUg7XhM5OrD9daf/cohK9K/371zvzP/+sa/unldA4AAAAAAAAAAAAAAAAAAC+q8evXbrwzOBQeR6F7Ndr+vu54sm31fuz6rvlv578sAAAAAAAAAAAAAAAAAAAA/E1tvv+fi042ef9/LNmOtKi//lbn+0jnTLx9bezi4FCy/vv2pcdfS5J+Od8V+pus+55d//18pn7z9d93b4nzRv8ax+0LUTyQ2o/jgYEQvkkWfj8dHY1L5aXKK7fLywuzu9aNAysd//rq/anoJAv6txv/0Uz7nV///1/bzqbq/i2r6LclHf+uluW+/TRqK/4XMvX2Iv7P6dDu9uNgSse/u5bWu7XASH0AqMb/8+6d4z+Wab9T8T8RQshF1b7mUiNAdQ5TTW81XyEtHf/6JZEaOpMfstX1/3sm/hcz7e/X+L+SvRHRVDr+h2tpPakSm9d/f7zz9X8p0/5+xL/a/xX3/7ak43+kntidKlL7Jdsd/8cz7Xcq/jfipJ8notQZsBrV01v9vzrS0vHv2Za/+fwXtzX/u5ypv1fPf7XjvlndqT//NYb/l6L68x/NpePf27Jcu9f/RKZep8f/kdr8j+eVjv/RWlp67txX+9tu/Ccz7Xcq/rVZSU8j/pvjyR9H6ulfp+Z/HvVaScf/H/XEeGuJldrf2vwv2nn+fyXT/n7M/6r9X4lb14h29Q50sKXjf6xluWr8f2jj/n81U6/z8Q9hUDCfWzr+x1uWq13/PTvHfypTr9Px/38nGwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AEaTbV+I4oHUfhwPDIRwIdk/HY5G04XZ/HSpPPPRUghjSXounIzulMrThVJ+bqE8W8wXSqXyTAgXk/xToSdaKpUr+fnCvUsbbfVGd4uFxcp0sVAJIYwn6f8JxxttTc9V5gv3QgiXN/L+GZcX790tLORn5xbfGBwcHAwTG33oj4qfVIoLlfrR67khTG7U7Yu2dK6WfWWjL8eiD8vLiwuFUi396pY6pfJMobSlzlSS90XojyqLywszhUoxXyrfaRxvP40k27GJ6+9dvzq0Lf9WVN+O7m23AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiLHg+//mUIobu+F4cQRhofomblHz0pnss/m3qwNnxmcvXh2tNW5QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwi4dozQQRGEAfjMWaucxrJbdznZFES1cETyBHsPD6FG8hHdIkSJtihBIZiFsdmGbpPq+5sH8zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgnqf37uOtbiJSXG0uI/6+/heH+UupP/fj9y/OMCOn8/zaPTzWTfn3dJTflaNlm3fpevX9GSO19zvYk+E+7fV9rifnmtq3qfn6vjeRchURbclvU85VNe8tAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W0fRtwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AoAAP//6vAfUQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20000, 0x0, 0x0, 0x0, &(0x7f0000000100))
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
link(0x0, 0x0)

2m34.746090431s ago: executing program 8 (id=1700):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0xb00000000000000, &(0x7f0000004080)=@base={0x8, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffd, 0x4}, 0x50)

2m34.134647701s ago: executing program 37 (id=1700):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0xb00000000000000, &(0x7f0000004080)=@base={0x8, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffd, 0x4}, 0x50)

1m3.758943226s ago: executing program 5 (id=2299):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r0, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r1, 0x104, 0x6, &(0x7f00000000c0), 0x4)

1m3.211573213s ago: executing program 5 (id=2300):
io_uring_setup(0x194e, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0})
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x4000000, 0x0, 0x1, 0x10d}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1m3.131977405s ago: executing program 5 (id=2301):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x20000000005, 0x21}, 0xd8)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x240087f9, &(0x7f0000000100)={0x2, 0x4e23, @loopback}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

1m3.036558729s ago: executing program 5 (id=2302):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

1m2.862231269s ago: executing program 5 (id=2304):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000080), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000040)=@gcm_256={{0x304, 0x36}, '\x00', "a5fdeb69a751e94df53ad7e900de4c164e071a0000000000007b443803cf578f", '\x00', "066580001e00"}, 0x38)
setsockopt$inet6_tcp_int(r0, 0x11a, 0x4, &(0x7f0000000100), 0x1)

1m1.859116334s ago: executing program 5 (id=2309):
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, 0x0, 0x4, 0x2, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008044)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

1m1.215493102s ago: executing program 38 (id=2309):
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, 0x0, 0x4, 0x2, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008044)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

41.849511807s ago: executing program 2 (id=2311):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x33)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000dc0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f00000000c0)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x25, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)

41.411495157s ago: executing program 2 (id=2463):
socket(0x10, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x20a02, 0x0)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

40.288745974s ago: executing program 2 (id=2475):
socket$l2tp6(0xa, 0x2, 0x73)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000680)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
socket$l2tp6(0xa, 0x2, 0x73)

39.809053861s ago: executing program 2 (id=2476):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x441, 0x14a)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
fallocate(r0, 0x20, 0x4000, 0x8000)

39.259117577s ago: executing program 2 (id=2480):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r0, 0xfffffffc)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, 0x0, 0x1, 0x40, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}]}]}, 0x30}}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

15.532937155s ago: executing program 2 (id=2480):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r0, 0xfffffffc)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, 0x0, 0x1, 0x40, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}]}]}, 0x30}}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

7.906127427s ago: executing program 0 (id=2649):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x511, &(0x7f0000000540)="$eJzs3cFvVE8dAPDv23Zp6a/8CspBjQoiioawbRdoCBfhojGExEg8eYDaLk3TXbbpLpFWDuXonUQST/onePNgwsmDN29684IHE1SioSYe1ry327K023b9dduF7ueTvL43M8t+Z7rMzL6B3QlgYJ2PiPWIOBERDyJiopWftI641TzSx71983Ru483TuSQajXv/SLLyNC/a/kzqk9ZzjkbED78X8ZNkZ9za6trSbLlcWmmlJ+uV5cna6tqVxVwrpzgzPTN14+r1Ys/aeq7ym9ffXbzzo9/99iuv/rj+7Z+l1Rr/+amsrL0dvdRsej7G2/KGI+LOYQTrk+HW3x8+Pmlv+1xEXMj6/0QMZa8mAHCcNRoT0ZhoTwMAx116/z8eSa7QWgsYj1yuUGiu4Z2NsVy5Wqtfnqg+fjQf2RrW6cjnHi6WS1OttcLTkU/S9HR2/S5dfC/9vHQ1Is5ExPORk1l5Ya5anu/nGx8AGGCfbJv//z3SnP8BgGNutN8VAACOnPkfAAaP+R8ABs//Mf/7dCAAHBPu/wFg8Jj/AWDw7Dv/PzuaegAAR+IHd++mR2Oj+f3Xm9/UfWW+VFsqVB7PFeaqK8uFhWp1oVwqzDUa+z1fuVpdnr62laytrt2vVB8/qt9frMwulO6X8ofZGACgK2fOvfxzOumv3zyZHdG2l4O5Go63XL8rAPTNUL8rAPSNz/PA4OriHt8yABxzHbbofc+u/0Xohc1f4WN16YvW/2FQHWT939oBfNw+2/r/d3peD+DomcNhcDUaiT3/AWDAWOMHDvTv/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCgxrMjyRWyvcDX05+5QiHiVEScjnzycLFcmoqITyPiTyP5kTQ93e9KAwAHlPtb0tr/69LExfHtpSeS/4xk54j46S/v/eLJbL2+Mp3m/3Mrv/4izT9ZXyme6EcDAIB2t3ZmZfN3sXVuu5F/++bp3OZxlFV8fbu5uWgad6N1NEuGYzg7j0Y+Isb+lbTSTen7laEexF9/FhFf2Gz/aDxpizCerYE0dz7dHj+Nfarn8dt//9vj595rby4rS8/57Hfx+R7UBQbNy9vNcbLV99Iu3up/uTifnTv3/9FshDq4dPxL+/XGjvEvtzX+De2In2R9/vxWeu+avL72++/vyGxMNMueRXxpuFP8ZCt+0nn8zV/sso1/+fJXL+xW1vhVxKWO7d/ckbqSDbOT9cryZG117cpiZXahtFB6VCzOTM9M3bh6vTiZrVE3f/6hU4y/37z86W7x0/aP7RJ/dO/2xze6bP+v//vgx1/bI/63vt759T+7R/x0Tvxml/Fnx27tun13Gn9+l/bv8/rH5S7jv/rr2nyXDwUAjkBtdW1ptlwurexzkb7X3O8xLrq/SO/tP4BqZBexHtGrJ8wWJSKi42PSd9QfRpMP6yL5MKrRi4t+j0zAYXvX6ftdEwAAAAAAAAAAAAAAYDe11bWlkc6f1urZRb/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPH1vwAAAP//tBrD+w==")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0x3fffffffffffe52, 0x10003, '\x00', [{0x0, 0x0, 0x700}, {0xffffffff}]})

6.737706384s ago: executing program 0 (id=2668):
syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1080c, &(0x7f0000000380)=ANY=[@ANYRES64=0x0, @ANYRES8=0x0, @ANYRESOCT, @ANYBLOB="d1794da8c0ccda034276e28a25c45c8e1eb8b595a37ffdfe7d2a8c3972a6931d2cbb0d8dc920bbde15d8790d46ccb3a5f36ff412236251d86334f17545ccae881f474bc02017144068c380d864a5ac3b7eece595a5144a114312ea2de35167e041e3d3031af83fbd71db410d6fe995f42f7b7e656c95a717cfe1a2530b521bba2d97ecedd3a946c1a6af44605dd2a18869d8b61be43a9ae03ca6d57db60bb92ef13470eaf1b64762134b61619a4d6d9e0db0f025e0b15bb6dac6823159acf2f8470e18be135d30e15d22e45fe9db22cdd8305a5ccef407c817", @ANYRES32, @ANYRES32, @ANYRESDEC, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRESOCT, @ANYRESOCT, @ANYRESOCT=0x0], 0x1, 0xa7a, &(0x7f0000000980)="$eJzs3UuMHEcZAODu3Z21nTh4HGxinJDYBJIIyG68a8zDgjiKL1gx4hYp4mI5TrBwDMKRIFEkbJ+4kcgyN8RDnHKJACGRC7Jy4hKJWOKSU+DAActIkThAgj1oZ6tmZ37PpGe9j97Z+T6ppqa7arqqZ3t6+1VVBTC2Jtqvjfbr5TcvHf3nQ//YtvD+8U6OZvt1qmtqIXeZpqfC8t6bXIxvvP/KyX5xWcy1X/P0ZNdn7yyK4nyxr7hSNIu9l6++9vbcU8cvHLu4/53XD19bg1UHAICx860rhw/u/ttf7t35wRv3Hym2dObn4/Nmmt6ejvuPpAP/hWiqzOcPS+cDZVfoNh3yTaUwEfJN9slXdOVr5Hxbez8Xy58Oy20MyLelovzJcI5ShvrAKMvbcbMoJ2Z6picmZmYWz8mL9nn9dDlz9vSZ587VVFFg1f37gaIo9gnCuIXWjs6PoPa61Be6vgWAWsX7hbc4H68srExnaVPDlX/9iYn+n+/VWM06Mj7We/tXflx+bz3Wu/yq9f/NhTVef8bK8FvT1jWtx2rL65V/R9vTdLyPEJ9fWu7+Jy9vMixv2AOAQfcRRuX+wqB6Tq5zPW7XoPrH7WKz+lqK8/fw9ZDe/fuJf9NR+RsD/f1nw13/37ZUudrrIgibO7Tq3PkA9ao4rY/PzbWSnB6f64vpWyrSt1akb6tIv6Mi/c6KdBhnv3/xp8WrZdG3PV6xeP7f/rEMez0sX2e7K8UfW2Z94vXI5V6Pi8/9LtdKy4/PE8NG9scTT5/68rPPXF18/r/sbP830/a+L00302/rSsqQrxfG6+qdZ/+bveVMDMh3d6jPXX3yt9/v6s1X7lpaTtG1n7mlHnt6P7djUL77evM1Q75tKcTDpXh8ckf4XD7+yPvV/H1NhfVthPWYDvXI+5WdKR6tuzFsVHl7HPT8f94+9xSN8rnTZ049lqbzdvrnycaWhfkH1rnewMoN2/5nT9Hb/md7Z35jonu/sGNpftm9X2iG+XMD5s+n6fx/7juT29rzZ05+78yzq73yMObOvfTyd0+cOXPqB9544403nTd175mAtTb74gvfnz330suPnn7hxPOnnj91dv7Qofm5uUNfmT842z6un+0+ugc2k6V/+nXXBAAAAAAAAAAAABjWD48dvfrXt7707mL7/6X2f7n9f37yN7f//0lo/x/byed28Lkd4M4+6e08oYPV6ZCvkcLHQ313hXJ2h899IsWdcfxS+/9cXOzXNdfnnjA/9t+b84XuBG7pL2U69EESxwv8dIovpvjXBdSo/Hn/2Smu6t86b+u5fwr9Uoym/HfL/Znkfkxy++9B/Trl/f/O/ov98WrXk9W1Hs0J615HoL9/bbj+v9ckLHX4WXtdus4Yaq+LsNHCjVartZ7ltVofNYqHsaaA9VP3+J/5umeOz/7pG1sXQs52/Yne/WXsvxRWou7xL2srP19YHNf1H7L81R7/szP+3dD7vzBiXvP2yv3vL66921VssXdg+VuKnvLj+ud+oHctr/wPUvl5bR4uBpXfu/6tX4Xy4w2hIX0Yyr9jyPLj+l9absGpwP+l8vPX9siDw5a/uIByorce8bpxvv8XrxtnN8L65749l7v+tztQ481UPoyzURlndrl6xv+90Fr/8X9XOMJQfA7ji2k67wjzcw5xvJPl1j8/X5H/D+wOyy8r/r8Z/3e0fTXFVb+HPP5v3h6bfaYnuqYbfb7bzbqvgVH13qrd/+t6Ym4D3EcRxieUtrnbDq1Wq9abfO4w1qvu77/u84S6y6/7+68Sx/+Nx/Bx/N+YHsf/jelx/N+Y3r6u+OHSoL3x+4rj/8b0OP5vTL8nlBvHB95Tkf7JivS9Fen3VqTfV5H+qYr0/RXp91ekP1CRfndF+oMV6Z8Jf/GY/tmKzz9Ukf7IR6fP/6ji85tdbo8yrusP4yy2z/P7h/GR7/8M+v3vqkgHRtfP3jjw5DO/+3Zzsf3/dOd6SL6PdyRNN9K5czxfitdPJlPaW2n67yF9o1/vgHES+8+I/98frkgHRld+zsvvG8ZQ2b/HnmH7rRp0nM9o+VyKP5/iL6T40RTPpHg2xQdSPLdO9WNtPPnbPxx+tVw6398R0od9njy2B4r9RM0PWZ94fWC5z7PHfvyWa6Xl32ZzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNpMtF8PHtxTFsXlNy8dffr46dmFOY93cjTbr1NdU43O54risRRPpviX6c2N91852R3fTHFZzBVlUXbmF9+83inpzqIozhf7iitFs9h7+eprb889dfzCsYv733n98LW1+wYAAABg8/t/AAAA//9N2hwq")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086e81, &(0x7f0000000080)={@id={0x2, 0x0, @a}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086e81, &(0x7f0000000340)={@desc={0x1, 0x0, @auto="896e70bc3fc61bfa"}})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x40086e81, &(0x7f0000000080)={@desc={0x1, 0x0, @desc3}})

6.44225613s ago: executing program 9 (id=2657):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000180)=@gcm_128={{0x303}, "d56d9847bfcb49e2", "16549f18408d640d012ebcc31bd9870b", "bcd58d40", "4f5b22bc20c62b22"}, 0x28)

6.153030353s ago: executing program 3 (id=2658):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x147}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

6.152712295s ago: executing program 9 (id=2659):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43, 0x0, 0xfffffffc}}, 0x2f)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41, 0x2, 0x1}, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r1)
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)={0x1c, r2, 0x1, 0x1d, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

5.886279152s ago: executing program 9 (id=2661):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000007c0)='children\x00')
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000002e40)={0x2020}, 0x2020)

5.885399058s ago: executing program 0 (id=2675):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r0 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
preadv2(r2, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)

5.587589562s ago: executing program 3 (id=2664):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000600)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x2, {0x1, 0x7, 0x9, 0x3}}, 0x7)

5.007367603s ago: executing program 3 (id=2666):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000008113b0ffbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103600000000001d300500000000004704000001ed00000f030000000000001d44020000000000620a00fe040400007203000000000000e500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a8641aa05a1336b3b4c4becea710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343cccc953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c9102"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

5.007156334s ago: executing program 9 (id=2667):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f080, 0x19})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x7, 0xfffffffd, &(0x7f0000000040))

3.648207678s ago: executing program 4 (id=2669):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000006"], 0x66)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x7, r1}, 0x38)

3.645515554s ago: executing program 0 (id=2684):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x5, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x9, 0x44, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x2, 0x5, 0xb1e, 0x20000d7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
syz_open_dev$vim2m(&(0x7f0000000040), 0x40005, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)

3.050947471s ago: executing program 3 (id=2671):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
syz_usb_connect$uac1(0x3, 0xa2, 0x0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
shutdown(r1, 0x1)

3.03713826s ago: executing program 0 (id=2687):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000340)={0x23, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @loopback}}}, 0x108)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000100)=0xe1)

3.035907178s ago: executing program 4 (id=2672):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x8b92, 0x100, 0x0, 0x1d}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000600)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4000044)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x60, 0x10, r0, 0x0, 0x0, 0x0, 0x200, 0x1, {0x1}})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

2.356237308s ago: executing program 9 (id=2676):
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x7000000)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)={0x0, 0x2000, 0x0, 0x0, 0x0, 0x3cd})
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
fcntl$setpipe(r0, 0x407, 0x1)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r1, 0x5760, 0x5e)

2.288494781s ago: executing program 4 (id=2677):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={r0, r0, 0x8, 0x0, &(0x7f0000000180), 0xb, 0x1, 0xc45, 0x1010, 0x3, 0x0, 0x8, 'syz0\x00'})
getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, &(0x7f0000000340)={'HL\x00'}, &(0x7f0000000380)=0x1e)
syz_emit_ethernet(0xa6, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x70, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "ffffffffff60000000000000"}]}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [{0x0, 0x2, "122b472e41e24b11f34b608816e5"}]}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000002e40)={@local, @random="7a28cd07effe", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x28, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [{0x0, 0x2, "122b472e41e24b11f34b608816e5"}]}}}}}}, 0x0)

1.929815859s ago: executing program 9 (id=2680):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)={[{@coherency_buffered}, {@heartbeat_none}, {@coherency_full}, {@commit={'commit', 0x3d, 0x4}}, {@heartbeat_none}, {@localflocks}, {@intr}, {@dir_resv_level={'dir_resv_level', 0x3d, 0x5}}, {@noacl}, {@resv_level={'resv_level', 0x3d, 0x1}}, {@journal_async_commit}, {@commit={'commit', 0x3d, 0xf9}}]}, 0x9, 0x442b, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzsLOwIaVsGDr53NgmOf38p159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4n2zb/6H965/2dOI6Oehr75/s6vmL7944E8L3sz8+WV9fXw9V3SERhWZDTb//9uu9meZjQxzSqu2GjvoghHByy7iqukII739X/xTnkrTR5NgbQjiWfMIb9z67mduj0Tx8XDybfzp1f2349OTqg7XWnz0K4avS/167Pf/zi13DP72yR90DAAAAAAAAAAAAAAAAAPCMG7929fo7g0PhURS6V6Ot7+uOJ8dW78eu75kXOv9hAQAAAAAAAAAAAAAAAAAA4G9q8/3/XHRim/f/x5LjSIv66291fox0zsTbV8cuDA4l+79HW/JfT5J+OdcV+rfZ9z27//u5TP3t93/f2s9uNcbX6LcvRPFA6jyOBwZC+CbZ+P1UdCQulZcqr94qLy/M7tkwnlnp+Nd3709FJ9nQv934j2ba7/z+///dcjVVz2/u3SX2XEvHv6tluW8/jdqK//lMvf2IP7uXjn93La23ucBIfQKoxv/z7p3jP5Zpv1PxPx5CyEXVseZSM0B1DVNNb7VeIS0d/0O1tNTUmfwhW93/v2fifyHT/kHN/yvZLyK2lY7/v2ppPakSm/d/f7zz/X8x0/5BxL86/hXf/21Jx/9wPbE7VaT2l2x3/h/PtN+p+F+Pk3Eej1JXwGpUT2/1/+pIS8e/Z0v+5vNf3Nb671Km/n49/zX6bTz/Nab/l6P68x/bS8e/t2W5du//iUy9Ts//I7X1H7uVjv+RWlp67dxX+9lu/Ccz7Xcq/rVVSU8j/pvzyR+H6+lfW/+1JR3/f9cT4+YSK7WftfVftPP6/3Km/YNY/1XHvxJ3ttfnRXP8u8LRluWq8f+hje//K5l6nY9/CIPW+ruWvv+PtSxXu/97do7/VKZep+P/UicbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgGjCbHvhDFA6nzOB4YCOF8cn4qHImmC7P56VJ55qOlEMaS9Fw4Ed0ulacLpfzcQnm2mC+USuWZEC4k+SdDT7RUKlfy84W7Fzfa6o3uFAuLlelioRJCGE/S/x+ONdqanqvMF+6GEC5t5P0nLi/evVNYyM/OLb45ODg4GCY2xtAfFT+pFBcq9d7ruSFMbtTti5oGV8u+vDGWo9GH5eXFhUKpln6lqU6pPFMoNdWZSvK+CP1RZXF5YaZQKeZL5duN/g7SSHIcm7j23rUrQ1vyb0b14+j+DgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv+jR8BtfhhC662dxCGGk8Uu0XfmHj4tn80+n7q8Nn55cfbD2pFU5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwi4dozQQRGEAfjMWaucxrJbdznZFES1cETyBHsPD6FG8hHdIkSJtihBIZiFsdmGbpPq+5sH8zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJjn6b37eKubiBRXm8uIv6//xWH+UurP/fj9izPMyOk8v3YPj3VT/j0d5XflaNnmXbpefX/GSO39DvZkuE97fZ/rybmm9m1qvr7vTaRcRURb8tuUc1XNewsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W0fRtwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/AgAA//+Elx0W")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xfffe82)
write$cgroup_type(r0, &(0x7f0000000200), 0x175d9003)

1.878862591s ago: executing program 1 (id=2682):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r1, 0xfffffffc)

1.814947882s ago: executing program 4 (id=2683):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002ec0000850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000008000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x1, 0x7}, 0x4)
setsockopt$packet_int(r1, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)

1.675852245s ago: executing program 1 (id=2685):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43, 0x0, 0xfffffffc}}, 0x2f)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41, 0x2, 0x1}, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r1)
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)={0x1c, r2, 0x1, 0x1d, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

1.513643325s ago: executing program 4 (id=2686):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000180)=@gcm_128={{0x303}, "d56d9847bfcb49e2", "16549f18408d640d012ebcc31bd9870b", "bcd58d40", "4f5b22bc20c62b22"}, 0x28)

1.489515392s ago: executing program 1 (id=2688):
r0 = socket$inet(0x2, 0x2, 0x0)
close(r0)
r1 = socket$inet(0x2, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f00000000c0)="a3", 0x1}], 0x1)
setsockopt$inet_opts(r1, 0x0, 0x9, &(0x7f0000000240)="ea00000100000000", 0xc)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000240), 0x0)

1.278194538s ago: executing program 1 (id=2689):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1.183193525s ago: executing program 4 (id=2690):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$TUNGETVNETLE(r0, 0x40047451, &(0x7f0000000180))

1.036213625s ago: executing program 1 (id=2691):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000400)=0x4000000)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140)={0x1, 0x0, [{0xb55cbc099b415d1, 0x34, &(0x7f00000003c0)=""/52}]})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af04, &(0x7f0000000200))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x2)

863.238351ms ago: executing program 1 (id=2693):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f080, 0x19})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x7, 0xfffffffd, &(0x7f0000000040))

529.742849ms ago: executing program 0 (id=2694):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e00000027f"], 0x14)

287.694591ms ago: executing program 3 (id=2695):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r0, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x2, 0x2000000000903, 0xb, 0x0, 0x9}, 0x20)

0s ago: executing program 3 (id=2696):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000800)=[{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000340)="7d7a68e25d38566c61856d6817441a9caa9b23557af3d00f974cd91d1b33a9d6e17fd477051346d814913f8a3ef2e1a781a2bbfc8d55dca693d39139f04047784190d93b5301b4abe27c9242396d40a5c2b7789629214281c8e09a6c1f1e0db5d1e74e1f27a89b2c25c2316fcddc9ff2a71eceb3094ba465389e", 0x7a}, {&(0x7f0000000080)="ce2ede98d4bde4b9a7931c4e260090a647151bacb721146be7ff4494578b05c18fc56c1571aa57d0f79d3ce5", 0x2c}, {&(0x7f0000000600)="5fec9dec1e9d48e2b3a02e29dcaadb6d242c08b8b6e2a34dd08e48e3d32aa2bf0bd42348d6bf39fd7dac80fedaaab8ff4258ecbc4e025305fab94303f773d083bb47da241fe082c8f8602308cd2f7dc846c93e62a8d53d22fcabce47b5531463290c970dccfaa7da3e4e457ea05fd85e6fcc1fcae56136f44b991100e3db7c750c3ccb3e01d6598d53d05ca7503d7430f3ff2b79ab629faa1dfb2d0899dd807d28174305bd600e50112aa4d0ec230a89b3078bb60a198eda7169d91005cda3fc9870956d72773b", 0xc7}, {&(0x7f0000000700)="c615271a9dc3c1d27eee864db95e0b71f8e472c141507cddcc8c5cd540e0d67c78a1965515323d75357cb0914b03d9b18c63ca3692399e0aa8be01a5b9883f1e4830cd8b777bb75c27cba21f087b8a8a92ba4353b5e825f3837bfcce5681589bd0ce90380fed43b1ebc4d4c4e3efe4c1a60e3d56753ebac731ddf0a80a42e71cd2fa58a5779bd29d2b7e65156607f7ca769417", 0x93}, {&(0x7f00000003c0)="67eadb57934b9ead1a77f2672409ae94cef03d84d8918fbc8bc6c19a9777c4b7da5a1b41f52f23758f9869f9c9ea21840ac15fee3e953d06dd8640bf6bc1eb14c2bd9dd7badaa075569fd4f318f86e8f5b92097982410cd8c0c9223e079a80d2e9e463eceb148e92b0fb46c9ed97f0a0266131fcb91743cd3ee4c0d2613cd05bc11cf811116e7f64395a5604ae686a4163f834a418887da942c013eff87a5e4e86d322e0c27066ae67765d27fd833f599f5d51f560f28bf8390706a9f86ea17be283cbe08d20ab6d8a694a45d6d6ed071f31621c712aae6d6dd4f43d9aaaa236c54a0e8601a827a115c5", 0xea}, {&(0x7f0000000180)="753a9e524dd27ba030d08f808bb67c", 0xf}, {&(0x7f00000002c0)="0ed92d29fe16a58cbede", 0xa}, {&(0x7f0000000980)="deac3d5cfe5dd9fdff61bfcd82298ed24cafbf1b3679e89d90f5b1fc7fda43b16bbc1408d0cb1907f85134d10bb809d2ae5af1508a0ebebb30561e2e172b9eb43699ce6e1e8ba8b0a06a788e8477deeb03af902730dbea0b46645bc89df517781b0009183d3fc771e1eabc5a01512de3647407840a494a89dfcb448d3aa8aabd9cc00827610b62b7eb1f36d52bad60da7163a854f672e110c61f4029db9875237315a1de00a9f547595eca7d001df2121effebe0afaa50b3c8a6", 0xba}, {&(0x7f0000000a40)="766ef1d071e3ad85b1c84125b50451d4ef151f083dadadeedec76642bfe1f08ee7b8e497857ffe02cb7611ac30aa9d0baacdc3b151573a72138886b1c92fb08ac390e9", 0x43}], 0x9}], 0x1, 0x48800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

kernel console output (not intermixed with test programs):

 0 UID: 0 PID: 10658 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  470.572449][T10658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  470.572485][T10658] Call Trace:
[  470.572498][T10658]  <TASK>
[  470.572514][T10658]  dump_stack_lvl+0x16c/0x1f0
[  470.572589][T10658]  f2fs_handle_critical_error+0x621/0x9f0
[  470.572647][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.572701][T10658]  ? f2fs_build_fault_attr+0x53/0x1f0
[  470.572760][T10658]  f2fs_write_end_io+0x785/0xc20
[  470.572830][T10658]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  470.572892][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.572943][T10658]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  470.572994][T10658]  bio_endio+0x70d/0x850
[  470.573042][T10658]  submit_bio_noacct+0x56d/0x1eb0
[  470.573112][T10658]  __submit_merged_bio+0x33c/0x770
[  470.573179][T10658]  __submit_merged_write_cond+0x319/0x3f0
[  470.573254][T10658]  f2fs_write_cache_pages+0x2067/0x2570
[  470.573359][T10658]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  470.573437][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.573489][T10658]  ? __lock_acquire+0x622/0x1c90
[  470.573575][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.573738][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.573795][T10658]  ? mod_memcg_lruvec_state+0x394/0x610
[  470.573881][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.573944][T10658]  f2fs_write_data_pages+0x4ad/0xd90
[  470.574025][T10658]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  470.574082][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.574137][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.574186][T10658]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  470.574244][T10658]  do_writepages+0x27a/0x600
[  470.574308][T10658]  ? __pfx_do_writepages+0x10/0x10
[  470.574362][T10658]  ? do_raw_spin_unlock+0x172/0x230
[  470.574404][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.574446][T10658]  ? _raw_spin_unlock+0x28/0x50
[  470.574500][T10658]  filemap_fdatawrite_wbc+0x104/0x160
[  470.574563][T10658]  __filemap_fdatawrite_range+0xb2/0xf0
[  470.574609][T10658]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  470.574711][T10658]  ? find_held_lock+0x2b/0x80
[  470.574759][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.574809][T10658]  ? do_raw_spin_unlock+0x172/0x230
[  470.574848][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.574896][T10658]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  470.574973][T10658]  block_operations+0x2a3/0xfd0
[  470.575034][T10658]  ? __pfx___schedule+0x10/0x10
[  470.575087][T10658]  ? __pfx_block_operations+0x10/0x10
[  470.575199][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.575241][T10658]  ? down_write+0x14d/0x200
[  470.575274][T10658]  ? __pfx_down_write+0x10/0x10
[  470.575310][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.575353][T10658]  ? rcu_is_watching+0x12/0xc0
[  470.575406][T10658]  f2fs_write_checkpoint+0x2b8/0x4c60
[  470.575472][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.575510][T10658]  ? kfree+0x2b4/0x4d0
[  470.575539][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.575585][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.575625][T10658]  ? rcu_is_watching+0x12/0xc0
[  470.575667][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.575706][T10658]  ? kthread_stop+0x273/0x650
[  470.575743][T10658]  kill_f2fs_super+0x3c2/0x470
[  470.575828][T10658]  ? __pfx_kill_f2fs_super+0x10/0x10
[  470.575883][T10658]  ? lockdep_hardirqs_on+0x7c/0x110
[  470.575953][T10658]  deactivate_locked_super+0xc1/0x1a0
[  470.575993][T10658]  deactivate_super+0xde/0x100
[  470.576030][T10658]  cleanup_mnt+0x225/0x450
[  470.576073][T10658]  task_work_run+0x150/0x240
[  470.576112][T10658]  ? __pfx_task_work_run+0x10/0x10
[  470.576148][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.576195][T10658]  ? __pfx___x64_sys_umount+0x10/0x10
[  470.576249][T10658]  exit_to_user_mode_loop+0xeb/0x110
[  470.576293][T10658]  do_syscall_64+0x3f6/0x4c0
[  470.576354][T10658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.576390][T10658] RIP: 0033:0x7f0d86f8fc57
[  470.576420][T10658] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  470.576455][T10658] RSP: 002b:00007fff21e30108 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  470.576489][T10658] RAX: 0000000000000000 RBX: 00007f0d87010925 RCX: 00007f0d86f8fc57
[  470.576514][T10658] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff21e301c0
[  470.576536][T10658] RBP: 00007fff21e301c0 R08: 0000000000000000 R09: 0000000000000000
[  470.576558][T10658] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff21e31250
[  470.576581][T10658] R13: 00007f0d87010925 R14: 0000000000072cba R15: 00007fff21e31290
[  470.576630][T10658]  </TASK>
[  471.032094][    C0] vkms_vblank_simulate: vblank timer overrun
[  471.125521][T10658] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  471.630311][T12792] XFS (loop9): Ending clean mount
[  471.644665][T12792] XFS (loop9): Quotacheck needed: Please wait.
[  471.764428][T12792] XFS (loop9): Quotacheck: Done.
[  471.883252][T10892] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  472.291582][T12876] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2072'.
[  472.371413][ T7590] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  472.535609][ T7590] usb 5-1: Using ep0 maxpacket: 16
[  472.560403][ T7590] usb 5-1: config 0 interface 0 altsetting 253 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  472.603456][ T7590] usb 5-1: config 0 interface 0 has no altsetting 0
[  472.635535][ T7590] usb 5-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[  472.675785][ T7590] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.705283][ T7590] usb 5-1: config 0 descriptor??
[  473.139926][ T7590] playstation 0003:054C:0BA0.001C: unknown main item tag 0x0
[  473.190990][ T7590] playstation 0003:054C:0BA0.001C: hidraw0: USB HID v7d.d9 Device [HID 054c:0ba0] on usb-dummy_hcd.4-1/input0
[  473.338634][ T7590] playstation 0003:054C:0BA0.001C: Failed to retrieve feature with reportID 18: -71
[  473.369140][ T7590] playstation 0003:054C:0BA0.001C: Failed to retrieve DualShock4 pairing info: -71
[  473.409261][ T7590] playstation 0003:054C:0BA0.001C: Failed to get MAC address from DualShock4
[  473.504321][ T7590] playstation 0003:054C:0BA0.001C: Failed to create dualshock4.
[  473.751428][T12911] loop9: detected capacity change from 0 to 32768
[  473.785789][ T7590] playstation 0003:054C:0BA0.001C: probe with driver playstation failed with error -71
[  473.807516][T12911] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.2083 (12911)
[  473.826502][T12911] BTRFS info (device loop9): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  473.836850][T12911] BTRFS info (device loop9): using xxhash64 (xxhash64-generic) checksum algorithm
[  473.846274][T12911] BTRFS info (device loop9): disk space caching is enabled
[  473.853542][T12911] BTRFS warning (device loop9): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  473.883625][ T7590] usb 5-1: USB disconnect, device number 3
[  474.004143][T12911] BTRFS info (device loop9): rebuilding free space tree
[  474.026401][T12911] BTRFS info (device loop9): disabling free space tree
[  474.033495][T12911] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  474.033928][T12911] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  474.040782][T12926] tls_set_device_offload: netdev not found
[  474.045125][   T30] audit: type=1326 audit(1752271449.956:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12898 comm="syz.5.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f447838e929 code=0x7fc00000
[  474.141134][T12911] BTRFS info (device loop9): balance: start -d -m
[  474.154773][T12911] BTRFS info (device loop9): relocating block group 6881280 flags data|metadata
[  474.327565][T12911] BTRFS info (device loop9): relocating block group 5242880 flags data|metadata
[  474.458994][T12911] BTRFS info (device loop9): balance: canceled
[  474.664951][T10892] BTRFS info (device loop9): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  474.957628][T12949] loop3: detected capacity change from 0 to 2048
[  474.982583][T12949] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  475.049368][T12955] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  475.428946][T12962] batadv_slave_0: entered promiscuous mode
[  475.467793][T12961] batadv_slave_0: left promiscuous mode
[  476.258838][T12997] loop3: detected capacity change from 0 to 128
[  476.266610][T12997] EXT4-fs: Ignoring removed nobh option
[  476.298153][ T6008] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  476.337770][T12997] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  476.377045][T12997] ext4 filesystem being mounted at /98/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  476.506057][ T6008] usb 5-1: Using ep0 maxpacket: 32
[  476.552399][ T6008] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  476.583167][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.609981][ T6008] usb 5-1: Product: syz
[  476.620270][ T6008] usb 5-1: Manufacturer: syz
[  476.643885][T10658] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  476.661997][ T6008] usb 5-1: SerialNumber: syz
[  476.679005][ T6008] usb 5-1: config 0 descriptor??
[  476.708992][ T6008] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  477.473182][T13031] loop9: detected capacity change from 0 to 512
[  477.607923][T13031] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  477.616629][T13035] netlink: 'syz.1.2116': attribute type 4 has an invalid length.
[  477.640945][T13031] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  477.697777][T13031] System zones: 0-1, 15-15, 18-18, 34-34
[  477.705263][T13042] netlink: 'syz.1.2116': attribute type 4 has an invalid length.
[  477.741522][T13031] EXT4-fs (loop9): orphan cleanup on readonly fs
[  477.815644][T13031] Quota error (device loop9): v2_read_header: Failed header read: expected=8 got=0
[  477.825123][T13031] EXT4-fs warning (device loop9): ext4_enable_quotas:7164: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  477.899829][T13031] EXT4-fs (loop9): Cannot turn on quotas: error -22
[  477.924948][ T6008] gspca_stk1135: reg_w 0xd err -71
[  477.931253][ T6008] gspca_stk1135: serial bus timeout: status=0x00
[  477.955736][ T6008] gspca_stk1135: Sensor write failed
[  477.961691][ T6008] gspca_stk1135: serial bus timeout: status=0x00
[  477.980226][T13031] EXT4-fs (loop9): 1 truncate cleaned up
[  477.992270][ T6008] gspca_stk1135: Sensor write failed
[  478.017637][ T6008] gspca_stk1135: serial bus timeout: status=0x00
[  478.024035][ T6008] gspca_stk1135: Sensor read failed
[  478.024845][T13031] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  478.052059][ T6008] gspca_stk1135: serial bus timeout: status=0x00
[  478.075504][ T6008] gspca_stk1135: Sensor read failed
[  478.102398][ T6008] gspca_stk1135: Detected sensor type unknown (0x0)
[  478.127055][ T6008] gspca_stk1135: serial bus timeout: status=0x00
[  478.157070][ T6008] gspca_stk1135: Sensor read failed
[  478.162395][ T6008] gspca_stk1135: serial bus timeout: status=0x00
[  478.205602][ T6008] gspca_stk1135: Sensor read failed
[  478.211020][ T6008] gspca_stk1135: serial bus timeout: status=0x00
[  478.241601][ T6008] gspca_stk1135: Sensor write failed
[  478.265561][ T6008] gspca_stk1135: serial bus timeout: status=0x00
[  478.293473][T13021] loop3: detected capacity change from 0 to 32768
[  478.303441][T10892] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  478.310162][ T6008] gspca_stk1135: Sensor write failed
[  478.346619][ T6008] stk1135 5-1:0.0: probe with driver stk1135 failed with error -71
[  478.378417][T13021] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2113 (13021)
[  478.399500][ T6008] usb 5-1: USB disconnect, device number 4
[  478.499152][T13021] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  478.565928][T13021] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  478.610906][T13021] BTRFS info (device loop3): using free-space-tree
[  478.917487][   T30] audit: type=1800 audit(1752271454.836:111): pid=13021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2113" name="file1" dev="loop3" ino=260 res=0 errno=0
[  479.183707][T10658] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  479.265526][ T7591] usb 10-1: new full-speed USB device number 6 using dummy_hcd
[  479.710240][T13104] loop4: detected capacity change from 0 to 32768
[  479.751652][ T7591] usb 10-1: config 0 has an invalid interface number: 128 but max is 0
[  479.765608][ T7591] usb 10-1: config 0 has no interface number 0
[  479.794133][ T7591] usb 10-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  479.818371][ T7591] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.845757][ T7591] usb 10-1: Product: syz
[  479.850073][ T7591] usb 10-1: Manufacturer: syz
[  479.854780][ T7591] usb 10-1: SerialNumber: syz
[  479.877799][T13056] loop0: detected capacity change from 0 to 32768
[  479.889640][ T7591] usb 10-1: config 0 descriptor??
[  479.930304][T13104] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  479.930351][T13104]   allowing incompatible features above 0.0: (unknown version)
[  479.930403][T13104]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  479.975489][T13104] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  479.983746][T13104] bcachefs (loop4): initializing new filesystem
[  480.005098][T13104] bcachefs (loop4): going read-write
[  480.020804][T13056] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2121 (13056)
[  480.086038][T13104] bcachefs (loop4): marking superblocks
[  480.106840][T13104] bcachefs (loop4): initializing freespace
[  480.119115][T13104] bcachefs (loop4): done initializing freespace
[  480.135961][T13104] bcachefs (loop4): reading snapshots table
[  480.141976][T13104] bcachefs (loop4): reading snapshots done
[  480.178288][T13056] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  480.216429][T13104] bcachefs (loop4): done starting filesystem
[  480.255263][T13056] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  480.295865][T13056] BTRFS info (device loop0): using free-space-tree
[  480.458648][ T7590] libceph: connect (1)[c::]:6789 error -101
[  480.459888][T11563] bcachefs (loop4): shutting down
[  480.467504][ T7590] libceph: mon0 (1)[c::]:6789 connect error
[  480.497032][T11563] bcachefs (loop4): going read-only
[  480.521946][T11563] bcachefs (loop4): finished waiting for writes to stop
[  480.571107][T11563] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  480.712318][T11563] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  480.744716][ T7590] libceph: connect (1)[c::]:6789 error -101
[  480.759325][T11563] bcachefs (loop4): clean shutdown complete, journal seq 4
[  480.767655][T11563] bcachefs (loop4): marking filesystem clean
[  480.787144][ T7590] libceph: mon0 (1)[c::]:6789 connect error
[  480.923630][T11563] bcachefs (loop4): shutdown complete
[  481.021081][ T5859] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  481.069769][ T7591] usb 10-1: non-Atmel transceiver xxxx3800
[  481.083239][T13122] ceph: No mds server is up or the cluster is laggy
[  481.291747][ T7591] usb 10-1: Firmware version (0.0) predates our first public release.
[  481.305479][ T7591] usb 10-1: Please update to version 0.2 or newer
[  481.334588][ T7591] usb 10-1: atusb_probe: initialization failed, error = -19
[  481.384854][ T7591] usb 10-1: USB disconnect, device number 6
[  482.498053][ T5850] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  482.512636][ T5850] Bluetooth: hci6: Injecting HCI hardware error event
[  482.523668][ T5861] Bluetooth: hci6: hardware error 0x00
[  482.647194][T13194] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2151'.
[  482.722332][T13194] netlink: 'syz.0.2151': attribute type 7 has an invalid length.
[  482.757195][T13194] netlink: 'syz.0.2151': attribute type 8 has an invalid length.
[  482.808907][T13194] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2151'.
[  482.910879][T13193] loop3: detected capacity change from 0 to 32768
[  483.298663][T13206] batadv_slave_0: entered promiscuous mode
[  483.337467][T13210] syz_tun: entered promiscuous mode
[  483.388150][T13204] syz_tun: left promiscuous mode
[  483.402903][T13204] batadv_slave_0: left promiscuous mode
[  483.538961][T13193] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  483.539009][T13193]   allowing incompatible features above 0.0: (unknown version)
[  483.539030][T13193]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  483.583843][T13193] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  483.592084][T13193] bcachefs (loop3): initializing new filesystem
[  483.608041][T13193] bcachefs (loop3): going read-write
[  483.650896][T13193] bcachefs (loop3): marking superblocks
[  483.665587][   T30] audit: type=1326 audit(1752271459.586:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13211 comm="syz.5.2157" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f447838e929 code=0x0
[  483.667186][T13193] bcachefs (loop3): initializing freespace
[  483.698217][T13193] bcachefs (loop3): done initializing freespace
[  483.709198][T13193] bcachefs (loop3): reading snapshots table
[  483.715183][T13193] bcachefs (loop3): reading snapshots done
[  483.760079][T13193] bcachefs (loop3): done starting filesystem
[  483.874522][T10658] bcachefs (loop3): shutting down
[  483.938680][T10658] bcachefs (loop3): going read-only
[  483.958593][T10658] bcachefs (loop3): finished waiting for writes to stop
[  484.023283][T10658] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  484.368682][T10658] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  484.437876][T10658] bcachefs (loop3): clean shutdown complete, journal seq 4
[  484.514680][T10658] bcachefs (loop3): marking filesystem clean
[  484.538777][T13241] loop9: detected capacity change from 0 to 32768
[  484.572182][T13241] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.2164 (13241)
[  484.656052][T13241] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  484.666331][T13241] BTRFS info (device loop9): using crc32c (crc32c-x86_64) checksum algorithm
[  484.675153][T13241] BTRFS info (device loop9): using free-space-tree
[  484.721132][T10658] bcachefs (loop3): shutdown complete
[  484.730815][ T5861] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  485.117160][   T30] audit: type=1800 audit(1752271461.046:113): pid=13241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2164" name="file1" dev="loop9" ino=260 res=0 errno=0
[  485.313602][T10892] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  486.755687][ T6008] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  486.978725][ T6008] usb 5-1: Using ep0 maxpacket: 16
[  486.998035][ T6008] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11
[  487.037888][ T6008] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  487.070879][ T6008] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  487.095586][ T6008] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  487.151770][ T6008] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  487.185595][ T6008] usb 5-1: config 1 interface 0 has no altsetting 0
[  487.198506][ T6008] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  487.210228][ T6008] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.258986][ T6008] ums-sddr09 5-1:1.0: USB Mass Storage device detected
[  487.542967][ T5861] Bluetooth: hci0: command 0x0406 tx timeout
[  487.571323][T13319] loop0: detected capacity change from 0 to 512
[  487.613963][T13319] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  487.636601][T13319] ext4 filesystem being mounted at /394/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  487.695517][ T6008] ums-sddr09 5-1:1.0: probe with driver ums-sddr09 failed with error -22
[  487.718002][ T6008] usb 5-1: USB disconnect, device number 5
[  487.823136][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.594259][T13374] loop0: detected capacity change from 0 to 32768
[  489.602519][T13374] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2200 (13374)
[  489.629900][T13374] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  489.641613][T13374] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  489.650458][T13374] BTRFS info (device loop0): disk space caching is enabled
[  489.657744][T13374] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  489.752442][T13388] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2204'.
[  489.787025][T13388] hsr_slave_0: left promiscuous mode
[  489.812329][T13388] hsr_slave_1: left promiscuous mode
[  489.876820][T13374] BTRFS info (device loop0): rebuilding free space tree
[  489.894112][T13374] BTRFS info (device loop0): disabling free space tree
[  489.902328][T13374] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  489.912090][T13374] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  489.943549][T13374] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  490.099234][T13401] loop9: detected capacity change from 0 to 1024
[  490.189074][T13401] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  490.199437][T13401] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (49802!=20869)
[  490.255605][T13401] EXT4-fs (loop9): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  490.289594][T13401] EXT4-fs error (device loop9): ext4_get_journal_inode:5796: inode #5: comm syz.9.2205: unexpected bad inode w/o EXT4_IGET_BAD
[  490.365895][T13401] EXT4-fs (loop9): no journal found
[  490.371176][T13401] EXT4-fs (loop9): can't get journal size
[  490.482291][T13401] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  490.836694][T10892] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.882685][T13416] loop0: detected capacity change from 0 to 512
[  491.001857][T13416] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  491.059617][T13416] EXT4-fs (loop0): orphan cleanup on readonly fs
[  491.150024][T13416] EXT4-fs error (device loop0): ext4_validate_block_bitmap:440: comm syz.0.2209: bg 0: block 248: padding at end of block bitmap is not set
[  491.206794][T13427] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2211'.
[  491.217753][T13416] Quota error (device loop0): write_blk: dquota write failed
[  491.236239][T13416] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  491.265671][T13416] EXT4-fs error (device loop0): ext4_acquire_dquot:6931: comm syz.0.2209: Failed to acquire dquot type 1
[  491.322683][T13416] EXT4-fs (loop0): 1 truncate cleaned up
[  491.343596][T13416] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  491.578812][T13430] loop3: detected capacity change from 0 to 4096
[  491.732179][T13432] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  491.835666][   T30] audit: type=1800 audit(1752271467.756:114): pid=13430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2212" name="file1" dev="loop3" ino=15 res=0 errno=0
[  491.856250][    C0] vkms_vblank_simulate: vblank timer overrun
[  491.880045][T13439] loop4: detected capacity change from 0 to 64
[  491.999648][T13439] hfs: unable to locate alternate MDB
[  492.055586][T13439] hfs: continuing without an alternate MDB
[  492.796472][T13424] loop9: detected capacity change from 0 to 32768
[  492.803992][T13424] XFS: attr2 mount option is deprecated.
[  492.837565][T13416] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.2209: iget: bad i_size value: 360287970189639690
[  492.885185][T13424] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  493.191013][T13424] XFS (loop9): Ending clean mount
[  493.233067][T13424] XFS (loop9): Quotacheck needed: Please wait.
[  493.294731][T13477] loop4: detected capacity change from 0 to 1024
[  493.329636][T13477] EXT4-fs: Ignoring removed orlov option
[  493.384935][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.469144][T13485] loop3: detected capacity change from 0 to 128
[  493.486344][T13477] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  493.505628][T13424] XFS (loop9): Quotacheck: Done.
[  493.570611][   T30] audit: type=1800 audit(1752271469.496:115): pid=13486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2224" name="file1" dev="loop3" ino=1048677 res=0 errno=0
[  493.591614][    C0] vkms_vblank_simulate: vblank timer overrun
[  493.834335][T11563] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.948031][T10892] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  494.465749][ T7590] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  494.676344][ T7590] usb 4-1: Using ep0 maxpacket: 16
[  494.698504][ T7590] usb 4-1: config 0 has an invalid interface number: 225 but max is 0
[  494.723673][ T7590] usb 4-1: config 0 has no interface number 0
[  494.756135][ T7590] usb 4-1: config 0 interface 225 has no altsetting 0
[  494.792518][ T7590] usb 4-1: New USB device found, idVendor=0b95, idProduct=1720, bcdDevice=23.b4
[  494.818655][ T7590] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.857104][ T7590] usb 4-1: Product: syz
[  494.887836][ T7590] usb 4-1: Manufacturer: syz
[  494.939979][ T7590] usb 4-1: SerialNumber: syz
[  494.968296][ T7590] usb 4-1: config 0 descriptor??
[  494.987593][T13522] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input34
[  495.195514][ T6008] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  495.278761][T13530] overlayfs: overlapping lowerdir path
[  495.343491][T13531] overlayfs: failed to verify upper root origin
[  495.360765][ T6008] usb 10-1: Using ep0 maxpacket: 32
[  495.388193][ T6008] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  495.419681][ T6008] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  495.452047][ T6008] usb 10-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  495.502203][ T6008] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.556773][ T6008] usb 10-1: config 0 descriptor??
[  495.996401][ T7590] asix 4-1:0.225 (unnamed net_device) (uninitialized): invalid hw address, using random
[  496.008431][ T6008] ft260 0003:0403:6030.001D: unknown main item tag 0x0
[  496.196261][ T6008] ft260 0003:0403:6030.001D: chip code: 0000 0000
[  496.213937][ T7590] asix 4-1:0.225 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  496.262355][ T7590] asix 4-1:0.225 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  496.303704][ T7590] asix 4-1:0.225: probe with driver asix failed with error -71
[  496.352783][ T7590] usb 4-1: USB disconnect, device number 16
[  496.405841][ T6008] ft260 0003:0403:6030.001D: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.9-1/input0
[  496.472911][ T7595] kernel read not supported for file /vga_arbiter (pid: 7595 comm: kworker/0:14)
[  496.810751][ T6008] ft260 0003:0403:6030.001D: failed to retrieve status: -71
[  496.836682][ T6008] ft260 0003:0403:6030.001D: failed to reset I2C controller: -71
[  496.865872][ T6008] usb 10-1: USB disconnect, device number 7
[  496.937792][T13566] loop0: detected capacity change from 0 to 128
[  497.025505][T13566] EXT4-fs (loop0): Test dummy encryption mode enabled
[  497.138714][T13566] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  497.210050][T13566] ext4 filesystem being mounted at /406/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  497.504519][ T5859] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  497.615827][ T6008] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  497.795497][ T6008] usb 5-1: Using ep0 maxpacket: 8
[  497.813062][ T6008] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  497.831819][ T6008] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  497.875480][ T6008] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  497.915587][ T6008] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  497.954325][ T6008] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  498.186100][ T6008] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  498.195158][ T6008] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  498.228297][ T6008] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  498.278434][ T6008] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  498.312176][ T6008] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  498.366010][ T6008] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  498.392900][ T6008] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  498.425523][ T6008] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  498.469374][ T6008] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  498.501110][ T6008] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  498.552626][ T6008] usb 5-1: string descriptor 0 read error: -22
[  498.559315][ T6008] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  498.618985][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.710390][ T6008] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  498.899073][ T7590] usb 5-1: USB disconnect, device number 6
[  499.536727][T13599] loop3: detected capacity change from 0 to 32768
[  499.598993][T13599] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  499.947890][T13599] XFS (loop3): Ending clean mount
[  500.006921][   T30] audit: type=1800 audit(1752271475.926:116): pid=13599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2261" name="file2" dev="loop3" ino=9287 res=0 errno=0
[  500.252133][T10658] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  501.210882][T13682] loop3: detected capacity change from 0 to 512
[  501.377820][T13682] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.390590][T13682] ext4 filesystem being mounted at /115/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  501.474426][   T30] audit: type=1800 audit(1752271477.396:117): pid=13682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2276" name="file1" dev="loop3" ino=15 res=0 errno=0
[  501.515098][T13696] loop9: detected capacity change from 0 to 64
[  501.732179][T10658] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.754996][T13657] loop4: detected capacity change from 0 to 40427
[  501.812578][T13657] F2FS-fs (loop4): build fault injection type: 0x7
[  501.853663][T13657] F2FS-fs (loop4): invalid crc value
[  502.231574][T13657] F2FS-fs (loop4): Start checkpoint disabled!
[  502.287268][T13657] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  502.368462][T13707] loop3: detected capacity change from 0 to 40427
[  502.379787][T13707] F2FS-fs (loop3): build fault injection rate: 690
[  502.386467][T13707] F2FS-fs (loop3): Image doesn't support compression
[  502.393215][T13707] F2FS-fs (loop3): Image doesn't support compression
[  502.408731][T13707] F2FS-fs (loop3): invalid crc value
[  502.430472][T13657] syz.4.2274: attempt to access beyond end of device
[  502.430472][T13657] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  502.520755][T13707] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  502.574761][T13657] syz.4.2274: attempt to access beyond end of device
[  502.574761][T13657] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  502.678685][T10658] syz-executor: attempt to access beyond end of device
[  502.678685][T10658] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  502.727239][T10658] CPU: 0 UID: 0 PID: 10658 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  502.727290][T10658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  502.727312][T10658] Call Trace:
[  502.727323][T10658]  <TASK>
[  502.727336][T10658]  dump_stack_lvl+0x16c/0x1f0
[  502.727398][T10658]  f2fs_handle_critical_error+0x621/0x9f0
[  502.727444][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.727487][T10658]  ? f2fs_build_fault_attr+0x53/0x1f0
[  502.727535][T10658]  f2fs_write_end_io+0x785/0xc20
[  502.727585][T10658]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  502.727638][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.727691][T10658]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  502.727737][T10658]  bio_endio+0x70d/0x850
[  502.727775][T10658]  submit_bio_noacct+0x56d/0x1eb0
[  502.727832][T10658]  __submit_merged_bio+0x33c/0x770
[  502.727884][T10658]  __submit_merged_write_cond+0x319/0x3f0
[  502.727945][T10658]  f2fs_write_cache_pages+0x2067/0x2570
[  502.728028][T10658]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  502.728084][T10658]  ? arch_stack_walk+0x88/0x100
[  502.728134][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.728176][T10658]  ? __lock_acquire+0x622/0x1c90
[  502.728329][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.728370][T10658]  ? mod_memcg_lruvec_state+0x394/0x610
[  502.728433][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.728475][T10658]  ? __mod_zone_page_state+0xcc/0x1a0
[  502.728531][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.728582][T10658]  f2fs_write_data_pages+0x4ad/0xd90
[  502.728645][T10658]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  502.728715][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.728759][T10658]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  502.728817][T10658]  do_writepages+0x27a/0x600
[  502.728879][T10658]  ? __pfx_do_writepages+0x10/0x10
[  502.728934][T10658]  ? do_raw_spin_unlock+0x172/0x230
[  502.728976][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.729018][T10658]  ? _raw_spin_unlock+0x28/0x50
[  502.729071][T10658]  filemap_fdatawrite_wbc+0x104/0x160
[  502.729138][T10658]  __filemap_fdatawrite_range+0xb2/0xf0
[  502.729182][T10658]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  502.729284][T10658]  ? find_held_lock+0x2b/0x80
[  502.729331][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.729374][T10658]  ? do_raw_spin_unlock+0x172/0x230
[  502.729415][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.729464][T10658]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  502.729542][T10658]  block_operations+0x2a3/0xfd0
[  502.729603][T10658]  ? __pfx___schedule+0x10/0x10
[  502.729655][T10658]  ? __pfx_block_operations+0x10/0x10
[  502.729769][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.729810][T10658]  ? down_write+0x14d/0x200
[  502.729843][T10658]  ? __pfx_down_write+0x10/0x10
[  502.729880][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.729922][T10658]  ? rcu_is_watching+0x12/0xc0
[  502.729974][T10658]  f2fs_write_checkpoint+0x2b8/0x4c60
[  502.730048][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.730092][T10658]  ? rcu_is_watching+0x12/0xc0
[  502.730137][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.730179][T10658]  ? kthread_stop+0x273/0x650
[  502.730217][T10658]  kill_f2fs_super+0x3c2/0x470
[  502.730275][T10658]  ? __pfx_kill_f2fs_super+0x10/0x10
[  502.730331][T10658]  ? lockdep_hardirqs_on+0x7c/0x110
[  502.730403][T10658]  deactivate_locked_super+0xc1/0x1a0
[  502.730442][T10658]  deactivate_super+0xde/0x100
[  502.730481][T10658]  cleanup_mnt+0x225/0x450
[  502.730523][T10658]  task_work_run+0x150/0x240
[  502.730565][T10658]  ? __pfx_task_work_run+0x10/0x10
[  502.730602][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  502.730648][T10658]  ? __pfx___x64_sys_umount+0x10/0x10
[  502.730703][T10658]  exit_to_user_mode_loop+0xeb/0x110
[  502.730748][T10658]  do_syscall_64+0x3f6/0x4c0
[  502.730807][T10658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.730844][T10658] RIP: 0033:0x7f0d86f8fc57
[  502.730872][T10658] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  502.730907][T10658] RSP: 002b:00007fff21e30108 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  502.730940][T10658] RAX: 0000000000000000 RBX: 00007f0d87010925 RCX: 00007f0d86f8fc57
[  502.730964][T10658] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff21e301c0
[  502.730987][T10658] RBP: 00007fff21e301c0 R08: 0000000000000000 R09: 0000000000000000
[  502.731010][T10658] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff21e31250
[  502.731033][T10658] R13: 00007f0d87010925 R14: 000000000007ab2e R15: 00007fff21e31290
[  502.731088][T10658]  </TASK>
[  502.731101][T10658] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  502.894805][ T5861] Bluetooth: hci2: command 0x0406 tx timeout
[  503.228422][ T6001] kworker/u8:10: attempt to access beyond end of device
[  503.228422][ T6001] loop4: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  503.259218][T13724] overlayfs: failed to resolve './file0': -2
[  503.275633][ T6001] CPU: 0 UID: 0 PID: 6001 Comm: kworker/u8:10 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  503.275683][ T6001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  503.275707][ T6001] Workqueue: writeback wb_workfn (flush-7:4)
[  503.275750][ T6001] Call Trace:
[  503.275761][ T6001]  <TASK>
[  503.275797][ T6001]  dump_stack_lvl+0x16c/0x1f0
[  503.275857][ T6001]  f2fs_handle_critical_error+0x621/0x9f0
[  503.275905][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.275949][ T6001]  ? f2fs_build_fault_attr+0x53/0x1f0
[  503.275997][ T6001]  f2fs_write_end_io+0x785/0xc20
[  503.276049][ T6001]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  503.276109][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.276164][ T6001]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  503.276210][ T6001]  bio_endio+0x70d/0x850
[  503.276249][ T6001]  submit_bio_noacct+0x56d/0x1eb0
[  503.276307][ T6001]  __submit_merged_bio+0x33c/0x770
[  503.276359][ T6001]  __submit_merged_write_cond+0x319/0x3f0
[  503.276422][ T6001]  f2fs_write_cache_pages+0x2067/0x2570
[  503.276507][ T6001]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  503.276567][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.276611][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.276654][ T6001]  ? find_held_lock+0x2b/0x80
[  503.276703][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.276751][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.276795][ T6001]  ? do_raw_spin_unlock+0x172/0x230
[  503.276854][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.276897][ T6001]  ? f2fs_available_free_memory+0x279/0xa30
[  503.277004][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.277047][ T6001]  ? lock_acquire+0x179/0x350
[  503.277087][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.277139][ T6001]  f2fs_write_data_pages+0x4ad/0xd90
[  503.277204][ T6001]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  503.277273][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.277316][ T6001]  ? __lock_acquire+0xb8a/0x1c90
[  503.277375][ T6001]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  503.277433][ T6001]  do_writepages+0x27a/0x600
[  503.277497][ T6001]  ? __pfx_do_writepages+0x10/0x10
[  503.277550][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.277592][ T6001]  ? reacquire_held_locks+0xcd/0x1f0
[  503.277648][ T6001]  ? writeback_sb_inodes+0x3a4/0xf90
[  503.277711][ T6001]  __writeback_single_inode+0x160/0xfb0
[  503.277773][ T6001]  ? __pfx___writeback_single_inode+0x10/0x10
[  503.277830][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.277873][ T6001]  ? do_raw_spin_unlock+0x172/0x230
[  503.277916][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.277968][ T6001]  writeback_sb_inodes+0x601/0xf90
[  503.278049][ T6001]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  503.278115][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.278159][ T6001]  ? find_held_lock+0x2b/0x80
[  503.278271][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.278316][ T6001]  ? rcu_is_watching+0x12/0xc0
[  503.278363][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.278408][ T6001]  ? queue_io+0x3f6/0x520
[  503.278465][ T6001]  wb_writeback+0x419/0xb70
[  503.278533][ T6001]  ? __pfx_wb_writeback+0x10/0x10
[  503.278586][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.278643][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.278685][ T6001]  ? mark_held_locks+0x49/0x80
[  503.278752][ T6001]  wb_workfn+0x14d/0xbe0
[  503.278791][ T6001]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  503.278847][ T6001]  ? __pfx_wb_workfn+0x10/0x10
[  503.278884][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.278931][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.278979][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.279023][ T6001]  ? rcu_is_watching+0x12/0xc0
[  503.279079][ T6001]  process_one_work+0x9cf/0x1b70
[  503.279147][ T6001]  ? __pfx_process_one_work+0x10/0x10
[  503.279188][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.279243][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.279286][ T6001]  ? assign_work+0x1a0/0x250
[  503.279329][ T6001]  worker_thread+0x6c8/0xf10
[  503.279381][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.279427][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.279471][ T6001]  ? __kthread_parkme+0x19e/0x250
[  503.279523][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.279570][ T6001]  ? __pfx_worker_thread+0x10/0x10
[  503.279608][ T6001]  kthread+0x3c5/0x780
[  503.279645][ T6001]  ? __pfx_kthread+0x10/0x10
[  503.279683][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  503.279726][ T6001]  ? rcu_is_watching+0x12/0xc0
[  503.279775][ T6001]  ? __pfx_kthread+0x10/0x10
[  503.279814][ T6001]  ret_from_fork+0x5d7/0x6f0
[  503.279868][ T6001]  ? __pfx_kthread+0x10/0x10
[  503.279906][ T6001]  ret_from_fork_asm+0x1a/0x30
[  503.279970][ T6001]  </TASK>
[  503.279983][ T6001] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  503.632600][T13709] loop9: detected capacity change from 0 to 32768
[  503.766142][T13704] loop0: detected capacity change from 0 to 40427
[  503.792536][T13704] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  503.804747][T13704] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  503.859183][T13709] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  503.883788][T13704] F2FS-fs (loop0): invalid crc value
[  504.282320][T13704] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  504.334380][T13704] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  504.403155][   T30] audit: type=1804 audit(1752271480.316:118): pid=13704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2292" name="/newroot/414/file0/file1" dev="loop0" ino=10 res=1 errno=0
[  504.463789][T10892] ocfs2: Unmounting device (7,9) on (node local)
[  505.541691][   T36] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  505.933799][   T36] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.225624][ T6008] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  506.365195][   T36] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.400827][T13775] loop9: detected capacity change from 0 to 128
[  506.469656][ T6008] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  506.476567][T13775] EXT4-fs: Ignoring removed nomblk_io_submit option
[  506.515216][ T6008] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.533139][T13775] EXT4-fs: Ignoring removed nomblk_io_submit option
[  506.573528][ T6008] usb 5-1: config 0 descriptor??
[  506.578853][T13775] EXT4-fs (loop9): Test dummy encryption mode enabled
[  506.614681][T13775] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  506.657163][   T36] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.677808][T13775] ext4 filesystem being mounted at /116/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  506.776472][ T5861] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  506.788879][ T5861] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  506.813940][ T5861] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  506.832262][ T5861] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  506.837167][T13779] loop0: detected capacity change from 0 to 4096
[  506.850617][ T5861] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  506.982481][T10892] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  507.498237][   T36] bridge_slave_1: left allmulticast mode
[  507.504490][   T36] bridge_slave_1: left promiscuous mode
[  507.529603][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  507.576117][ T7590] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  507.607109][   T36] bridge_slave_0: left allmulticast mode
[  507.625649][   T36] bridge_slave_0: left promiscuous mode
[  507.631663][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  507.635704][T13794] loop9: detected capacity change from 0 to 256
[  507.639676][ T6008] usb 5-1: Cannot set autoneg
[  507.664917][ T6008] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -61
[  507.674458][T13794] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  507.771593][ T7590] usb 4-1: config 0 has an invalid interface number: 128 but max is 0
[  507.780216][ T7590] usb 4-1: config 0 has no interface number 0
[  507.803470][ T7590] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  507.822869][ T7590] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.836361][T13796] loop0: detected capacity change from 0 to 4096
[  507.855575][ T7595] usb 5-1: USB disconnect, device number 7
[  507.882634][ T7590] usb 4-1: Product: syz
[  507.903660][ T7590] usb 4-1: Manufacturer: syz
[  507.915691][ T7590] usb 4-1: SerialNumber: syz
[  507.931835][T13796] NILFS (loop0): invalid segment: Checksum error in segment payload
[  507.943497][ T7590] usb 4-1: config 0 descriptor??
[  507.974477][T13796] NILFS (loop0): trying rollback from an earlier position
[  508.052206][T13796] NILFS (loop0): recovery complete
[  508.076504][T13799] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  508.269590][T13801] loop9: detected capacity change from 0 to 2048
[  508.299470][T13801] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  508.387295][ T7590] usb 4-1: Firmware: major: 22, minor: 220, hardware type: UNKNOWN (68)
[  508.599332][ T7590] usb 4-1: no permanent extended address found, random address set
[  508.611373][ T7590] usb 4-1: atusb_probe: initialization failed, error = -524
[  508.622734][ T7590] atusb 4-1:0.128: probe with driver atusb failed with error -524
[  508.808249][T13809] overlayfs: failed to clone lowerpath
[  508.823812][ T7562] usb 4-1: USB disconnect, device number 17
[  508.965681][ T5861] Bluetooth: hci5: command tx timeout
[  509.719889][T13825] loop9: detected capacity change from 0 to 32768
[  509.778258][T13825] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  509.865599][ T7590] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  509.954034][T13825] XFS (loop9): Ending clean mount
[  509.990884][T13825] XFS (loop9): Metadata CRC error detected at xfs_agfl_read_verify+0x12d/0x1d0, xfs_agfl block 0x3 
[  510.001924][T13825] XFS (loop9): Unmount and run xfs_repair
[  510.007802][T13825] XFS (loop9): First 128 bytes of corrupted metadata buffer:
[  510.015226][T13825] 00000000: 58 41 46 4c 00 00 00 00 bf dc 47 fc 10 d8 4e ed  XAFL......G...N.
[  510.026231][T13825] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  510.028164][ T7590] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  510.035103][T13825] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 07 00 00 08  .;..............
[  510.035137][T13825] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  510.035167][T13825] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  510.074801][T13825] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  510.083746][T13825] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  510.092719][T13825] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  510.101675][T13825] XFS (loop9): metadata I/O error in "xfs_alloc_read_agfl+0x23b/0x390" at daddr 0x3 len 1 error 74
[  510.103066][ T7590] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  510.112860][T13825] XFS (loop9): page discard on page ffffea0001341e40, inode 0x2449, pos 0.
[  510.165361][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  510.178320][ T7590] usb 1-1: config 0 interface 0 has no altsetting 0
[  510.194962][ T7590] usb 1-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  510.196895][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  510.245232][   T36] bond0 (unregistering): Released all slaves
[  510.245710][ T7590] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.277179][T10892] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  510.295106][T10892] XFS (loop9): Uncorrected metadata errors detected; please run xfs_repair.
[  510.315471][ T7590] usb 1-1: config 0 descriptor??
[  510.361824][T13844] sch_fq: defrate 2048 ignored.
[  510.415758][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  510.477471][T13853] pim6reg1: entered promiscuous mode
[  510.485462][T13853] pim6reg1: entered allmulticast mode
[  510.743663][ T7590] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  510.761205][ T7590] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  510.777502][T13855] loop3: detected capacity change from 0 to 1024
[  510.795975][ T7590] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  510.803168][ T7590] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  510.827550][ T7590] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  510.855540][ T7590] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  510.887653][ T7590] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  510.895090][ T7590] hid-alps 0003:044E:120B.001E: item fetching failed at offset 10/11
[  510.904278][ T7590] hid-alps 0003:044E:120B.001E: parse failed
[  510.911049][ T7590] hid-alps 0003:044E:120B.001E: probe with driver hid-alps failed with error -22
[  510.946441][T13855] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  511.068255][ T5861] Bluetooth: hci5: command tx timeout
[  511.074666][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  511.097091][T13855] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  511.238473][T13855] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  511.261431][T13855] EXT4-fs (loop3): This should not happen!! Data will be lost
[  511.261431][T13855] 
[  511.346019][T13855] EXT4-fs (loop3): Total free blocks count 0
[  511.366600][T13869] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2351'.
[  511.427459][T13855] EXT4-fs (loop3): Free/Dirty block details
[  511.445735][T13855] EXT4-fs (loop3): free_blocks=68451041280
[  511.458192][T13855] EXT4-fs (loop3): dirty_blocks=32
[  511.465587][T13869] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2351'.
[  511.478468][T13855] EXT4-fs (loop3): Block reservation details
[  511.500721][T13855] EXT4-fs (loop3): i_reserved_data_blocks=2
[  511.582319][ T7595] usb 1-1: USB disconnect, device number 19
[  511.732957][  T189] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  512.123144][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  512.178674][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  512.202020][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  512.265741][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  512.402402][   T36] veth1_macvtap: left promiscuous mode
[  512.408385][   T36] veth0_macvtap: left promiscuous mode
[  512.414125][T13887] loop3: detected capacity change from 0 to 512
[  512.414382][   T36] veth1_vlan: left promiscuous mode
[  512.460898][T13887] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  512.474503][   T36] veth0_vlan: left promiscuous mode
[  512.545920][T13887] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  512.688367][   T30] audit: type=1800 audit(1752271488.616:119): pid=13887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2360" name="file1" dev="loop3" ino=15 res=0 errno=0
[  512.790374][   T30] audit: type=1800 audit(1752271488.656:120): pid=13887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2360" name="file2" dev="loop3" ino=16 res=0 errno=0
[  512.842026][T10658] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.125638][ T5861] Bluetooth: hci5: command tx timeout
[  513.149713][T13897] loop3: detected capacity change from 0 to 2048
[  513.279291][T13897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  513.342754][T13897] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  513.648196][T10658] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.859803][   T24] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  513.936773][T13918] Set syz0 is full, maxelem 0 reached
[  514.037867][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  514.055837][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  514.081451][   T24] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  514.100222][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  514.114172][   T24] usb 5-1: SerialNumber: syz
[  514.171841][T13923] loop9: detected capacity change from 0 to 512
[  514.180328][T13923] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  514.239691][T13923] EXT4-fs (loop9): 1 truncate cleaned up
[  514.248217][T13923] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  514.387298][   T24] usb 5-1: 0:2 : does not exist
[  514.392295][   T24] usb 5-1: unit 2 not found!
[  514.422177][T10892] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.423502][   T24] usb 5-1: USB disconnect, device number 8
[  514.437941][   T13] nci: nci_ntf_packet: unknown ntf opcode 0x122
[  515.206429][ T5861] Bluetooth: hci5: command tx timeout
[  515.451352][   T36] team0 (unregistering): Port device team_slave_1 removed
[  515.690380][   T36] team0 (unregistering): Port device team_slave_0 removed
[  515.939329][T13968] loop9: detected capacity change from 0 to 512
[  515.985127][T13968] Quota error (device loop9): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  516.027426][T13968] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  516.048433][T13968] EXT4-fs error (device loop9): ext4_acquire_dquot:6931: comm syz.9.2392: Failed to acquire dquot type 1
[  516.117461][T13968] EXT4-fs (loop9): 1 truncate cleaned up
[  516.153905][T13968] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  516.229023][T13968] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  516.380694][T10892] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  516.652371][T13993] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  517.414044][T13780] chnl_net:caif_netlink_parms(): no params data found
[  517.493301][T13979] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  518.048182][T13780] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.094040][T13780] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.123675][T13780] bridge_slave_0: entered allmulticast mode
[  518.155999][T13780] bridge_slave_0: entered promiscuous mode
[  518.167544][T13780] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.174795][T13780] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.226730][T13780] bridge_slave_1: entered allmulticast mode
[  518.252175][T13780] bridge_slave_1: entered promiscuous mode
[  518.328420][T14032] loop4: detected capacity change from 0 to 512
[  518.364395][T13780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  518.381071][T14032] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  518.394671][T13780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  518.458629][T14032] EXT4-fs (loop4): invalid journal inode
[  518.467764][T14032] EXT4-fs (loop4): can't get journal size
[  518.514156][T14032] EXT4-fs (loop4): 1 truncate cleaned up
[  518.521191][ T7590] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  518.542359][T13780] team0: Port device team_slave_0 added
[  518.558166][T14032] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  518.612524][T13780] team0: Port device team_slave_1 added
[  518.685536][ T7590] usb 1-1: Using ep0 maxpacket: 32
[  518.693430][ T7590] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  518.701878][ T7590] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  518.713258][ T7590] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  518.726529][ T7590] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  518.740132][ T7590] usb 1-1: config 0 interface 0 has no altsetting 0
[  518.777322][ T7590] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  518.825110][ T7590] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  518.871300][T13780] batman_adv: batadv0: Adding interface: batadv_slave_0
[  518.881785][ T7590] usb 1-1: Product: syz
[  518.895720][ T7590] usb 1-1: Manufacturer: syz
[  518.925671][T13780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  518.958296][ T7590] usb 1-1: SerialNumber: syz
[  518.976845][T11563] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  519.024479][ T7590] usb 1-1: config 0 descriptor??
[  519.041031][T13780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  519.044469][ T7590] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  519.078693][T13780] batman_adv: batadv0: Adding interface: batadv_slave_1
[  519.113255][T13780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  519.152422][ T7590] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  519.169014][T13780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  519.355292][ T6008] usb 1-1: USB disconnect, device number 20
[  519.370307][ T6008] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  519.760191][T13780] hsr_slave_0: entered promiscuous mode
[  519.800505][T13780] hsr_slave_1: entered promiscuous mode
[  519.816624][T13780] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  519.840564][T13780] Cannot create hsr debugfs directory
[  521.245507][ T7590] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  521.277372][T14057] loop3: detected capacity change from 0 to 32768
[  521.471187][ T7590] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  521.505304][ T7590] usb 5-1: config 0 interface 0 has no altsetting 0
[  521.542876][ T7590] usb 5-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  521.564729][T13780] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  521.584716][T14075] loop9: detected capacity change from 0 to 4096
[  521.597791][ T7590] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.614142][T13780] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  521.626266][ T7590] usb 5-1: Product: syz
[  521.630489][ T7590] usb 5-1: Manufacturer: syz
[  521.644052][T13780] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  521.646995][ T7590] usb 5-1: SerialNumber: syz
[  521.695771][ T7590] usb 5-1: config 0 descriptor??
[  521.699661][T13780] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  521.717605][ T7590] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  521.729620][ T7590] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  521.748063][   T30] audit: type=1800 audit(1752271497.666:121): pid=14075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2434" name="file2" dev="loop9" ino=31 res=0 errno=0
[  521.755604][ T7590] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  521.784049][ T7590] usb 5-1: media controller created
[  521.899779][T14088] loop0: detected capacity change from 0 to 512
[  521.912531][ T7590] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  522.028108][T14088] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.086330][T14088] ext4 filesystem being mounted at /436/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  522.108124][T13780] 8021q: adding VLAN 0 to HW filter on device bond0
[  522.138016][ T7590] DVB: Unable to find symbol tda10046_attach()
[  522.161918][ T7590] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  522.191366][T13780] 8021q: adding VLAN 0 to HW filter on device team0
[  522.193592][ T7590] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  522.236645][  T189] bridge0: port 1(bridge_slave_0) entered blocking state
[  522.243939][  T189] bridge0: port 1(bridge_slave_0) entered forwarding state
[  522.299802][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  522.307081][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  522.711090][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.117830][ T7590] dvb_usb_m920x 5-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  523.169363][ T7590] usb 5-1: USB disconnect, device number 9
[  523.360858][T13780] 8021q: adding VLAN 0 to HW filter on device batadv0
[  523.550357][T13780] veth0_vlan: entered promiscuous mode
[  523.593313][T13780] veth1_vlan: entered promiscuous mode
[  523.700891][T14125] loop0: detected capacity change from 0 to 2048
[  523.734217][T13780] veth0_macvtap: entered promiscuous mode
[  523.743134][T14125] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  523.752956][ T6008] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  523.817764][T13780] veth1_macvtap: entered promiscuous mode
[  523.838869][T14128] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  523.913636][T13780] batman_adv: batadv0: Interface activated: batadv_slave_0
[  523.935852][ T6008] usb 4-1: Using ep0 maxpacket: 16
[  523.956265][T14130] loop9: detected capacity change from 0 to 128
[  523.973315][   T30] audit: type=1800 audit(1752271499.896:122): pid=14125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2449" name="bus" dev="loop0" ino=18 res=0 errno=0
[  523.976713][T13780] batman_adv: batadv0: Interface activated: batadv_slave_1
[  523.998786][ T6008] usb 4-1: device descriptor read/all, error -71
[  524.087138][T14130] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  524.135617][T14130] ext4 filesystem being mounted at /147/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  524.169851][T14136] loop4: detected capacity change from 0 to 512
[  524.210135][T14136] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.231370][T13780] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  524.263874][ T5859] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 3044605952
[  524.285650][ T5859] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15)
[  524.299523][T13780] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  524.308696][T14136] ext4 filesystem being mounted at /84/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  524.332372][T13780] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  524.368681][ T5859] Remounting filesystem read-only
[  524.388893][T13780] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  524.398709][ T5859] NILFS (loop0): error -5 truncating bmap (ino=15)
[  524.444110][T10892] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  524.809968][ T1322] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  524.838058][ T1322] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  524.943198][ T1322] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  524.961399][ T1322] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  525.074458][T11563] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.709037][T14176] loop3: detected capacity change from 0 to 128
[  525.768589][T14176] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  525.808380][T14176] ext4 filesystem being mounted at /146/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  525.907881][T14184] loop4: detected capacity change from 0 to 128
[  525.915574][ T7562] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  525.975145][T14184] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  526.061435][T10658] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  526.067591][ T7562] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  526.091140][ T7562] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  526.098407][T14184] ext4 filesystem being mounted at /87/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  526.114369][ T7562] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  526.128113][ T7562] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  526.157007][ T7562] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  526.203398][ T7562] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  526.219739][ T7562] usb 10-1: Manufacturer: syz
[  526.242855][ T7562] usb 10-1: config 0 descriptor??
[  526.374773][T11563] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  526.459841][T14191] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  526.514198][T14191] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  526.585842][ T7593] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  526.709852][ T7562] rc_core: IR keymap rc-hauppauge not found
[  526.745492][ T7562] Registered IR keymap rc-empty
[  526.755581][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  526.785320][ T7593] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  526.805973][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  526.833217][ T7593] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  526.853626][ T7593] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  526.856674][ T7562] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0
[  526.895664][ T7593] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  526.943715][ T7593] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  526.954724][ T7562] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0/input35
[  526.973533][ T7593] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  527.074366][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.075578][ T7593] usb 4-1: config 0 descriptor??
[  527.125750][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.133704][T14193] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  527.176841][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.218505][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.291043][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.366963][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.398429][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.436142][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.465969][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.515584][ T7562] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  527.570064][ T7593] plantronics 0003:047F:FFFF.001F: reserved main item tag 0xd
[  527.581397][ T7562] mceusb 10-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  527.609675][ T7562] mceusb 10-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  527.620312][ T7593] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  527.660545][T14206] loop0: detected capacity change from 0 to 2048
[  527.667356][ T7562] usb 10-1: USB disconnect, device number 8
[  527.682885][T14206] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  527.920099][ T7590] usb 4-1: USB disconnect, device number 20
[  528.099816][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.286038][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.493978][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.496743][T14216] loop0: detected capacity change from 0 to 1024
[  528.521916][T14218] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  528.567833][T14216] EXT4-fs: Ignoring removed nobh option
[  528.607119][T14216] EXT4-fs: inline encryption not supported
[  528.711659][T14216] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.795828][T14216] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4112: comm syz.0.2481: Allocating blocks 385-513 which overlap fs metadata
[  528.895945][T14230] EXT4-fs (loop0): pa ffff888055ca9570: logic 16, phys. 129, len 24
[  528.904153][T14230] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5363: group 0, free 0, pa_free 8
[  528.983002][T14230] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  529.010957][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.053689][T14230] EXT4-fs (loop0): This should not happen!! Data will be lost
[  529.053689][T14230] 
[  529.100054][T14230] EXT4-fs (loop0): Total free blocks count 0
[  529.123650][T14230] EXT4-fs (loop0): Free/Dirty block details
[  529.187320][T14238] loop3: detected capacity change from 0 to 128
[  529.211459][T14230] EXT4-fs (loop0): free_blocks=128
[  529.217010][T14230] EXT4-fs (loop0): dirty_blocks=0
[  529.226058][ T5162] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  529.235194][T14230] EXT4-fs (loop0): Block reservation details
[  529.249542][ T5162] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  529.271923][ T5162] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  529.279238][T14230] EXT4-fs (loop0): i_reserved_data_blocks=0
[  529.301394][ T5162] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  529.317974][ T5162] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  529.341433][T14238] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  529.366855][T14238] ext4 filesystem being mounted at /149/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  529.513779][   T36] bridge_slave_1: left allmulticast mode
[  529.558321][   T36] bridge_slave_1: left promiscuous mode
[  529.564116][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.580447][T14243] loop4: detected capacity change from 0 to 16
[  529.611980][T14243] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  529.693520][T10658] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  529.720669][   T36] bridge_slave_0: left allmulticast mode
[  529.738434][   T36] bridge_slave_0: left promiscuous mode
[  529.750162][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.892509][T14247] loop0: detected capacity change from 0 to 4096
[  529.948478][T14247] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  530.164510][ T1091] ntfs3(loop0): ino=1e, ni_find_attr
[  530.254277][T14258] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2495'.
[  530.367351][T14260] loop9: detected capacity change from 0 to 512
[  530.380106][T14260] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  530.487082][T14260] EXT4-fs (loop9): 1 truncate cleaned up
[  530.494450][T14260] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  530.612582][T14260] EXT4-fs error (device loop9): ext4_generic_delete_entry:2667: inode #2: block 13: comm syz.9.2496: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  530.686568][T14260] EXT4-fs (loop9): Remounting filesystem read-only
[  530.712212][T14260] EXT4-fs warning (device loop9): ext4_rename_delete:3724: inode #2: comm syz.9.2496: Deleting old file: nlink 5, error=-117
[  530.766453][T14266] overlay: ./file1 is not a directory
[  530.899797][T10892] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  530.922455][T14255] loop4: detected capacity change from 0 to 32768
[  531.365826][ T5861] Bluetooth: hci5: command tx timeout
[  531.416192][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  531.507177][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  531.557097][   T36] bond0 (unregistering): Released all slaves
[  531.897342][T14286] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  532.405208][T14278] loop9: detected capacity change from 0 to 32768
[  532.418623][T14278] XFS: noikeep mount option is deprecated.
[  532.475594][   T24] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  532.488506][T14278] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  532.594228][T14278] XFS (loop9): Ending clean mount
[  532.610323][T14300] loop4: detected capacity change from 0 to 4096
[  532.622998][T14300] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  532.660673][   T24] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  532.679251][   T24] usb 1-1: config 0 has no interface number 0
[  532.705764][   T24] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  532.730337][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.781573][   T13] ntfs3(loop4): ino=1e, ni_find_attr
[  532.806362][   T24] usb 1-1: config 0 descriptor??
[  532.827843][   T24] cp210x 1-1:0.1: cp210x converter detected
[  532.830585][T10892] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  533.167412][   T36] hsr_slave_0: left promiscuous mode
[  533.221788][   T36] hsr_slave_1: left promiscuous mode
[  533.229783][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  533.238209][   T24] cp210x 1-1:0.1: failed to get vendor val 0x000e size 3: -32
[  533.275692][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  533.298032][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  533.317480][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  533.445899][ T5861] Bluetooth: hci5: command tx timeout
[  533.505447][   T24] usb 1-1: cp210x converter now attached to ttyUSB0
[  533.579203][   T36] veth1_macvtap: left promiscuous mode
[  533.600697][   T36] veth0_macvtap: left promiscuous mode
[  533.625698][   T36] veth1_vlan: left promiscuous mode
[  533.631097][   T36] veth0_vlan: left promiscuous mode
[  533.714902][   T24] usb 1-1: USB disconnect, device number 21
[  533.742037][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  533.813126][   T24] cp210x 1-1:0.1: device disconnected
[  534.482631][T14335] input: syz0 as /devices/virtual/input/input37
[  534.845506][   T24] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  535.175576][T14343] loop0: detected capacity change from 0 to 32768
[  535.185819][T14343] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2526 (14343)
[  535.217541][T14343] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  535.229060][T14343] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  535.238233][T14343] BTRFS info (device loop0): using free-space-tree
[  535.265524][   T24] usb 5-1: Using ep0 maxpacket: 32
[  535.273764][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  535.285352][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  535.320352][   T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  535.343056][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  535.377567][   T24] usb 5-1: config 0 descriptor??
[  535.395098][   T24] hub 5-1:0.0: USB hub found
[  535.468484][T14327] loop3: detected capacity change from 0 to 40427
[  535.525720][ T5861] Bluetooth: hci5: command tx timeout
[  535.535021][T14327] F2FS-fs (loop3): invalid crc value
[  535.583000][ T5859] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  535.630785][   T24] hub 5-1:0.0: 1 port detected
[  535.885655][T14327] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  536.170728][T10658] syz-executor: attempt to access beyond end of device
[  536.170728][T10658] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  536.274150][   T24] hub 5-1:0.0: activate --> -90
[  536.302635][T14374] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2533'.
[  536.322508][T10658] CPU: 0 UID: 0 PID: 10658 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  536.322563][T10658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  536.322585][T10658] Call Trace:
[  536.322598][T10658]  <TASK>
[  536.322612][T10658]  dump_stack_lvl+0x16c/0x1f0
[  536.322675][T10658]  f2fs_handle_critical_error+0x621/0x9f0
[  536.322723][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.322767][T10658]  ? f2fs_build_fault_attr+0x53/0x1f0
[  536.322817][T10658]  f2fs_write_end_io+0x785/0xc20
[  536.322869][T10658]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  536.322924][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.322978][T10658]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  536.323025][T10658]  bio_endio+0x70d/0x850
[  536.323064][T10658]  submit_bio_noacct+0x56d/0x1eb0
[  536.323126][T10658]  __submit_merged_bio+0x33c/0x770
[  536.323181][T10658]  __submit_merged_write_cond+0x319/0x3f0
[  536.323243][T10658]  f2fs_write_cache_pages+0x2067/0x2570
[  536.323328][T10658]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  536.323385][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.323431][T10658]  ? exit_to_user_mode_loop+0xeb/0x110
[  536.323482][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.323526][T10658]  ? __lock_acquire+0xb8a/0x1c90
[  536.323613][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.323723][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.323768][T10658]  ? _raw_spin_unlock+0x28/0x50
[  536.323815][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.323859][T10658]  ? free_unref_folios+0x1195/0x1800
[  536.323904][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.323956][T10658]  f2fs_write_data_pages+0x4ad/0xd90
[  536.324021][T10658]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  536.324075][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.324135][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.324184][T10658]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  536.324244][T10658]  do_writepages+0x27a/0x600
[  536.324309][T10658]  ? __pfx_do_writepages+0x10/0x10
[  536.324365][T10658]  ? do_raw_spin_unlock+0x172/0x230
[  536.324408][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.324452][T10658]  ? _raw_spin_unlock+0x28/0x50
[  536.324505][T10658]  filemap_fdatawrite_wbc+0x104/0x160
[  536.324570][T10658]  __filemap_fdatawrite_range+0xb2/0xf0
[  536.324616][T10658]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  536.324723][T10658]  ? find_held_lock+0x2b/0x80
[  536.324772][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.324817][T10658]  ? do_raw_spin_unlock+0x172/0x230
[  536.324859][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.324908][T10658]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  536.324984][T10658]  block_operations+0x2a3/0xfd0
[  536.325044][T10658]  ? __pfx___schedule+0x10/0x10
[  536.325097][T10658]  ? __pfx_block_operations+0x10/0x10
[  536.325216][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.325259][T10658]  ? down_write+0x14d/0x200
[  536.325293][T10658]  ? __pfx_down_write+0x10/0x10
[  536.325331][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.325372][T10658]  ? rcu_is_watching+0x12/0xc0
[  536.325429][T10658]  f2fs_write_checkpoint+0x2b8/0x4c60
[  536.325495][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.325539][T10658]  ? kfree+0x2b4/0x4d0
[  536.325566][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.325618][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.325661][T10658]  ? rcu_is_watching+0x12/0xc0
[  536.325706][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.325750][T10658]  ? kthread_stop+0x273/0x650
[  536.325790][T10658]  kill_f2fs_super+0x3c2/0x470
[  536.325851][T10658]  ? __pfx_kill_f2fs_super+0x10/0x10
[  536.325909][T10658]  ? lockdep_hardirqs_on+0x7c/0x110
[  536.325983][T10658]  deactivate_locked_super+0xc1/0x1a0
[  536.326025][T10658]  deactivate_super+0xde/0x100
[  536.326065][T10658]  cleanup_mnt+0x225/0x450
[  536.326116][T10658]  task_work_run+0x150/0x240
[  536.326159][T10658]  ? __pfx_task_work_run+0x10/0x10
[  536.326196][T10658]  ? srso_alias_return_thunk+0x5/0xfbef5
[  536.326244][T10658]  ? __pfx___x64_sys_umount+0x10/0x10
[  536.326301][T10658]  exit_to_user_mode_loop+0xeb/0x110
[  536.326347][T10658]  do_syscall_64+0x3f6/0x4c0
[  536.326409][T10658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.326446][T10658] RIP: 0033:0x7f0d86f8fc57
[  536.326476][T10658] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  536.326513][T10658] RSP: 002b:00007fff21e30108 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  536.326548][T10658] RAX: 0000000000000000 RBX: 00007f0d87010925 RCX: 00007f0d86f8fc57
[  536.326573][T10658] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff21e301c0
[  536.326597][T10658] RBP: 00007fff21e301c0 R08: 0000000000000000 R09: 0000000000000000
[  536.326621][T10658] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff21e31250
[  536.326645][T10658] R13: 00007f0d87010925 R14: 0000000000082d73 R15: 00007fff21e31290
[  536.326696][T10658]  </TASK>
[  536.803386][    C0] vkms_vblank_simulate: vblank timer overrun
[  536.894536][T10658] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  536.911954][   T24] hub 5-1:0.0: hub_ext_port_status failed (err = 0)
[  537.118469][T14376] tls_set_device_offload_rx: netdev not found
[  537.260518][ T7562] usb 5-1: USB disconnect, device number 10
[  537.606141][ T5861] Bluetooth: hci5: command tx timeout
[  537.665215][   T36] team0 (unregistering): Port device team_slave_1 removed
[  537.673039][T14389] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  537.898723][T14393] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  537.912915][   T36] team0 (unregistering): Port device team_slave_0 removed
[  538.355889][T14405] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  538.384923][T14405] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  540.596804][T14239] chnl_net:caif_netlink_parms(): no params data found
[  541.256031][T14239] bridge0: port 1(bridge_slave_0) entered blocking state
[  541.282756][T14239] bridge0: port 1(bridge_slave_0) entered disabled state
[  541.319278][T14239] bridge_slave_0: entered allmulticast mode
[  541.325489][   T30] audit: type=1326 audit(1752271517.236:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14474 comm="syz.3.2567" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0d86f8e929 code=0x0
[  541.351862][T14239] bridge_slave_0: entered promiscuous mode
[  541.376322][T14239] bridge0: port 2(bridge_slave_1) entered blocking state
[  541.407056][T14239] bridge0: port 2(bridge_slave_1) entered disabled state
[  541.430981][T14239] bridge_slave_1: entered allmulticast mode
[  541.462865][T14239] bridge_slave_1: entered promiscuous mode
[  541.695061][T14481] loop4: detected capacity change from 0 to 8
[  541.712019][T14481] SQUASHFS error: zlib decompression failed, data probably corrupt
[  541.720490][T14481] SQUASHFS error: Failed to read block 0x4e8: -5
[  541.729012][   T30] audit: type=1800 audit(1752271517.656:124): pid=14481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2568" name="file1" dev="loop4" ino=5 res=0 errno=0
[  541.737506][T14481] SQUASHFS error: Failed to read block 0x6e6: -5
[  541.755690][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.764428][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.772207][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.778549][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.786070][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.792928][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.799949][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.807822][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.814656][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.824408][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.831787][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.838700][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.844948][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.852338][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.859230][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.867206][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.874518][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.881490][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.887784][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.895092][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.902016][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.908304][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.915688][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.923024][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.929980][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.937351][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.944193][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.950475][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.957862][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.966097][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.972366][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  541.979740][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  541.986618][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  541.992869][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.000246][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.007826][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.014076][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.021519][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.028393][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.034635][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.042012][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.048891][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.055148][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.062512][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.070792][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.077138][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.084444][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.091403][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.097715][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.105027][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.111917][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.118221][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.125593][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.132434][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.138777][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.146138][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.154315][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.160644][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.168052][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.175806][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.182085][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.190179][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.197141][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.205107][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.212506][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.219396][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.225716][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.233531][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.240873][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.247674][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.254997][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.261932][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.268266][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.277166][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.284025][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.290363][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.298087][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.304943][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.311274][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.318994][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.326221][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.332494][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.339865][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.346780][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.353037][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.360390][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.367296][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.373546][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.382754][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.389746][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.396055][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.403376][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.410460][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.416764][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.424078][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.430995][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.437340][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.444660][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.451576][T14481] SQUASHFS error: Failed to read block 0x0: -5
[  542.458546][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.466256][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.474252][T14481] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  542.484036][T14481] SQUASHFS error: read_indexes: reading block [6e4:0]
[  542.536960][T14239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  542.749144][T14239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  543.171739][T14239] team0: Port device team_slave_0 added
[  543.228024][T14239] team0: Port device team_slave_1 added
[  543.255145][T14484] loop9: detected capacity change from 0 to 32768
[  543.299671][T14484] (syz.9.2569,14484,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  543.357300][T14484] (syz.9.2569,14484,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  543.458439][T14239] batman_adv: batadv0: Adding interface: batadv_slave_0
[  543.508087][T14484] JBD2: Ignoring recovery information on journal
[  543.548040][T14239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  543.613342][T14502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2578'.
[  543.685775][T14239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  543.699031][T14484] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  543.712666][T14506] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2578'.
[  543.792836][T14239] batman_adv: batadv0: Adding interface: batadv_slave_1
[  543.822422][T14239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  543.911880][T14239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  543.989216][T14491] loop3: detected capacity change from 0 to 32768
[  544.116199][   T30] audit: type=1800 audit(1752271520.026:125): pid=14491 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2573" name="file1" dev="loop3" ino=7 res=0 errno=0
[  544.396444][T14239] hsr_slave_0: entered promiscuous mode
[  544.412683][T14239] hsr_slave_1: entered promiscuous mode
[  544.436234][T14239] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  544.460633][T14239] Cannot create hsr debugfs directory
[  544.472714][T10892] ocfs2: Unmounting device (7,9) on (node local)
[  546.009233][T14525] loop4: detected capacity change from 0 to 128
[  546.046757][T14525] vfat: Bad value for 'gid'
[  546.051351][T14525] vfat: Bad value for 'gid'
[  546.345822][   T24] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  546.526719][   T24] usb 5-1: config 1 has an invalid interface number: 105 but max is 0
[  546.545467][   T24] usb 5-1: config 1 has no interface number 0
[  546.551629][   T24] usb 5-1: config 1 interface 105 has no altsetting 0
[  546.633337][   T24] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  546.660695][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  546.681208][   T24] usb 5-1: Product: syz
[  546.694400][   T24] usb 5-1: Manufacturer: syz
[  546.765562][   T24] usb 5-1: SerialNumber: syz
[  546.898498][T14540] loop3: detected capacity change from 0 to 512
[  546.956388][T14540] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  547.011314][   T24] aqc111 5-1:1.105: probe with driver aqc111 failed with error -22
[  547.077423][T14540] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2847: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  547.132647][T14239] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  547.160042][T14540] EXT4-fs (loop3): 1 truncate cleaned up
[  547.189754][T14540] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  547.257038][T14239] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  547.303239][ T7591] usb 5-1: USB disconnect, device number 11
[  547.375349][T14239] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  547.428771][T14239] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  547.601369][T10658] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  547.659587][ T6008] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  547.787099][   T30] audit: type=1326 audit(1752271523.716:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14558 comm="syz.9.2598" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0acf98e929 code=0x0
[  547.822414][T14239] 8021q: adding VLAN 0 to HW filter on device bond0
[  547.825507][ T6008] usb 1-1: Using ep0 maxpacket: 32
[  547.875626][ T6008] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  547.906646][ T6008] usb 1-1: config 0 has no interface number 0
[  547.913111][T14239] 8021q: adding VLAN 0 to HW filter on device team0
[  547.938844][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  547.946090][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  547.961846][ T6008] usb 1-1: config 0 interface 184 has no altsetting 0
[  547.990716][  T189] bridge0: port 2(bridge_slave_1) entered blocking state
[  547.997978][  T189] bridge0: port 2(bridge_slave_1) entered forwarding state
[  548.019730][ T6008] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  548.035468][ T6008] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.043701][ T6008] usb 1-1: Product: syz
[  548.049028][ T6008] usb 1-1: Manufacturer: syz
[  548.053657][ T6008] usb 1-1: SerialNumber: syz
[  548.066873][ T6008] usb 1-1: config 0 descriptor??
[  548.077737][ T6008] smsc75xx v1.0.0
[  548.732281][T14577] loop4: detected capacity change from 0 to 32768
[  548.801329][T14577] JBD2: Ignoring recovery information on journal
[  548.916318][T14577] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  548.958783][T14239] 8021q: adding VLAN 0 to HW filter on device batadv0
[  549.057260][T14577] OCFS2: ERROR (device loop4): ocfs2_validate_gd_parent: Group descriptor #32 has bit count of 1024
[  549.069061][T14577] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  549.079214][T14577] OCFS2: File system is now read-only.
[  549.084721][T14577] (syz.4.2600,14577,1):ocfs2_search_chain:1817 ERROR: status = -30
[  549.092765][T14577] (syz.4.2600,14577,1):ocfs2_search_chain:1940 ERROR: status = -30
[  549.100975][T14577] (syz.4.2600,14577,1):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[  549.109635][T14577] (syz.4.2600,14577,1):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[  549.118243][T14577] (syz.4.2600,14577,1):__ocfs2_claim_clusters:2438 ERROR: status = -30
[  549.126726][T14577] (syz.4.2600,14577,1):__ocfs2_claim_clusters:2446 ERROR: status = -30
[  549.136580][T14577] (syz.4.2600,14577,1):ocfs2_local_alloc_new_window:1199 ERROR: status = -30
[  549.145481][T14577] (syz.4.2600,14577,1):ocfs2_local_alloc_new_window:1224 ERROR: status = -30
[  549.154375][T14577] (syz.4.2600,14577,1):ocfs2_local_alloc_slide_window:1298 ERROR: status = -30
[  549.163525][T14577] (syz.4.2600,14577,1):ocfs2_local_alloc_slide_window:1317 ERROR: status = -30
[  549.173313][T14239] veth0_vlan: entered promiscuous mode
[  549.173535][T14577] (syz.4.2600,14577,1):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -30
[  549.187929][T14577] (syz.4.2600,14577,1):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -30
[  549.198653][T14577] (syz.4.2600,14577,1):ocfs2_reserve_clusters_with_limit:1172 ERROR: status = -30
[  549.208051][T14577] (syz.4.2600,14577,1):ocfs2_reserve_clusters_with_limit:1221 ERROR: status = -30
[  549.217460][T14577] (syz.4.2600,14577,1):ocfs2_lock_allocators:2775 ERROR: status = -30
[  549.225731][T14577] (syz.4.2600,14577,1):ocfs2_write_begin_nolock:1722 ERROR: status = -30
[  549.234233][T14577] (syz.4.2600,14577,1):ocfs2_write_begin:1885 ERROR: status = -30
[  549.346831][T14239] veth1_vlan: entered promiscuous mode
[  549.421491][ T6008] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  549.441208][ T6008] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  549.464924][ T6008] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  549.475197][T14239] veth0_macvtap: entered promiscuous mode
[  549.493956][ T6008] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  549.509789][T14239] veth1_macvtap: entered promiscuous mode
[  549.520537][ T6008] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  549.544630][ T6008] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  549.567307][ T6008] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  549.603769][ T6008] usb 1-1: USB disconnect, device number 22
[  549.616216][T14239] batman_adv: batadv0: Interface activated: batadv_slave_0
[  549.651493][T14239] batman_adv: batadv0: Interface activated: batadv_slave_1
[  549.697373][T14239] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  549.711796][T14239] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  549.728838][T14239] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  549.745775][T14239] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  549.975876][T11563] ocfs2: Unmounting device (7,4) on (node local)
[  550.141598][  T189] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  550.187374][  T189] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  550.302391][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  550.345724][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  550.389129][T14598] loop0: detected capacity change from 0 to 2048
[  550.477884][T14603] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  550.504337][T14596] loop3: detected capacity change from 0 to 32768
[  550.549761][T14603] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  550.585771][T14603] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  550.605957][T14596] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  550.632612][T14603] Remounting filesystem read-only
[  550.663193][   T30] audit: type=1800 audit(1752271526.586:127): pid=14596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2606" name="file1" dev="loop3" ino=17059 res=0 errno=0
[  551.123320][T14614] loop0: detected capacity change from 0 to 512
[  551.184053][T14614] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  551.206896][T14614] EXT4-fs (loop0): 1 truncate cleaned up
[  551.214388][T14614] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  551.250992][T10658] ocfs2: Unmounting device (7,3) on (node local)
[  551.691219][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.830921][T14623] loop4: detected capacity change from 0 to 2048
[  551.853726][  T189] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.854465][T14625] block nbd9: shutting down sockets
[  551.953313][T14627] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  551.994829][T14627] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  552.055201][T14627] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4)
[  552.134379][T14627] Remounting filesystem read-only
[  552.203322][  T189] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.402003][T14632] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2617'.
[  552.467571][  T189] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.525518][   T30] audit: type=1326 audit(1752271528.436:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14635 comm="syz.0.2618" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7b1498e929 code=0x0
[  552.783665][  T189] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.854914][T14646] loop4: detected capacity change from 0 to 512
[  552.935211][T14646] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  553.046380][T14646] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  553.071394][ T5162] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  553.081737][ T5162] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  553.093252][ T5162] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  553.104468][ T5162] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  553.112606][ T5162] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  553.806441][  T189] bridge_slave_1: left allmulticast mode
[  553.812174][  T189] bridge_slave_1: left promiscuous mode
[  553.825610][  T189] bridge0: port 2(bridge_slave_1) entered disabled state
[  554.100834][  T189] bridge_slave_0: left allmulticast mode
[  554.154586][  T189] bridge_slave_0: left promiscuous mode
[  554.202535][  T189] bridge0: port 1(bridge_slave_0) entered disabled state
[  554.950792][T11563] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.206579][ T5861] Bluetooth: hci5: command tx timeout
[  555.255615][T14684] loop4: detected capacity change from 0 to 1024
[  555.396975][   T30] audit: type=1800 audit(1752271531.316:129): pid=14684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2633" name="file2" dev="loop4" ino=20 res=0 errno=0
[  555.452171][T14686] block nbd0: shutting down sockets
[  555.472831][   T36] hfsplus: request for non-existent node 33554434 in B*Tree
[  555.495866][   T36] hfsplus: request for non-existent node 33554434 in B*Tree
[  555.801151][T14694] loop0: detected capacity change from 0 to 8
[  555.825692][T14694] SQUASHFS error: zlib decompression failed, data probably corrupt
[  555.833690][T14694] SQUASHFS error: Failed to read block 0x4e8: -5
[  555.849222][   T30] audit: type=1800 audit(1752271531.766:130): pid=14694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2639" name="file1" dev="loop0" ino=5 res=0 errno=0
[  555.881484][T14694] SQUASHFS error: Failed to read block 0x6e6: -5
[  555.894309][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  555.905529][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  555.912372][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  555.922279][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  555.929797][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  555.936675][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  555.942921][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  555.950482][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  555.957342][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  555.963583][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  555.970915][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  555.978413][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  555.984671][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  555.992006][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  555.999860][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.006836][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.014152][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.025530][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.035916][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.043239][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.054502][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.065207][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.075851][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.082692][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.093522][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.105805][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.112656][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.123364][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.131203][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.142354][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.151086][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.158440][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.165585][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.171855][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.179221][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.186105][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.192417][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.201395][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.208274][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.214524][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.221869][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.228754][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.235007][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.242371][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.249456][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.255757][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.263086][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.269969][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.276254][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.283563][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.290527][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.296834][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.305743][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.312606][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.318881][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.326296][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.333926][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.340274][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.347684][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.354531][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.361021][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.368383][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.375214][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.381507][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.388856][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.395708][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.401948][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.410853][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.417746][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.421039][T14698] loop3: detected capacity change from 0 to 2048
[  556.423974][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.437647][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.444511][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.450827][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.458195][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.466033][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.472281][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.479636][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.486539][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.492787][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.500136][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.508526][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.514780][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.522146][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.529979][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.536278][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.543583][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.550457][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.556748][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.564060][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.570965][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.577266][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.584569][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.591459][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.597750][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.605060][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.613445][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.619752][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.627096][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.633940][T14694] SQUASHFS error: Failed to read block 0x0: -5
[  556.640248][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.648476][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.655757][T14694] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  556.663088][T14694] SQUASHFS error: read_indexes: reading block [6e4:0]
[  556.748827][T14705] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  556.797669][T14705] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  556.829995][T14705] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[  556.873948][T14705] Remounting filesystem read-only
[  557.287050][ T5861] Bluetooth: hci5: command tx timeout
[  557.689145][T14718] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2647'.
[  557.740973][T14723] netlink: 32 bytes leftover after parsing attributes in process `syz.9.2647'.
[  557.765894][ T7597] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  557.925639][ T7597] usb 4-1: Using ep0 maxpacket: 32
[  557.936288][ T7597] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  557.970787][ T7597] usb 4-1: config 0 has no interface number 0
[  558.014979][ T7597] usb 4-1: config 0 interface 184 has no altsetting 0
[  558.042791][ T7597] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  558.056612][ T7597] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  558.093637][ T7597] usb 4-1: Product: syz
[  558.106184][ T7597] usb 4-1: Manufacturer: syz
[  558.130281][ T7597] usb 4-1: SerialNumber: syz
[  558.159419][ T7597] usb 4-1: config 0 descriptor??
[  558.178328][ T7597] smsc75xx v1.0.0
[  558.557855][  T189] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  558.606323][  T189] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  558.653371][  T189] bond0 (unregistering): Released all slaves
[  559.195262][T14729] loop0: detected capacity change from 0 to 512
[  559.342165][T14729] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  559.365507][ T5861] Bluetooth: hci5: command tx timeout
[  559.433613][T14729] ext4 filesystem being mounted at /486/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  559.487943][ T7597] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  559.500288][ T7597] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  559.529831][ T7597] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  559.583222][ T7597] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  559.642385][T14722] loop4: detected capacity change from 0 to 32768
[  559.652183][ T7597] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  559.697477][ T7597] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  559.769680][ T7597] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  559.808567][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.850316][ T7597] usb 4-1: USB disconnect, device number 21
[  559.977821][T14722] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  560.041017][   T30] audit: type=1800 audit(1752271535.966:131): pid=14722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2660" name="file1" dev="loop4" ino=17059 res=0 errno=0
[  560.229929][   T30] audit: type=1326 audit(1752271536.146:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14734 comm="syz.1.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2ea78e929 code=0x7fc00000
[  560.550137][T14750] loop0: detected capacity change from 0 to 2048
[  560.609529][T14750] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  560.629519][  T189] hsr_slave_0: left promiscuous mode
[  560.659703][  T189] hsr_slave_1: left promiscuous mode
[  560.668847][  T189] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  560.693305][  T189] batman_adv: batadv0: Removing interface: batadv_slave_0
[  560.704530][T14756] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  560.722140][T14757] tls_set_device_offload: netdev not found
[  560.811562][  T189] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  560.862751][  T189] batman_adv: batadv0: Removing interface: batadv_slave_1
[  560.982719][  T189] veth1_macvtap: left promiscuous mode
[  561.008967][  T189] veth0_macvtap: left promiscuous mode
[  561.018903][  T189] veth1_vlan: left promiscuous mode
[  561.024441][  T189] veth0_vlan: left promiscuous mode
[  561.453651][ T5861] Bluetooth: hci5: command tx timeout
[  561.506106][T11563] ocfs2: Unmounting device (7,4) on (node local)
[  562.246775][    C0] EXT4-fs (loop5): error count since last fsck: 214
[  562.254116][    C0] EXT4-fs (loop5): initial error at time 1752271237: ext4_acquire_dquot:6931
[  562.262982][    C0] EXT4-fs (loop5): last error at time 1752271240: ext4_empty_dir:3115: inode 11: block 74
[  564.217790][  T189] team0 (unregistering): Port device team_slave_1 removed
[  564.387994][  T189] team0 (unregistering): Port device team_slave_0 removed
[  565.688518][T14829] tls_set_device_offload: netdev not found
[  566.352732][T14652] chnl_net:caif_netlink_parms(): no params data found
[  566.594734][T14821] loop9: detected capacity change from 0 to 32768
[  566.692924][T14845] netlink: 'syz.0.2694': attribute type 4 has an invalid length.
[  566.755223][T14847] netlink: 'syz.0.2694': attribute type 4 has an invalid length.
[  566.841361][T14821] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  567.055497][   T30] audit: type=1800 audit(1752271542.976:133): pid=14821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2680" name="file1" dev="loop9" ino=17059 res=0 errno=0
[  567.137520][T14652] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.156015][T14652] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.163327][T14652] bridge_slave_0: entered allmulticast mode
[  567.191790][T14652] bridge_slave_0: entered promiscuous mode
[  567.222858][T14652] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.237335][T14821] 
[  567.239704][T14821] ======================================================
[  567.240792][T14652] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.246712][T14821] WARNING: possible circular locking dependency detected
[  567.246729][T14821] 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 Not tainted
[  567.246750][T14821] ------------------------------------------------------
[  567.246765][T14821] syz.9.2680/14821 is trying to acquire lock:
[  567.259846][T14652] bridge_slave_1: entered allmulticast mode
[  567.260760][T14821] ffff888053f86d80
[  567.276556][T14652] bridge_slave_1: entered promiscuous mode
[  567.280891][T14821]  (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{4:4}, at: ocfs2_del_inode_from_orphan+0x112/0x700
[  567.307969][T14821] 
[  567.307969][T14821] but task is already holding lock:
[  567.315346][T14821] ffff888053f822e0 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_dio_end_io_write+0x1a6/0xf30
[  567.326483][T14821] 
[  567.326483][T14821] which lock already depends on the new lock.
[  567.326483][T14821] 
[  567.336897][T14821] 
[  567.336897][T14821] the existing dependency chain (in reverse order) is:
[  567.345922][T14821] 
[  567.345922][T14821] -> #3 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}:
[  567.354834][T14821]        down_write+0x92/0x200
[  567.359623][T14821]        ocfs2_create_local_dquot+0x157/0xb30
[  567.365736][T14821]        ocfs2_acquire_dquot+0x626/0xb00
[  567.371412][T14821]        dqget+0x693/0x1180
[  567.375944][T14821]        ocfs2_setattr+0x1a2a/0x2560
[  567.381255][T14821]        notify_change+0x6a9/0x1230
[  567.386465][T14821]        chown_common+0x54e/0x680
[  567.391516][T14821]        ksys_fchown+0x11a/0x190
[  567.396485][T14821]        __x64_sys_fchown+0x72/0xb0
[  567.401724][T14821]        do_syscall_64+0xcd/0x4c0
[  567.406783][T14821]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.413302][T14821] 
[  567.413302][T14821] -> #2 (&dquot->dq_lock){+.+.}-{4:4}:
[  567.420980][T14821]        __mutex_lock+0x199/0xb90
[  567.426037][T14821]        dqget+0x5f1/0x1180
[  567.430558][T14821]        __dquot_initialize+0x586/0xd50
[  567.436127][T14821]        ocfs2_get_init_inode+0xe7/0x1b0
[  567.441780][T14821]        ocfs2_mknod+0x974/0x2540
[  567.446828][T14821]        ocfs2_create+0x17c/0x460
[  567.451882][T14821]        vfs_create+0x4e0/0x7a0
[  567.456745][T14821]        do_mknodat+0x3d3/0x5d0
[  567.461610][T14821]        __x64_sys_mknod+0x87/0xb0
[  567.466740][T14821]        do_syscall_64+0xcd/0x4c0
[  567.471796][T14821]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.478225][T14821] 
[  567.478225][T14821] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{4:4}:
[  567.488789][T14821]        down_write+0x92/0x200
[  567.493569][T14821]        ocfs2_remove_inode+0x15b/0x8a0
[  567.499144][T14821]        ocfs2_wipe_inode+0x446/0x1210
[  567.504633][T14821]        ocfs2_evict_inode+0x6e0/0x1680
[  567.510206][T14821]        evict+0x3e6/0x920
[  567.514649][T14821]        iput+0x521/0x880
[  567.519003][T14821]        vfs_rmdir+0x487/0x690
[  567.523775][T14821]        do_rmdir+0x2e8/0x3c0
[  567.528470][T14821]        __x64_sys_rmdir+0xc5/0x110
[  567.533687][T14821]        do_syscall_64+0xcd/0x4c0
[  567.538744][T14821]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.545174][T14821] 
[  567.545174][T14821] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{4:4}:
[  567.555550][T14821]        __lock_acquire+0x126f/0x1c90
[  567.560959][T14821]        lock_acquire+0x179/0x350
[  567.565997][T14821]        down_write+0x92/0x200
[  567.570776][T14821]        ocfs2_del_inode_from_orphan+0x112/0x700
[  567.577137][T14821]        ocfs2_dio_end_io_write+0x2cb/0xf30
[  567.583058][T14821]        ocfs2_dio_end_io+0x136/0x2c0
[  567.588457][T14821]        dio_complete+0x224/0x970
[  567.593493][T14821]        __blockdev_direct_IO+0x348f/0x4180
[  567.599398][T14821]        ocfs2_direct_IO+0x263/0x360
[  567.604705][T14821]        generic_file_direct_write+0x19a/0x410
[  567.610887][T14821]        __generic_file_write_iter+0x11b/0x240
[  567.617069][T14821]        ocfs2_file_write_iter+0xbc4/0x21b0
[  567.622988][T14821]        iter_file_splice_write+0x91f/0x1150
[  567.628986][T14821]        direct_splice_actor+0x192/0x6c0
[  567.634672][T14821]        splice_direct_to_actor+0x345/0xa30
[  567.640589][T14821]        do_splice_direct+0x174/0x240
[  567.645982][T14821]        do_sendfile+0xb06/0xe50
[  567.650932][T14821]        __x64_sys_sendfile64+0x1d8/0x220
[  567.656676][T14821]        do_syscall_64+0xcd/0x4c0
[  567.661730][T14821]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.668159][T14821] 
[  567.668159][T14821] other info that might help us debug this:
[  567.668159][T14821] 
[  567.678390][T14821] Chain exists of:
[  567.678390][T14821]   &ocfs2_sysfile_lock_key[args->fi_sysfile_type] --> &dquot->dq_lock --> &ocfs2_quota_ip_alloc_sem_key
[  567.678390][T14821] 
[  567.695382][T14821]  Possible unsafe locking scenario:
[  567.695382][T14821] 
[  567.702836][T14821]        CPU0                    CPU1
[  567.708203][T14821]        ----                    ----
[  567.713564][T14821]   lock(&ocfs2_quota_ip_alloc_sem_key);
[  567.719214][T14821]                                lock(&dquot->dq_lock);
[  567.726163][T14821]                                lock(&ocfs2_quota_ip_alloc_sem_key);
[  567.734330][T14821]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]);
[  567.741453][T14821] 
[  567.741453][T14821]  *** DEADLOCK ***
[  567.741453][T14821] 
[  567.749652][T14821] 3 locks held by syz.9.2680/14821:
[  567.754869][T14821]  #0: ffff8880335e6428 (sb_writers#17){.+.+}-{0:0}, at: splice_direct_to_actor+0x345/0xa30
[  567.765039][T14821]  #1: ffff888053f82640 (&sb->s_type->i_mutex_key#22){+.+.}-{4:4}, at: ocfs2_file_write_iter+0x11cd/0x21b0
[  567.776517][T14821]  #2: ffff888053f822e0 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_dio_end_io_write+0x1a6/0xf30
[  567.788069][T14821] 
[  567.788069][T14821] stack backtrace:
[  567.793960][T14821] CPU: 0 UID: 0 PID: 14821 Comm: syz.9.2680 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  567.794003][T14821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  567.794024][T14821] Call Trace:
[  567.794034][T14821]  <TASK>
[  567.794047][T14821]  dump_stack_lvl+0x116/0x1f0
[  567.794099][T14821]  print_circular_bug+0x275/0x350
[  567.794158][T14821]  check_noncircular+0x14c/0x170
[  567.794216][T14821]  __lock_acquire+0x126f/0x1c90
[  567.794278][T14821]  lock_acquire+0x179/0x350
[  567.794307][T14821]  ? ocfs2_del_inode_from_orphan+0x112/0x700
[  567.794357][T14821]  ? __pfx___might_resched+0x10/0x10
[  567.794401][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.794441][T14821]  ? __lock_acquire+0xb8a/0x1c90
[  567.794496][T14821]  down_write+0x92/0x200
[  567.794526][T14821]  ? ocfs2_del_inode_from_orphan+0x112/0x700
[  567.794574][T14821]  ? __pfx_down_write+0x10/0x10
[  567.794606][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.794649][T14821]  ocfs2_del_inode_from_orphan+0x112/0x700
[  567.794701][T14821]  ? __pfx_ocfs2_del_inode_from_orphan+0x10/0x10
[  567.794750][T14821]  ? down_write+0x14d/0x200
[  567.794779][T14821]  ? __pfx_down_write+0x10/0x10
[  567.794809][T14821]  ? do_splice_direct+0x174/0x240
[  567.794844][T14821]  ? __x64_sys_sendfile64+0x1d8/0x220
[  567.794888][T14821]  ? do_syscall_64+0xcd/0x4c0
[  567.794938][T14821]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.794975][T14821]  ocfs2_dio_end_io_write+0x2cb/0xf30
[  567.795024][T14821]  ? __pfx_ocfs2_dio_end_io_write+0x10/0x10
[  567.795086][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.795130][T14821]  ? __lock_acquire+0xb8a/0x1c90
[  567.795186][T14821]  ocfs2_dio_end_io+0x136/0x2c0
[  567.795231][T14821]  ? __pfx_ocfs2_dio_end_io+0x10/0x10
[  567.795276][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.795316][T14821]  ? do_raw_spin_lock+0x12c/0x2b0
[  567.795357][T14821]  ? __pfx_ocfs2_dio_end_io+0x10/0x10
[  567.795406][T14821]  dio_complete+0x224/0x970
[  567.795441][T14821]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  567.795487][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.795530][T14821]  __blockdev_direct_IO+0x348f/0x4180
[  567.795582][T14821]  ? __pfx___blockdev_direct_IO+0x10/0x10
[  567.795616][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.795669][T14821]  ? __pfx_ocfs2_dio_wr_get_block+0x10/0x10
[  567.795748][T14821]  ? __pfx_ocfs2_dio_wr_get_block+0x10/0x10
[  567.795798][T14821]  ? ocfs2_direct_IO+0x263/0x360
[  567.795851][T14821]  ocfs2_direct_IO+0x263/0x360
[  567.795898][T14821]  generic_file_direct_write+0x19a/0x410
[  567.795944][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.795984][T14821]  ? mnt_put_write_access_file+0x45/0xf0
[  567.796026][T14821]  __generic_file_write_iter+0x11b/0x240
[  567.796075][T14821]  ocfs2_file_write_iter+0xbc4/0x21b0
[  567.796131][T14821]  ? __pfx_ocfs2_file_write_iter+0x10/0x10
[  567.796174][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.796215][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.796254][T14821]  ? rcu_is_watching+0x12/0xc0
[  567.796297][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.796337][T14821]  ? splice_from_pipe_next+0x1f8/0x5d0
[  567.796379][T14821]  iter_file_splice_write+0x91f/0x1150
[  567.796420][T14821]  ? splice_folio_into_pipe+0x587/0x5e0
[  567.796474][T14821]  ? __pfx_iter_file_splice_write+0x10/0x10
[  567.796530][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.796572][T14821]  ? __pfx_iter_file_splice_write+0x10/0x10
[  567.796612][T14821]  direct_splice_actor+0x192/0x6c0
[  567.796652][T14821]  splice_direct_to_actor+0x345/0xa30
[  567.796690][T14821]  ? __pfx_direct_splice_actor+0x10/0x10
[  567.796732][T14821]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  567.796772][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.796815][T14821]  do_splice_direct+0x174/0x240
[  567.796851][T14821]  ? __pfx_do_splice_direct+0x10/0x10
[  567.796889][T14821]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  567.796928][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.796967][T14821]  ? rw_verify_area+0xcf/0x680
[  567.797022][T14821]  do_sendfile+0xb06/0xe50
[  567.797059][T14821]  ? __pfx_do_sendfile+0x10/0x10
[  567.797095][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.797138][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.797177][T14821]  ? __x64_sys_futex+0x1e9/0x4c0
[  567.797231][T14821]  __x64_sys_sendfile64+0x1d8/0x220
[  567.797276][T14821]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  567.797323][T14821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.797368][T14821]  do_syscall_64+0xcd/0x4c0
[  567.797421][T14821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.797454][T14821] RIP: 0033:0x7f0acf98e929
[  567.797479][T14821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  567.797512][T14821] RSP: 002b:00007f0ad0873038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  567.797543][T14821] RAX: ffffffffffffffda RBX: 00007f0acfbb5fa0 RCX: 00007f0acf98e929
[  567.797566][T14821] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  567.797586][T14821] RBP: 00007f0acfa10b39 R08: 0000000000000000 R09: 0000000000000000
[  567.797611][T14821] R10: 0000000000fffe82 R11: 0000000000000246 R12: 0000000000000000
[  567.797632][T14821] R13: 0000000000000000 R14: 00007f0acfbb5fa0 R15: 00007ffee3601e78
[  567.797665][T14821]  </TASK>
[  568.561090][T14652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  568.603263][T14652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  568.656887][T10892] ocfs2: Unmounting device (7,9) on (node local)
[  568.693531][T14652] team0: Port device team_slave_0 added
[  568.718030][T14652] team0: Port device team_slave_1 added
[  568.767488][T14652] batman_adv: batadv0: Adding interface: batadv_slave_0
[  568.774484][T14652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  568.817963][T14652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  568.848831][T14652] batman_adv: batadv0: Adding interface: batadv_slave_1
[  568.855952][T14652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  568.884469][T14652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  568.930156][T14652] hsr_slave_0: entered promiscuous mode
[  568.936688][T14652] hsr_slave_1: entered promiscuous mode
[  568.942797][T14652] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  568.950827][T14652] Cannot create hsr debugfs directory
[  569.245234][T14652] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  569.254457][T14652] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  569.273642][T14652] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  569.283416][T14652] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  569.340070][T14652] 8021q: adding VLAN 0 to HW filter on device bond0
[  569.360489][T14652] 8021q: adding VLAN 0 to HW filter on device team0
[  569.371901][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.379017][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  569.396828][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.403918][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  569.566540][T14652] 8021q: adding VLAN 0 to HW filter on device batadv0
[  569.601368][T14652] veth0_vlan: entered promiscuous mode
[  569.611393][T14652] veth1_vlan: entered promiscuous mode
[  569.633671][T14652] veth0_macvtap: entered promiscuous mode
[  569.642350][T14652] veth1_macvtap: entered promiscuous mode
[  569.657647][T14652] batman_adv: batadv0: Interface activated: batadv_slave_0
[  569.671350][T14652] batman_adv: batadv0: Interface activated: batadv_slave_1
[  569.681840][T14652] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  569.690770][T14652] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  569.699897][T14652] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  569.708658][T14652] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  569.739372][T14652] ieee80211 phy35: Selected rate control algorithm 'minstrel_ht'
[  569.762436][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  569.764398][T14652] ieee80211 phy36: Selected rate control algorithm 'minstrel_ht'
[  569.778487][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  569.805284][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  569.814944][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  571.672496][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  572.488251][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  573.382518][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.455154][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.541251][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.643852][   T36] bridge_slave_1: left allmulticast mode
[  573.652875][   T36] bridge_slave_1: left promiscuous mode
[  573.659470][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.671973][   T36] bridge_slave_0: left allmulticast mode
[  573.677966][   T36] bridge_slave_0: left promiscuous mode
[  573.683684][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.833526][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  573.844675][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  573.862473][   T36] bond0 (unregistering): Released all slaves
[  574.090347][   T36] hsr_slave_0: left promiscuous mode
[  574.097251][   T36] hsr_slave_1: left promiscuous mode
[  574.103073][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  574.113711][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  574.123302][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  574.134353][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  574.150274][   T36] veth1_macvtap: left promiscuous mode
[  574.155969][   T36] veth0_macvtap: left promiscuous mode
[  574.161569][   T36] veth1_vlan: left promiscuous mode
[  574.168843][   T36] veth0_vlan: left promiscuous mode
[  574.369759][   T36] team0 (unregistering): Port device team_slave_1 removed
[  574.393087][   T36] team0 (unregistering): Port device team_slave_0 removed