last executing test programs:

2m6.351017047s ago: executing program 3 (id=417):
syz_open_dev$video(0x0, 0x7, 0x80040)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000480)={{0x0, 0x3, 0x0, 0x3}, 'syz0\x00', 0x10})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x10000)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
lsetxattr$security_ima(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100), 0x0, 0xb, 0x1)
sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, 0x0, 0x80044)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x240080c4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="0700000000000000005900ab37590000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, 0x0, 0x0)
bind$inet(r1, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

2m5.362692863s ago: executing program 3 (id=419):
syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x88000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='nr_ino'])
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x2, r0}, 0x38)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r1)
ioctl$SIOCSIFHWADDR(r1, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="01000000008d"})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000140)={0x3, 0x800})
chdir(&(0x7f0000000300)='./file0\x00')
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x100000000000600d, 0x1)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000000)=0x930d, 0x4)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x480, 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
sendmsg$inet(r4, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0)
connect$rxrpc(r3, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x24)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000004c0)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x40e}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000004700)={'team0\x00', <r8=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000004bc0)={0x0, 0x6, &(0x7f0000004b80)={&(0x7f00000047c0)={0x58, 0x0, 0x405, 0x70bd2d, 0x25dfdbfa, {}, [{{0x8, 0x1, r8}, {0x3c, 0x2, 0x0, 0x1, [{0x6, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)

2m5.146486607s ago: executing program 3 (id=421):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x1000000000000000}}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private0, 0x0, 0x4}]}]}, 0xfc}}, 0x0)
syz_emit_ethernet(0x22, &(0x7f0000000200)={@local, @link_local, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x7, 0x14, 0xfff8, 0x0, 0x1, 0x5c, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1a}}}}}}, 0x0)

2m4.413227878s ago: executing program 3 (id=423):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000140)={[{@nodecompose}, {@nobarrier}, {@nodecompose}, {@force}, {@nobarrier}, {@type={'type', 0x3d, "aff0aae8"}}, {@nls={'nls', 0x3d, 'iso8859-9'}}]}, 0x44, 0x6ff, &(0x7f0000000500)="$eJzs3U1sHGf5APBn1uu1N5XcbZu0/f+FFKsRETSQ2F5KgoREqBDyoUKRuPS6JE5jee1GtoucCBEXKBzhhHLooQiZQ0+oB6QiDohyRkLiinKPxD3iwKKZnVnvh73ebfyRhN9Pmp13Zt6PZ57OvN6dbbQB/M9afDsmtyOJxQtvbaXbD3bqzQc79dWiHBFTEVGKKLdXkaxFJJ9FXI32Ev+X7sy7S/Yb542Hn354/v7H9fZWOV+y+qVh7Xa1hoywnS8xGxET+XpM5f36ux5vDvR3b6yuk07cacLOFYmDk9YasD1O8xHuW+BJdy9iYnKP/bWIUxExnb8PiHx2KB1zeIdurFkOAAAAnkwTB1V4/lE8iq2YOZ5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NmQtH8zMMmXUlGejaT4/f9Kvi9VqZxwvMN95YDjH9w8pkAAAAAAAAAA4Eh8kn9xf/ZRPIqtmCn2t5LsO//Xso3T2etz8V5sxFKsx8XYikZsxmasx3zE5ExXh5Wtxubm+vxgy19H2rLVat3LWy5ERG2g5cI+gZYO+cQBAAAAAAAA4Nn0k1iMmZMOAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuiURE+1VtpwuyrUolSNiOiIqab3tiD8V5afZn086AAAAADh61Xw9k/ynXWgl2Wf+l7PP/dPxXqzFZizHZjRjKW5kzwLan/pLf9+uNx/s1FfTZbDjb/9rrDiyHiNiIt7fZ+S5rMaZTovF+G58Py7EbFyL9ViOH0YjNmMpZqOankQ0Iolatf30olbEuXe8V3u2rvXHdrZv+9UskmrcjOUstotxvRLtxybZOaRjvto12h8qEX0jvp9mJ/lWbsQc3ej67/Wr/LlMrvX8iH0cjVp25pOdjMyluc+z8cLw3I95nfSPNB+lzjOo07ujpJv9IxU5/8E4OT/VXk2nLz/vzflhG/NRWn8mFqKUX30RL/fm/PYX77/Y2/jL//jLtVultZVbNzcuHOEpPY7ZgypMFoX+TNS7MvHK8Ksvz0QzzcT26JmY7N8xPWrLo1XJs5FNRSPOlt/JSo14resSfDduxFJcjrmYjysxF9+Ihah3rrB0OdOT13J9tTcn2b1WGpzfqkOCP/elrkq/OKDy8Urz8kJXXrtnulp2LN9z9Zcx13X1vTj86hv7r0A6/v/n5XSMn3b+4jwJejKRz81FdC8Nz8RvWunrRnNtZf1W4/aI453P1+lt+0Hv3Pzb0aPu/+t+GNLrJZ1xy9lWlpNqcb2kx17qRNubr0r+jUu7XWng2JnOsVrMxHJ8b987tZK/hxvsqX3sle5j/9ydOSv5+5viWM+7nHg3mtm7kD4HTtUAHLNTr5+qVB9W/1b9qPqz6q3qW9NvTl2Z+kIlJv9a/uPE70u/K30zeT0+ih/HzElHCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4KNO3dXGs3m0nqnENP9ex63UNl3rOGFKB1YZ+e50TqMWsTwsZK8UDncc38aC9Xo21P8wtLj9vxJRAypU3ns4JOxr7GxC2keDqXDVqud1GxPa2KM5uWi1d51yrExHSuNpLzHHTe1exdEbaXR/Herp3k1um4Z4Bl3aXP19qWNO3e/urzaeGfpnaW1hSuXr1yuf33+a5duLjeX5tqvJx0lcBQ27tyd2GP3wC/dAgAAAAAAAAAAAE+O/P/+3/zc/5ihfECdyvrG3iOfPe5TBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5Si2/H5HYkMT93cS7dfrBTb6ZLUd6tWY6IUkQkP4pIPou4Gu0lal3dJfuN88bDTz88f//j+m5f5aJ+aVi70WznS8xGxES+PtjUHt0M9ne9q7/tzxVe0jnDNGHnisTBSftvAAAA//9u//cB")
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='tracefs\x00', 0x800, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x5006d, 0x0)

2m3.901224726s ago: executing program 3 (id=426):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f0000000240))

2m3.562426142s ago: executing program 3 (id=427):
syz_open_dev$video(0x0, 0x7, 0x80040)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000480)={{0x0, 0x3, 0x0, 0x3}, 'syz0\x00', 0x10})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x10000)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
lsetxattr$security_ima(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100), 0x0, 0xb, 0x1)
sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, 0x0, 0x80044)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x240080c4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="0700000000000000005900ab37590000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r1, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

2m2.962725821s ago: executing program 32 (id=427):
syz_open_dev$video(0x0, 0x7, 0x80040)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000480)={{0x0, 0x3, 0x0, 0x3}, 'syz0\x00', 0x10})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x10000)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
lsetxattr$security_ima(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100), 0x0, 0xb, 0x1)
sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, 0x0, 0x80044)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x240080c4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="0700000000000000005900ab37590000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r1, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

42.480269566s ago: executing program 2 (id=624):
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x200000, &(0x7f0000000ac0)={[{@uid}, {@dir_umask={'dir_umask', 0x3d, 0x7}}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@codepage={'codepage', 0x3d, 'macceltic'}}, {@file_umask={'file_umask', 0x3d, 0xd}}, {@uid}, {@part={'part', 0x3d, 0x2}}, {@creator={'creator', 0x3d, "8c10b081"}}]}, 0x2, 0x36b, &(0x7f0000000d80)="$eJzs3c1O1EAAB/D/tPspBCtgMN5ETTyRBQ8aY6Ix3HwBD4aIUBJCxQQwUaIBPXgyxpuJiUdvno2+gl6ML6AnDsSTXggx1Mx0uu2Wme4uHwXC/5ewdNv5nnY6g+4WRHRs3Rr/+eHymvwRZQAugGuAA6AGlACcxlDt0fzS7FLgT+cl5KoY8kcgiim2hZma901RZTwVQ/PkuxJ60/tof4RhGP5qG+pPIWWhgyOia38bB6jqq1MdrxVesh1Z7SBAtZiiHCKpHhYb2DD3OBERHSf6/u/ou0Svnr87DnBRz8OP0v0/ll5BtNztNoCnJ4svz6Gh7v+Pk94MhWwf1SIiWe+pJZxsQydeJZrSUqmUMzvDpLkriM6slg4QhlVly4xMlcWpz8wG/siqSuAFbmipYIPqdTo6dWO20laiX8OGtWmOvLrn61F1KMs6lC3lH+g6xy/reGvObuJbpX2ZxFfxXUwID+8wjT69sxQK2TgqugfU9e64TWcDv2FPUdXSU7VstNQyufpOqUzOxj3w+WNSy7qtXWtwZVlMZCoiO3/XJQDeWFpB7e5vHRR074zaa6diDRhjjTXfbxpjDWZj1WfKgT8y9TCITvpwxZ7tXjDO78VrcUcM4zc+YbzZ/7KrXTnUW67M7MgvVMioFRrN+piUVEhLP7ZQJ9uDrq5Mwua/MKLfZ8dhMw+vcB9X0bf4ZHluMgj8hcI25GhhPBRfKgWXx7YRnYj6dJR75O9UGNTkhmzuPct0KwxD46GSucXiDaejLCpxUW1ljk6dK++bVVbDrP5Tyu4qiNWoDVOHbtoDJ8OmqrvWZaYq+kozlrxbdBP9b5S77HdjGJGUcKGyvydknNVkEJxpdpyLakdXSn0Hmd5+NjcZ7HhEoiNk8eU5PeZg6O769YMuDhVPzrtEtP5LrVcaatSRL17OaiRsl3gqxVHLCqhfvZ5IVhtC//0+Z83VY1/B9cQbgT+Wt+Y6fwm4kNopc3MQ5/g8m6yHeLJ+CP9VsmoqVj27Yzm1LcbxA/dS838iIiIiIiIiIiIiIiIiIiIiIiIiIjoSkv/07+3y4wRb+nNI5k9iJNaO4RdvEBERERERERERERERERERERERERERERHtTur5v4CrnhhT2fPn/8Zf7N3p83/dDp7/K9o+4pOI2vgfAAD//xhyY3Q=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))

42.089151573s ago: executing program 2 (id=625):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
quotactl$Q_GETQUOTA(0xffffffff80000702, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

41.653021039s ago: executing program 2 (id=627):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000240)={[{@errors_remount}, {@grpquota}]}, 0x0, 0x4fe, &(0x7f0000000540)="$eJzs3c9vG0sdAPDvOnGSl+e+9ME7AAJeeRQKqur8aBtV5UB7AaGqCFFx4tCGxI2i2HUUJ6UJPaRH7khU4gR/AjcOSD1x4MYNblzKAalABWqQEDLa9TZxkzhJyQ838ecjrXdnduvvjN2Z8U7tTgA961xErEXEQETci4iRPD/Jt7jR2tLrXr18PL3+8vF0Es3mnb8n2fk0L9r+TOr9/DmHIuL73474UbI9bmNldX6qWq0s5unRpdrCaGNl9dJcIc+ZmByfHLt2+erEodX149qvX3xr7tYPfvubLzz/w9rXf5IWq/TTM9m59nocplbVi1Fqy+uPiFtHEaxL+vO/P5w8aWv7VER8krX/kejL3k0A4DRrNkeiOdKeBgBOu/T+vxRJoZzPBZSiUCiXW3N4H8VwoVpvLF0cqS8/mIlsDutsFAv356qVsXyu8GwUkzQ9nh1vpie2pC9HxIcR8bPB97J0ebpenenmBx8A6GHvbxn//zXYGv8BgFNu6C2v9xUBADj53nb8BwBOPuM/APSetxj/Tf0DwCnh/h8Aeo/xHwB6z57j/5PjKQcAcCy+d/t2ujXX8///eubhyvI3Sg8vzVQa8+Xa8nR5ur64UJ6t12erlfJ0s7nX81Xr9YXxKxvJxsrq3Vp9+cHS3bna1GzlbqV4xPUBAPb24cfP/pRExNr197It2tZyMFbD6VbodgGArunrdgGArvF7Huhd+7jHNw0Ap9wOS/S+oeNXhJ5a/BVOqgufNf8Pvcr8P/Su/2/+/5uHXg7g+Jn/h97VbCbW/AeAHmOOHzjQv/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjyplW1IoZ2uBr6WPhXI54kxEnI1icn+uWhmLiA8i4o+DxcE0Pd7tQgMAB1T4a5Kv/3Vh5Hxp69mB5N+D2T4ifvyLOz9/NLW0tDie5v9jI3/paZ4/MdCNCgAA7W5sz2qN0/m+7Ub+1cvH06+34yzii5utxUXTuOv51jrTH/3ZfiiKETH8zyRPt6SfV/oOIf7ak4j4zGb9H7VFKGVzIK2VT7fGT2OfOYL4m6//1viFN+IXsnPpvpi9Fp8+hLJAr3l2s9VP5m0vbWJ5+yvEuWy/c/sfynqog3vd/61v6/8KG/1f37b4Sdbmz22kdy/Jiyu/+862zOZI69yTiM/17xQ/2YifdOh/z++zjn/+/Bc/6XSu+cuIC7Fz/JZa1s2OLtUWRhsrq5fmalOzldnKg4mJyfHJsWuXr06MZnPUrcff7xTjb9cvftApflr/4Q7xh/ao/1f2Wf9f/efeD7+0S/yvfXnn9/+jXeKnY+JXO0b87hupqeHOZUvjz3So/17v/8Xdq73h+V9WZ/Z5KQBwDBorq/NT1WplcY+D9LPmXtc4OO6D/zZbDvY8sRbxTlQnOxiId6IYPX/Q7Z4JOGqbjb7bJQEAAAAAAAAAAAAAADpprKzOD8bR/pyo23UEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg9PpfAAAA///rNNKG")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x100000000, 0x80000001, 0x3, 0x0, 0xffffffffffffffff, 0x10000000000, 0xfffffffffffffffd, 0x9b})
setxattr$trusted_overlay_upper(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000002700)=ANY=[], 0x1015, 0x0)

40.773462063s ago: executing program 2 (id=630):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000440)='./file0\x00', 0x80, &(0x7f0000000140)={[{@umask={'umask', 0x3d, 0x2}}, {@nodecompose}, {@nobarrier}, {@nobarrier}, {@nobarrier}, {@umask={'umask', 0x3d, 0x2003}}, {@nls={'nls', 0x3d, 'cp855'}}]}, 0x1, 0x708, &(0x7f0000001f80)="$eJzs3U1sHGf5APBn1uu1N5XcbZu0/f+FFKsRETSQ2FlKgoSEqRDyoUKRuPS6JE5jee1GtoucCBEXKBzhhHLooQiZQ0+oB6QiDgg4IyFxRblH4kzEgUUzO7PeD3u92/gjCb+fNDvvzLwfzzydeb0722gD+J+1+HZMbkcSixfe2kq3H+zUmw926qtFOSKmIqIUUW6vIlmLSP4csRDtJf4v3Zl3l+w3zhsPP/3w/P2P6+2tcr5k9UvD2u1qDRlhO19iNiIm8vWYyvv1dz3eHOjv3lhdJ52404SdKxIHJ601YHuc5iPct8CT7l7ExOQe+2sRpyJiOn8fEPnsUDrm8A7dWLMcAAAAPJkmDqrw/KN4FFsxczzhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLMhaf9mYJIvpaI8G0nx+/+VfF+qUjnheIf70gHHP7h5TIEAAAAAAAAAwJH4JP/i/uyjeBRbMVPsbyXZd/6vZRuns9fn4r3YiKVYj4uxFY3YjM1Yj/mIyZmuDitbjc3N9fnBlr+MtGWr1bqXt7wcEbWBlpf3CbR0yCcOAAAAAAAAAM+mH8VizJx0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0C2JmGivsuV0Ua5FqRwR0xFRSettR/yhKD/N/njSAQAAAMDRq+brmeQ/7UIryT7zv5x97p+O92ItNmM5NqMZS3EjexbQ/tRf+tt2vflgp76aLoMdf/OfY8WR9RgRE/H+PiPPZTXOdFosxrfju3EhZuNarMdyfD8asRlLMRvV9CSiEUnUqu2nF7Uizr3jXejZutYf29m+7VezSKpxM5az2C7G9Uq0H5tk55CO+WrXaL+rRPSN+H6aneQbuRFzdKPrv9cv8ucyudbzI/ZxNGrZmU92MjKX5j7PxgvDcz/mddI/0nyUOs+gTu+Okm72j1Tk/Hvj5PxUezWdvvy0N+eHbcxHaf2ZuByl/OqLeLk357c/f//F3sZf/Pufrt0qra3curlx4QhP6XHMHlRhsij0Z6LelYlXhl99eSaaaSa2R8/EZP+O6VFbHq1Kno1sKhpxtvxWVmrEa12X4LtxI5biSszFfFyNufhaXI565wpLlzM9eS3XV3tzkt1rpcH5rTok+HNf6Kr0swMqH680Ly905bV7pqtlx/I9Cz+Pua6r78XhV9/YfwXS8f8/L6dj/LjzF+dJ0JOJfG4uontpeCZ+1UpfN5prK+u3GrdHHO98vk5v2w965+Zfjx51/1/3w5BeL+mMW862spxUi+slPfZSJ9refFXyb1za7UoDx850jtViJpbjO/veqZX8PdxgT+1jr3Qf+8fuzFnJ398Ux3re5cS70czehfQ5cKoG4Jidev1Upfqw+tfqR9WfVG9V35p+c+rq1OcqMfmX8u8nflv6TenryevxUfwwZk46UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBZs3Lm70mg2l9Y7hZju3/O4hcq+Yw0vROnAOjvPjdZh1CKGj5XkhcrhnvvTWKhG357iF5bWFyLiMXr+ZHjzymMHn4x9jY1dSPNwKB22Wu2kZntaE2M0Lxet9q5Tjo3pWGkk5T3uuKnduyBqK43mv1s9zavRdcsAz7hLm6u3L23cufvl5dXGO0vvLK1dvnrl6pX6V+e/cunmcnNprv26d9vW1HFHCxymjTt3J/bYPfBLtwAAAAAAAAAAAMCTI/+//zc/8z9mKO996F9FobK+sffIZ4/7VAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICn1OLbMbkdSczPXZxLtx/s1JvpUpR3a5YjohQRyQ8ikkrEQrSXqHV1l+w3zhsPP/3w/P2P67t9lYv6pWHtRrOdLzEbERP5+mBTe3Qz2N/1rv62P1N4SecM04SdKxIHJ+2/AQAA//908/ZL")
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x64020, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000001480)='./file0\x00', &(0x7f00000014c0)='pstore\x00', 0x14400, 0x0)

39.573582243s ago: executing program 2 (id=634):
r0 = io_uring_setup(0x54a0, &(0x7f0000000280)={0x0, 0x70e6, 0x2, 0x0, 0xf2})
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r0, 0x12, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000400)=[0xe758, 0x8], 0x2)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000240)=[0x40, 0x8], 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000280)={0x2, 0x1, 0x1000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x5, r3})
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000001480)="aeffa4486aa84c5cd1276d91eecdfccfb963910470b7fbea31521973580a6311fb47d40700e353de4e219eb4802eb77ce0d6016e584d552b5ccea8207888668e4b1c5d8e464389b41a7db270bcf39bd9e94fa051110e00cbf0a42159e717046d42be7bb0af9d94fc977ffa26577997b6c08a1b17ab4dd123fe7aa034d4d36f56ba3f438a0e6c356c0fad29e66a202cd90c08eb053f04f5b1aa50f6a115de7b6b61edd701777a7a6612f0310d2c1b0b9fabc21b67cecd727c6e05f18a639e9277b2813694267b7d134f89bedd55c711587c8ce6489474edd2f7b23243c0e2166aa7249592ea988afaef4fbbeddd1129b1091d885fcd6127ac89d5a0ebe59d47294152e34c23", 0x105, 0xffffffffffffffff)
r4 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r4, 0x401070c9, 0x0)
io_uring_enter(0xffffffffffffffff, 0x50d4, 0x4000, 0x50, 0x0, 0x20)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
creat(&(0x7f0000000240)='./file0/bus\x00', 0x0)
acct(&(0x7f0000000100)='./file0/bus\x00')
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
kexec_load(0x5, 0x3, &(0x7f0000001080), 0x3e0000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a010300000000000000000100000008000440000000000900010073797a300000000038000380340000800400018004000680140007800c000100636f756e74657200040002801400018006000100636f756e7465720080040280140000001000010000000000000000000000000a6115823951e1e677cf79ff2b86fec3d0140ce22908a9e22b04d5d92fb3a2eeea4f47ea0ac3793df7e3e12c0751d110c2f5d7c69f1c5c4371cf10b8cafa5728c506db60c69fef704dbc8652dba88ab1736c547c048c7043d26cc3a99eb2ec0258ce9d717bdb2e78bcf03fb63f5c0b3e1dd676d3a9509580120d9b5a10d9e3259108ffca72f3ddeb63fd2640d76a412337a1f0d6062574507a86823f98ec8efd343be01b130a2a4a764e3dd4ab6252b27cb8622135818fd8114c1278828696d98d8bdd37553f131d9c572bedffa7e9dceea60daa776437eaf3b75bf58c7dfbee34d0cb4e38e114"], 0xe4}}, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)

39.11301519s ago: executing program 2 (id=635):
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file2\x00', 0x1000000, &(0x7f0000000180)={[{@utf8}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@fmask={'fmask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp864'}}, {@sys_tz}, {@gid}, {@utf8}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}, {@umask={'umask', 0x3d, 0x1}}, {@dmask={'dmask', 0x3d, 0x1}}]}, 0x1, 0x1505, &(0x7f0000000ac0)="$eJzs3Au8jdXWMPAx5pwPm6SV5D7HHA8ruUySJJeEXJIkSZLcEpIkSUJyyy0JScg95B6SW0ju9/s9SY4kSUJCkvn9VOd1ztd7vvrec77Pe949/r/fs/cc+1ljrPGssfdaz3p+e+9v2g2sVKdy+VrMDP8U/PVTVwBIAYA+AHAdAEQAUCxTsUyX96fT2PWfuxPxr/Xw1KvdgbiaZP6pm8w/dZP5p24y/9RN5p+6yfxTN5l/6ibzFyI12zot+/Wypd7tz1//d//n3XL9/9+QvP7/j/WnftJk/qmbzD91k/mnbjL/1E3mn7rJ/FM3mX/qJvMXIjW72tef/w22vz5UV7uPP9ii/1Le1f3uE0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRWpwPVxgA+Ov6avclhBBCCCGEEEKIf52Q9mp3IIQQQgghhBBCiP/3EMBoMNFf43SQHq6BDHAtZITrIAHXQya4ATLDjZAFskI2yA45ICfkAgsEDhhiyA15IAk3QV64GfJBfigABcFDISgMt0ARuBWKwm1QDGYvBLgDSkBJKAWl4U4oA3dBWSgH5eFuqAAVoRJUhnugCtwLVeE+qAb3Q3V4AGrAg1ATHoJa8DDUhkegDjwKdeExqAf1oQE0hEb/pfyXoBO8DJ2hC3SFbtAdXoEe0BN6QW/oA69CX3gN+sHr0B8GwEB4AwbBmzAY3oIhMBSGwdswHEbASBgFo2EMjIV3YByMhwnwLkyESTAZpsBUmAbT4T2YATNhFrwPs+EDmANzYR7MhwXwISyERbAYPoIl8DEshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFbbAddsBO2AW7YU+5vfAJ7INPYT98Bgfg8//L/HPw9/ntERBQoUKDBtNgGkzBFEyP6TEDZsCMmBETmMBMmAkzY2bMglkwG2bDHJgDc2EuJCRkZMyNuTGJScyLeTEf5sMCWAA9eiyMhbEI3opFsSgWw2JYHItjCSyJJbE0lsYyWAbLYlksf8dcAKyAlbAS3oP34L1YFatiNayG1bE61sAaWBNrYi2shbWxNtbBOlgX62I9rIcNsAE2wkbYGBtjE2yCzbAZNsfm2AJbYEtsia2wFbbG1tgG22BbbIvtsB22xw7YAV/Cl/BlfBm7YAXVDbtjd+yBPbAX9sbe+Cr2xdfwNXwd++MAHIhv4Bv4Jg7GszgEh+IwHIZl1AgciaOQ1Rgci2NxHI7DCTgBJ+IknIRTcCpOw+k4HWfgTJyJ7+Ns/AA/wLk4F+fjAlyAC3ERLsbFuATP4VJchstxBa7EVbgS1+BaXIPrcQOux024CbfgFtyG23AH7sBduAv34B78BD/BT/FT7I8H8AAexIN4CA/hYTyMR/AIHsWj264BwON4HE/gCTyJp/A0nsIzeAbP4jk8j+fxAl7Ai/hCjq9q78m/rj+oy4wyKo1Ko1JUikqv0qsMKoPKqDKqhEqoTCqTyqwyqywqi8qmsqkcKofKpXIpUqRYxSq3yq2SKqnyqrwqn8qnCqgCyiuvCqvCqogqooqqoqqYul0VV3eoEqqkaupLq9KqjGrmy6pyqrwqryqoiqqSqqwqqyqqiqqqqqpqqpqqrqqrGupBVVN1w174sLo8mTpqANZVA7Geqq8aqIbqTXxcNVaDsYlqqpqpJ9VQHIItVGPfUj2jWqmR2Fo9p0bh86qtGoPt1IuqveqgOqqXVCfVxHdWXdRE7Ka6qynYQ/VUvVRvNQMrqssTq6ReV/3VADVQvaHm45tqsHpLDVFD1TD1thquRqiRapQarcaoseodNU6NVxPUu2qimqQmqylqqpqmpqv31Aw1U81S76vZ6gM1R81V89R8tUB9qBaqRWqx+kgtUR+rpWqZWq5WqJVqlVqt1qi1ap1arzaojWqT2qy2qK1qm9qudqidapfarfaoveoTtU99qvarz9QB9bk6qP6iDqkv1GH1pTqivlJH1dfqmPpGHVffqhOqizqpTqnT6nt1Rv2gzqpz6rz6UV1QP6mL6md1SQUFGrXSWhsd6TQ6rU7R6XR6fY3OoK/VGfV1OqGv15n0DTqzvlFn0Vl1Np1d59A5dS5tNWmnWcc6t86jk/omnVffrPPp/LqALqi9LqQL61t0EX2rLqpv08X07bq4vkOX0CV1KV1a36nL6Lt0WV1Ol9d36wq6oq6kK+t7dBV9r66q79PV9P26un5A19AP6pr6IV1LP6xr60d0Hf2orqsf0/V0fd1AN9SN9OO6sX5CN9FNdTP9pG6un9It9NO6pX5Gt9LP6tb6Od1GP6/b6hd0O/2ibq876I76Z31JB91Zd9FddTfdXb+ie+ieupfurfvoV3Vf/Zrup1/X/fUAPVC/oQfpN/Vg/ZYeoofqYfptPVyP0CP1KD1aj9Fj9Tt6nB6vJ+h39UQ9SU/WU/RUPU33+q3SrD+RP/4/ye/3y71v0Vv1Nr1d79A79S69W+/Re/VevU/v0/v1fn1AH9AH9UF9SB/Sh/VhfUQf0Uf1UX1MH9PH9XF9Qp/QJ/Up/aP+Xp/RP+iz+pw+p3/UF/QFffG3xwAMGmW0MSYyaUxak2LSmfTmGpPBXGsymutMwlxvMpkbTGZzo8lisppsJrvJYXKaXMYaMs6wiU1uk8ckzU0mr7nZ5DP5TQFT0HhTyBQ2t/zT+f+gvxWTfz1ZMY1MI9PYNDZNTBPTzDQzzU1z08K0MC1NS9PKtDKtTWvTxrQxbU1b0860M+1Ne9PRdDSdTCfTGcF0NV1Nd/OK6WF6ml6mt+ljXjV9TV/Tz/Qz/U1/M9AMNIPMIDPYDDZDzBBjAGC4GW5GmpFmtBltxpqxZpwZZyaYCWaimWgmm8lmqplqppvpZoaZYWaZWWa2mW3mmDlmnplnFpgFZqFZaBabxWaJWWKWmmVmmVlhVphVZpVZY9aYdWad2WA2mE1mk1lqtpqtZrvZbnaanWa32W32mr1mn9ln9pv95oA5YA6ag+aQOWQOm8PmiDlijpqj5pg5Zo6b4+aEOWFOmpPmtDltzpgz5qw5a86b8+aCuWAumovmkrlkIIJIRSoykYnSRGmilCglSh+ljzJEGaKMUcYoESWiTFGmKHN0Y5Qlyhpli7JHOaKcUa7IRhS5iKM4yh3liZLRTVHe6OYoX5Q/KhAVjHxUKCoc3RIViW6Nika3RcWi26Pi0R1RiahkVCoqHd0ZlYnuispG5aLy0d1RhahiVCmqHN0TVYnujapG90XVovuj6tEDUY3owahm9FBUK3o4qh09EtWJHo3qRo9F9aL6UYOoYdToX1o/hLNZn/CdbRebFrrZ7vYV28P2tL1sb9vHvmr72tdsP/u67W8H2IH2DTvIvmkH27fsEDvUDrNv2+F2hB1pR9nRdowda9+x4+x4O8G+ayfaSXaynWKn2ml2un3PzrAz7Sz7vp1tP7Bz7Fw7z863C+yHdqFdZBfbj+wS+7FdapfZ5XaFXWlX2dV2jV1r19n1doPdaDfZzXaL3Wq32e12h91pd9nddo/daz+x++yndr/9zB6wn9uDNuW38/kv7RH7lT1qv7bH7Df2uP3WnrDf2ZP2lD1tv7dn7A/2rD1nz9sf7QX7k71of7aXbLh8cn/55Z0MGUpDaSiFUig9pacMlIEyUkZKUIIyUSbKTJkpC2WhbJSNclAOykW56DImptyUm5KUpLyUl/JRPipABciTp8JUmIpQESpKRakYFaPiVJxKUAkqRaXoTrqT7qK7qByVo7vpbqpIFakyVaYqVIWqUlWqRtWoOlWnGlSDalJNqkW1qDbVpjpUh+pSXapH9agBNaBG1IgaU2NqQk2oGTWj5tScWlALakktqRW1otbUmtpQG2pLbakdtaP21J46UkfqRJ2oM3WmrtSVulN36kE9qBf1oj7Uh/pSX+pH/ag/9aeBNJAG0SAaTINpCA2lYfQ2DacRNJJG0WgaQ2NpLI2jcTSBJtBEmkiTaTJNpak0nabTDJpBs2gWzabZNIfm0DyaRwtoAS2khbSYFtMSWkJLaSktp+W0klbSalpNa2ktraf1tJE20mbaTFtpK22n7bSTdtJu2k17aS/to320n/bTATpAB+kgHaJDdJgO0xE6QkfpKB2jY3ScjtMJOkEn6SSdptN0hs7QWTpL5+k8XaCf6CL9TJcoUIpL59K7a1wGd63L6K5z/3uczWV3OVxOl8tZl8Vl/buYnHP5XH5XwBV03hVyhd0tv4tLuJKulCvt7nRl3F2u7O/iKmt3/vqL6O5+V9nd46q4e11Vd5+r5u531d0DroZ71NV0j7larr6r7Rq6Ou5RV9c95uq5+q6Ba+iau6dcC/e0a+meca3cs7+LF7pFbq1b59a7DW6f+9Sddz+6Y+4bd8H95Dq7Lq6Pe9X1da+5fu51198N+F08zL3thrsRbqQb5Ua7Mb+LJ7spbqqb5qa799wMN/N38QL3oZvtFrs5bq6b5+b/El/uabH7yC1xH7ulbplb7la4lW6VW+3W/EevK9wmt9ltcXvdJ2672+F2ul1ut9vzS3z5OPa7z9wB97k76r52h9wX7rA77o64r36JLx/fcfetO+G+cyfdKXfafe/OuB/cWXful+O/fOzfu5/dJRccMLJizYYjTsNpOYXTcXq+hjPwtZyRr+MEX8+Z+AbOzDdyFs7K2Tg75+CcnIstEztmjjk35+Ek38R5+WbOx/m5ABdkz4W4MN/CRfhWLsq3cTG+nYvzHVyCS3IpLs13chm+i8tyOS7Pd3MFrsiVuDLfw1X4Xq7K93E1vp+r8wNcgx/kmvwQ1+KHuTY/wnX4Ua7Lj3E9rs8NuCE34se5MT/BTbgpN+MnuTk/9evTYRHgVvwst+bnuA0/z235BW7HL3J77sAd+SXuxC9zZ+7CXbkbd+dXuAf35F7cm/vwq9yXX+N+/Dr35wE8kN/gQfwmD+a3eAgP5WH8Ng/nETySR/FoHsNj+R0ex+N5Ar/LE3kST+YpPJWn8XR+j2fwTJ7F7/Ns/oDn8Fyex/N5AX/IC3kRL+aPeAl/zEt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7CW3kbb+cdjLyLd/Me3suf8D7+lPfzZ3yAP+eD/Bc+xF/wYf6Sj/BXfJS/5mP8DR/nb/kEf8cn+RSf5u/5DP/AZ/kcn+cf+QL/xBf5Z77EgSHGWMU6NnEUp4nTxilxujh9fE2cIb42zhhfFyfi6+NM8Q1x5vjGOEucNc4WZ49zxDnjXLGNKXYxx3GcO84TJ+Ob4rzxzXG+OH9cIC4Y+7hQXDi+JS4S3xoXjW+Li8W3x8XjO+ISccn40ftLx3fGZeK74rJxubh8fHdcIa4YV4orx/fEVeJ746rxfXG1+P64aPxAXCN+MK4ZPxTXih+Oa8ePxHXiR+O68WNxvbh+3CBuGDeKH48bx0/ETeKmcbP4ybh5/FTcIn46bhk/E7eKn/3D/V3jbnH3+JX4lTiE+/S85PzkguSHyYXJRcnFyY+SS5IfJ5cmlyWXJ1ckVyZXJVcn1yTXJtcl1yc3JDcmNyU3J7ckQ6icFjx65bU3PvJpfFqf4tP59P4an8Ff6zP663zCX+8z+Rt8Zn+jz+Kz+mw+u8/hc/pc3nryzrOPfW6fxyf9TT6vv9nn8/l9AV/Qe1/IF/YNfSPfyDf2T/gmvqlv5p/0T/qn/FP+af+0f8a38s/61v4538Y/79v6F/wL/kXf3nfwHf1LvpN/2Xf2XXxX39V39919D9/D9/K9fB/fx/f1fX0/38/39/39QD/QD/KD/GA/2A/xQ/wwP8wP98P9SD/Sj/aj/Vg/1o/z4/wEP8FP9BP9ZD/ZT/VT/XQ/3c/wM/wsP8vPzjfbz/Fz/Dw/zy/wC/xCv9Av9ov9Er/EL/VL/XK/3K/0K/1qv9qv9Wv9er/eb/Qb/Wa/2W/1W/12v93v9Dv9br/b7/V7/T6/z+/3+/0Bf8Af9AfPB3/IH/Zf+iP+K3/Uf+2P+W/8cf+tP+G/8yf9KX/af+/P+B/8WX/On/c/+gv+J3/R/+wv+eDHJt5JjEuMT0xIvJuYmJiUmJyYkpiamJaYnngvMSMxMzEr8X5iduKDxJzE3MS8xPzEgsSHiYWJRYnFiY8SSxIfJ5YmliWWJ1YkViZWJULIuT0OuUOekAw3hbzh5pAv5A8FQsHgQ6FQONwSioRbQ9FwWygWbg/Fwx2hRCgZSoXHQr1QPzQIDUOj8HhoHJ4ITULT0Cw8GZqHp0KL8HRoGZ4JrcKzoXV4LrQJz4e24YXQLrwY2ocOoWN4KXQKL4fOQYeuoVvoHl4JPULP0Cv0Dn3Cq6FveC30C6+H/mFAGBjeCIPCm2FweCsMCUPDsPB2GB5GhJFhVBgdxoSx4Z0wLowPE8K7YWKYFCaHKWFqmBamh/fCjDAzzArvh9nhgzAnzA3zwvywIHwYFoZFYXH4KCwJH4elYVlYHlYESFkVVoc1YW1YF9aHDWFj2BQ2hy1ha9gWtocdYWfYFXaHPWFv+CTsC5+G/eGzcCB8Hg6Gv4RD4YtwOHwZjoSvwtHwdTgWvgnHw7fhRPgunAynwunwfTgTfghnw7lwPvwYLoSfwsXwc7gkf7MmhBBCCPGnjP+D/d3+LlL/8VH99pXuAHDtjuxH/vZWGgA2Zvl13VPlaJ4AgGe6tHv4r1uFCl27dv3ttks1RHnmAkDiSn4auBIvg2bwFLSEplDkP+2vp+pwgf+gfvJ2gPR/k5MCV+Ir9W/9B/VHzP7D+nMB8uW5kpMOrsRX6hf9Xe3ol/pZG/9B/XRfjAVo8jd5GeBKfKV+YXgCnoWWf3dLIYQQQgghhBDiVz1VqTZ/9P728vvzHOZKTlq4Ev/R+3MhhBBCCCGEEEJcfc936Pj04y1bNm3zDxbl/vEuWaSWRZr/Hm382y8A/lu08ecWV/uZSQghhBBCCPGvduWk/2p3IoQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCpF7/P/6d2NU+RiGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOJq+18BAAD//6/mMEE=")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
unlink(&(0x7f0000000080)='./file1\x00')

38.525593109s ago: executing program 33 (id=635):
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file2\x00', 0x1000000, &(0x7f0000000180)={[{@utf8}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@fmask={'fmask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp864'}}, {@sys_tz}, {@gid}, {@utf8}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}, {@umask={'umask', 0x3d, 0x1}}, {@dmask={'dmask', 0x3d, 0x1}}]}, 0x1, 0x1505, &(0x7f0000000ac0)="$eJzs3Au8jdXWMPAx5pwPm6SV5D7HHA8ruUySJJeEXJIkSZLcEpIkSUJyyy0JScg95B6SW0ju9/s9SY4kSUJCkvn9VOd1ztd7vvrec77Pe949/r/fs/cc+1ljrPGssfdaz3p+e+9v2g2sVKdy+VrMDP8U/PVTVwBIAYA+AHAdAEQAUCxTsUyX96fT2PWfuxPxr/Xw1KvdgbiaZP6pm8w/dZP5p24y/9RN5p+6yfxTN5l/6ibzFyI12zot+/Wypd7tz1//d//n3XL9/9+QvP7/j/WnftJk/qmbzD91k/mnbjL/1E3mn7rJ/FM3mX/qJvMXIjW72tef/w22vz5UV7uPP9ii/1Le1f3uE0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRWpwPVxgA+Ov6avclhBBCCCGEEEKIf52Q9mp3IIQQQgghhBBCiP/3EMBoMNFf43SQHq6BDHAtZITrIAHXQya4ATLDjZAFskI2yA45ICfkAgsEDhhiyA15IAk3QV64GfJBfigABcFDISgMt0ARuBWKwm1QDGYvBLgDSkBJKAWl4U4oA3dBWSgH5eFuqAAVoRJUhnugCtwLVeE+qAb3Q3V4AGrAg1ATHoJa8DDUhkegDjwKdeExqAf1oQE0hEb/pfyXoBO8DJ2hC3SFbtAdXoEe0BN6QW/oA69CX3gN+sHr0B8GwEB4AwbBmzAY3oIhMBSGwdswHEbASBgFo2EMjIV3YByMhwnwLkyESTAZpsBUmAbT4T2YATNhFrwPs+EDmANzYR7MhwXwISyERbAYPoIl8DEshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFbbAddsBO2AW7YU+5vfAJ7INPYT98Bgfg8//L/HPw9/ntERBQoUKDBtNgGkzBFEyP6TEDZsCMmBETmMBMmAkzY2bMglkwG2bDHJgDc2EuJCRkZMyNuTGJScyLeTEf5sMCWAA9eiyMhbEI3opFsSgWw2JYHItjCSyJJbE0lsYyWAbLYlksf8dcAKyAlbAS3oP34L1YFatiNayG1bE61sAaWBNrYi2shbWxNtbBOlgX62I9rIcNsAE2wkbYGBtjE2yCzbAZNsfm2AJbYEtsia2wFbbG1tgG22BbbIvtsB22xw7YAV/Cl/BlfBm7YAXVDbtjd+yBPbAX9sbe+Cr2xdfwNXwd++MAHIhv4Bv4Jg7GszgEh+IwHIZl1AgciaOQ1Rgci2NxHI7DCTgBJ+IknIRTcCpOw+k4HWfgTJyJ7+Ns/AA/wLk4F+fjAlyAC3ERLsbFuATP4VJchstxBa7EVbgS1+BaXIPrcQOux024CbfgFtyG23AH7sBduAv34B78BD/BT/FT7I8H8AAexIN4CA/hYTyMR/AIHsWj264BwON4HE/gCTyJp/A0nsIzeAbP4jk8j+fxAl7Ai/hCjq9q78m/rj+oy4wyKo1Ko1JUikqv0qsMKoPKqDKqhEqoTCqTyqwyqywqi8qmsqkcKofKpXIpUqRYxSq3yq2SKqnyqrwqn8qnCqgCyiuvCqvCqogqooqqoqqYul0VV3eoEqqkaupLq9KqjGrmy6pyqrwqryqoiqqSqqwqqyqqiqqqqqpqqpqqrqqrGupBVVN1w174sLo8mTpqANZVA7Geqq8aqIbqTXxcNVaDsYlqqpqpJ9VQHIItVGPfUj2jWqmR2Fo9p0bh86qtGoPt1IuqveqgOqqXVCfVxHdWXdRE7Ka6qynYQ/VUvVRvNQMrqssTq6ReV/3VADVQvaHm45tqsHpLDVFD1TD1thquRqiRapQarcaoseodNU6NVxPUu2qimqQmqylqqpqmpqv31Aw1U81S76vZ6gM1R81V89R8tUB9qBaqRWqx+kgtUR+rpWqZWq5WqJVqlVqt1qi1ap1arzaojWqT2qy2qK1qm9qudqidapfarfaoveoTtU99qvarz9QB9bk6qP6iDqkv1GH1pTqivlJH1dfqmPpGHVffqhOqizqpTqnT6nt1Rv2gzqpz6rz6UV1QP6mL6md1SQUFGrXSWhsd6TQ6rU7R6XR6fY3OoK/VGfV1OqGv15n0DTqzvlFn0Vl1Np1d59A5dS5tNWmnWcc6t86jk/omnVffrPPp/LqALqi9LqQL61t0EX2rLqpv08X07bq4vkOX0CV1KV1a36nL6Lt0WV1Ol9d36wq6oq6kK+t7dBV9r66q79PV9P26un5A19AP6pr6IV1LP6xr60d0Hf2orqsf0/V0fd1AN9SN9OO6sX5CN9FNdTP9pG6un9It9NO6pX5Gt9LP6tb6Od1GP6/b6hd0O/2ibq876I76Z31JB91Zd9FddTfdXb+ie+ieupfurfvoV3Vf/Zrup1/X/fUAPVC/oQfpN/Vg/ZYeoofqYfptPVyP0CP1KD1aj9Fj9Tt6nB6vJ+h39UQ9SU/WU/RUPU33+q3SrD+RP/4/ye/3y71v0Vv1Nr1d79A79S69W+/Re/VevU/v0/v1fn1AH9AH9UF9SB/Sh/VhfUQf0Uf1UX1MH9PH9XF9Qp/QJ/Up/aP+Xp/RP+iz+pw+p3/UF/QFffG3xwAMGmW0MSYyaUxak2LSmfTmGpPBXGsymutMwlxvMpkbTGZzo8lisppsJrvJYXKaXMYaMs6wiU1uk8ckzU0mr7nZ5DP5TQFT0HhTyBQ2t/zT+f+gvxWTfz1ZMY1MI9PYNDZNTBPTzDQzzU1z08K0MC1NS9PKtDKtTWvTxrQxbU1b0860M+1Ne9PRdDSdTCfTGcF0NV1Nd/OK6WF6ml6mt+ljXjV9TV/Tz/Qz/U1/M9AMNIPMIDPYDDZDzBBjAGC4GW5GmpFmtBltxpqxZpwZZyaYCWaimWgmm8lmqplqppvpZoaZYWaZWWa2mW3mmDlmnplnFpgFZqFZaBabxWaJWWKWmmVmmVlhVphVZpVZY9aYdWad2WA2mE1mk1lqtpqtZrvZbnaanWa32W32mr1mn9ln9pv95oA5YA6ag+aQOWQOm8PmiDlijpqj5pg5Zo6b4+aEOWFOmpPmtDltzpgz5qw5a86b8+aCuWAumovmkrlkIIJIRSoykYnSRGmilCglSh+ljzJEGaKMUcYoESWiTFGmKHN0Y5Qlyhpli7JHOaKcUa7IRhS5iKM4yh3liZLRTVHe6OYoX5Q/KhAVjHxUKCoc3RIViW6Nika3RcWi26Pi0R1RiahkVCoqHd0ZlYnuispG5aLy0d1RhahiVCmqHN0TVYnujapG90XVovuj6tEDUY3owahm9FBUK3o4qh09EtWJHo3qRo9F9aL6UYOoYdToX1o/hLNZn/CdbRebFrrZ7vYV28P2tL1sb9vHvmr72tdsP/u67W8H2IH2DTvIvmkH27fsEDvUDrNv2+F2hB1pR9nRdowda9+x4+x4O8G+ayfaSXaynWKn2ml2un3PzrAz7Sz7vp1tP7Bz7Fw7z863C+yHdqFdZBfbj+wS+7FdapfZ5XaFXWlX2dV2jV1r19n1doPdaDfZzXaL3Wq32e12h91pd9nddo/daz+x++yndr/9zB6wn9uDNuW38/kv7RH7lT1qv7bH7Df2uP3WnrDf2ZP2lD1tv7dn7A/2rD1nz9sf7QX7k71of7aXbLh8cn/55Z0MGUpDaSiFUig9pacMlIEyUkZKUIIyUSbKTJkpC2WhbJSNclAOykW56DImptyUm5KUpLyUl/JRPipABciTp8JUmIpQESpKRakYFaPiVJxKUAkqRaXoTrqT7qK7qByVo7vpbqpIFakyVaYqVIWqUlWqRtWoOlWnGlSDalJNqkW1qDbVpjpUh+pSXapH9agBNaBG1IgaU2NqQk2oGTWj5tScWlALakktqRW1otbUmtpQG2pLbakdtaP21J46UkfqRJ2oM3WmrtSVulN36kE9qBf1oj7Uh/pSX+pH/ag/9aeBNJAG0SAaTINpCA2lYfQ2DacRNJJG0WgaQ2NpLI2jcTSBJtBEmkiTaTJNpak0nabTDJpBs2gWzabZNIfm0DyaRwtoAS2khbSYFtMSWkJLaSktp+W0klbSalpNa2ktraf1tJE20mbaTFtpK22n7bSTdtJu2k17aS/to320n/bTATpAB+kgHaJDdJgO0xE6QkfpKB2jY3ScjtMJOkEn6SSdptN0hs7QWTpL5+k8XaCf6CL9TJcoUIpL59K7a1wGd63L6K5z/3uczWV3OVxOl8tZl8Vl/buYnHP5XH5XwBV03hVyhd0tv4tLuJKulCvt7nRl3F2u7O/iKmt3/vqL6O5+V9nd46q4e11Vd5+r5u531d0DroZ71NV0j7larr6r7Rq6Ou5RV9c95uq5+q6Ba+iau6dcC/e0a+meca3cs7+LF7pFbq1b59a7DW6f+9Sddz+6Y+4bd8H95Dq7Lq6Pe9X1da+5fu51198N+F08zL3thrsRbqQb5Ua7Mb+LJ7spbqqb5qa799wMN/N38QL3oZvtFrs5bq6b5+b/El/uabH7yC1xH7ulbplb7la4lW6VW+3W/EevK9wmt9ltcXvdJ2672+F2ul1ut9vzS3z5OPa7z9wB97k76r52h9wX7rA77o64r36JLx/fcfetO+G+cyfdKXfafe/OuB/cWXful+O/fOzfu5/dJRccMLJizYYjTsNpOYXTcXq+hjPwtZyRr+MEX8+Z+AbOzDdyFs7K2Tg75+CcnIstEztmjjk35+Ek38R5+WbOx/m5ABdkz4W4MN/CRfhWLsq3cTG+nYvzHVyCS3IpLs13chm+i8tyOS7Pd3MFrsiVuDLfw1X4Xq7K93E1vp+r8wNcgx/kmvwQ1+KHuTY/wnX4Ua7Lj3E9rs8NuCE34se5MT/BTbgpN+MnuTk/9evTYRHgVvwst+bnuA0/z235BW7HL3J77sAd+SXuxC9zZ+7CXbkbd+dXuAf35F7cm/vwq9yXX+N+/Dr35wE8kN/gQfwmD+a3eAgP5WH8Ng/nETySR/FoHsNj+R0ex+N5Ar/LE3kST+YpPJWn8XR+j2fwTJ7F7/Ns/oDn8Fyex/N5AX/IC3kRL+aPeAl/zEt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7CW3kbb+cdjLyLd/Me3suf8D7+lPfzZ3yAP+eD/Bc+xF/wYf6Sj/BXfJS/5mP8DR/nb/kEf8cn+RSf5u/5DP/AZ/kcn+cf+QL/xBf5Z77EgSHGWMU6NnEUp4nTxilxujh9fE2cIb42zhhfFyfi6+NM8Q1x5vjGOEucNc4WZ49zxDnjXLGNKXYxx3GcO84TJ+Ob4rzxzXG+OH9cIC4Y+7hQXDi+JS4S3xoXjW+Li8W3x8XjO+ISccn40ftLx3fGZeK74rJxubh8fHdcIa4YV4orx/fEVeJ746rxfXG1+P64aPxAXCN+MK4ZPxTXih+Oa8ePxHXiR+O68WNxvbh+3CBuGDeKH48bx0/ETeKmcbP4ybh5/FTcIn46bhk/E7eKn/3D/V3jbnH3+JX4lTiE+/S85PzkguSHyYXJRcnFyY+SS5IfJ5cmlyWXJ1ckVyZXJVcn1yTXJtcl1yc3JDcmNyU3J7ckQ6icFjx65bU3PvJpfFqf4tP59P4an8Ff6zP663zCX+8z+Rt8Zn+jz+Kz+mw+u8/hc/pc3nryzrOPfW6fxyf9TT6vv9nn8/l9AV/Qe1/IF/YNfSPfyDf2T/gmvqlv5p/0T/qn/FP+af+0f8a38s/61v4538Y/79v6F/wL/kXf3nfwHf1LvpN/2Xf2XXxX39V39919D9/D9/K9fB/fx/f1fX0/38/39/39QD/QD/KD/GA/2A/xQ/wwP8wP98P9SD/Sj/aj/Vg/1o/z4/wEP8FP9BP9ZD/ZT/VT/XQ/3c/wM/wsP8vPzjfbz/Fz/Dw/zy/wC/xCv9Av9ov9Er/EL/VL/XK/3K/0K/1qv9qv9Wv9er/eb/Qb/Wa/2W/1W/12v93v9Dv9br/b7/V7/T6/z+/3+/0Bf8Af9AfPB3/IH/Zf+iP+K3/Uf+2P+W/8cf+tP+G/8yf9KX/af+/P+B/8WX/On/c/+gv+J3/R/+wv+eDHJt5JjEuMT0xIvJuYmJiUmJyYkpiamJaYnngvMSMxMzEr8X5iduKDxJzE3MS8xPzEgsSHiYWJRYnFiY8SSxIfJ5YmliWWJ1YkViZWJULIuT0OuUOekAw3hbzh5pAv5A8FQsHgQ6FQONwSioRbQ9FwWygWbg/Fwx2hRCgZSoXHQr1QPzQIDUOj8HhoHJ4ITULT0Cw8GZqHp0KL8HRoGZ4JrcKzoXV4LrQJz4e24YXQLrwY2ocOoWN4KXQKL4fOQYeuoVvoHl4JPULP0Cv0Dn3Cq6FveC30C6+H/mFAGBjeCIPCm2FweCsMCUPDsPB2GB5GhJFhVBgdxoSx4Z0wLowPE8K7YWKYFCaHKWFqmBamh/fCjDAzzArvh9nhgzAnzA3zwvywIHwYFoZFYXH4KCwJH4elYVlYHlYESFkVVoc1YW1YF9aHDWFj2BQ2hy1ha9gWtocdYWfYFXaHPWFv+CTsC5+G/eGzcCB8Hg6Gv4RD4YtwOHwZjoSvwtHwdTgWvgnHw7fhRPgunAynwunwfTgTfghnw7lwPvwYLoSfwsXwc7gkf7MmhBBCCPGnjP+D/d3+LlL/8VH99pXuAHDtjuxH/vZWGgA2Zvl13VPlaJ4AgGe6tHv4r1uFCl27dv3ttks1RHnmAkDiSn4auBIvg2bwFLSEplDkP+2vp+pwgf+gfvJ2gPR/k5MCV+Ir9W/9B/VHzP7D+nMB8uW5kpMOrsRX6hf9Xe3ol/pZG/9B/XRfjAVo8jd5GeBKfKV+YXgCnoWWf3dLIYQQQgghhBDiVz1VqTZ/9P728vvzHOZKTlq4Ev/R+3MhhBBCCCGEEEJcfc936Pj04y1bNm3zDxbl/vEuWaSWRZr/Hm382y8A/lu08ecWV/uZSQghhBBCCPGvduWk/2p3IoQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCpF7/P/6d2NU+RiGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOJq+18BAAD//6/mMEE=")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
unlink(&(0x7f0000000080)='./file1\x00')

10.912787037s ago: executing program 0 (id=695):
syz_mount_image$btrfs(&(0x7f00000004c0), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000000180)={[{@clear_cache}, {@user_subvol_rm}, {@nodiscard}, {@noautodefrag}, {@autodefrag}, {@autodefrag}, {@max_inline={'max_inline', 0x3d, [0x7, 0x32, 0x38, 0x2d, 0x32, 0x36, 0x78, 0x2d, 0x2d, 0x37]}}, {@space_cache}]}, 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='.\x00', 0x2000, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000080)={0x2, 0xfffffffffffffff5, 0xffff, 0x80002, 0x100, 0x400, 0x2401})

9.597756167s ago: executing program 1 (id=698):
syz_mount_image$erofs(&(0x7f0000000280), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000040)=ANY=[], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0xa00002, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000240)='./file0\x00')
mount$cgroup2(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2801005, 0x0)

9.053928796s ago: executing program 1 (id=701):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000c80)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nombcache}, {@noinit_itable}, {@quota}]}, 0x3, 0x438, &(0x7f0000000580)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
symlink(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)

8.400828346s ago: executing program 1 (id=704):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
sendto$inet(r1, &(0x7f0000000140)='^', 0x1, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @empty}, 0x10)
listen(r1, 0xda90)
setsockopt$inet_opts(r1, 0x0, 0x4, 0x0, 0x0)
accept4(r1, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)={0x14, 0x34, 0x701, 0x0, 0x0, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
socket$inet6(0xa, 0x3, 0x3ff)
unshare(0x6a040000)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="00080300000000000000330000000e0001006e657464657673696d0000000f0002006e657064657673696d30000008008e0000000000"], 0x3c}}, 0x20000040)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r4, 0x0, 0x20048010)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x40083}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_6RD_PREFIXLEN={0x6, 0xd, 0x9}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast1}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
socketpair(0x1a, 0x1, 0x11, &(0x7f0000000040))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000580), r5)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r5, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000006c0)={0x24, r6, 0x773cba0c76b3a6fd, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x4008000)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffffc}}}, 0x32)

7.290053574s ago: executing program 0 (id=707):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x2)
ptrace(0x10, r0)
ptrace$getregset(0x4204, r0, 0x204, &(0x7f0000000040)={0x0})

7.289272444s ago: executing program 5 (id=708):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000300)={[{@utf8}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@shortname_win95}, {@numtail}, {@uni_xlateno}, {@uni_xlate}, {@uni_xlate}, {@fat=@usefree}, {@numtail}, {@utf8no}, {@uni_xlateno}]}, 0x1, 0x362, &(0x7f0000000900)="$eJzs3U9oXFUXAPAzfUkmKfRLFh8UBeHpTtDQP7jQVUpJoTgblaHqQhxsqpKJhQwOpotO40ZcCi515UZc6MJF1yIo4s6FWytIVVxodwWLV2bmTeZNZpKmwrQWf7/FcHLuPe/eO3nJvLxkbl5eifXzs3Hhxo3rMT9fiZmV0ytxsxJLkcXAlRg3NyEHANwfbqYUf6S+A5ZUpjwlAGDKeq//rx4pZd7+ar/+yas/ANz3ip//F/brM79Xw8WpTAkAmLKx+/+PjDTPjf6qf6b0VwEAwP3quRdefPpULeLZPJ+P2HinXW/X46lh+6kL8Xo0Yy2OxWLciuhfKHQfKr3HM2drq8fyPO/Ez0tR71a06xEbnXa9f6VwKuvVV+N4LMZSUV9cbaSUsjOf11aP5z0RcaXTGz82Ku36bBwuxv/hcKzFicjj/2P1EWdrqyfy4gD1jUF9J2J7eN+iO//lWIzvXomL0YzzC+cipcFlTW318vE8P51qI/XtejXO7zwLe94BAQAAAAAAAAAAAAAAAAAAAACAf2Q537G0s/9NGu7fs7w8ob23P06/vtgfaLu/P1Cqpkjp97cer7+bxcj+QLv352nXZ+LQvV06AAAAAAAAAAAAAAAAAAAA/Gu0tuai0Wyubba2Lq2Xg85ma+tQRHQzb3zz6ZcLMd7nNsFMMUapKS9Sl9YbKRt0TtlInyLIuoMPMp9c3ZlxuU91ZxUTp1Hdu6nZPPLwTx8MMw9lgyP/NeyTxeQFZrumUQ42/tef0p08UZdOFsGJ23S+llLa6ziXXxqvikrEzJ1/4vYPUjf4+vprD5xsHX2il/ki9T362OK5a+9/9Ot6o9kduav58dxm61ZabxQfTz7Z9g6y0vlTiX5QKZ8JM/uVb49mGtn3vz3/4HvfHmz0VM68OaFP1l/OZ5utrUrxldJrmusH3dyuqoXm2Sxi13FmJ5z8UwiOfrjSuHr5x18OWlX6JmGjDgAAAAAAAAAAAAAAAAAAuCtK7xUvFG/2nd2v6slnpj8zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALh7hv//vxRsj2UOEvzZifGm6tpmK2LuXi8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uL8DAAD//2Kpa7U=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

6.798160152s ago: executing program 4 (id=709):
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x1}, 0x6e)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_init_net_socket$ax25(0x3, 0x5, 0x6)
pipe(&(0x7f0000000040))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x10002, 0x1, 0x1})
r5 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

6.368507249s ago: executing program 5 (id=710):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x1000004, &(0x7f0000000cc0)=ANY=[], 0x4, 0x5d9, &(0x7f00000010c0)="$eJzs3U9rHOcdB/DvrNZrrQuOktiJ2wYqUvqHitqS1m2TgqlaTNEhlIBfgajlWHitBGlTlByKXfxCUoLeQC+55OCDz+1LEPRYKPRURC8uMzu72tiyLCWWdhV/Pvaz8zx6Zn7zm9/OjHZXAgV4aS3PpfkwRZbn3tsqxzvbne7OdufuoJ/kbJJG9T/NsvvPZOpBMpt+y3eTFHW44ln7ufbF5818ef9Gf9SoW7X+1EHbHc69umWpTnLpBcZ79I3jFcMjLINeHwSfBI+f7z/HuPupY4zNYbT6i+IZz8VMci7JdH0fGJy4jRPM8FhMzAUIAAAAx+iV3exmK+fHnQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJvXf/y/q1hj0Z1MM/v5/q/5a6v6p9nDcCQAAAAAAAADAC/CD3exmK+cH48dF9TP/t6vBherxO/k4m1nNRi5nKyvppZeNLCSZGQnU2lrp9TYWDrHl4r5bLp7M8QIAAAAAAADAt9Rfsrz3838AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgERTLVX1TtwqA/k0YzyXSSVrneveQfg/5p9nDcCQAAAMAJeGU3u9nK+cH4cVG953+jet8/nY+znl7W0ks3q7lZfRbQf9ff2NnudHe2O3fL9nTc3/77SGlUEdP/7GH/PV+q1mjn1p1mvc0f82G6uZlGtWXp0iCf/fO6X+ZU/KZ2yMxu1ssiKb5ffxoyGWaqipzJraxVNZqvcyur8erBlTjis/PknhbSGH7yc+EYan6uXpY1n57omi+OnH1vHFyJ5EfX/rt+u7t+5/atzbnJOaSv6clKdEYq8eZLVYn5qhIXh+Pl/D43MpfZvJ+NrOVPWUkvq5nN9aq3Up/P5ePMwZVa+sro/edl0qqfl/5d9Gg5vV1tez5r+UM+zM2s5pdZzNW8k4X8qvp3deQZvniIq75xtKv+hz+tO68lRbu/nBBlXV8dqevoPXemmhv9yl6VXnvx98bm9+rOVFI0hzlNgicrsTBSidcPrsRfH5ePm931Oxu3Vz465P5+Ui/L7xJnn/td4iTr1KrP3v4rla+eHeXc6/vOLVRzF4ZzjafmLg7nnnelturXcE9HWqzm3tx3rlPNXRqZaw/nLg9fbwEw8c797Fyr/a/239uftR+0b7ffm/7d2XfOvtXKmUdnft2cn/px463ib/ksf957/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx9m598emel213d0NHR0Rl2xn1n4iRc6d396MrmJ5/+fO3uygerH6yud+Z/sfhuZ2Hx3atXbq11V+f7j+NOk2Oyd9GPOxMAAAAAAAAAAACO4iR+nXTcxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDpsTyX5sMUWZi/PF+Od7Y73bIN+ntrNpI0y+X/kqkHyWz6LTMj4Ypn7efaF5838+X9G3uxGoP1pw7a7nDu1S1LdZJLLzDeo28crxgeYRn0+iA4jNv/AwAA///YHBzc")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
lsetxattr$security_capability(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000680)={{0x107, 0x7b, 0x0, 0x19e, 0x3b0, 0x8000, 0xc, 0x2}, "", ['\x00', '\x00']}, 0x220)

5.106334969s ago: executing program 0 (id=711):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00000000c0)={0x5, 0xfffffff5})

4.781070874s ago: executing program 5 (id=712):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x269435, &(0x7f0000002840)=ANY=[], 0x0, 0x620, &(0x7f0000000cc0)="$eJzs3c9vHGcZB/DvrB3HDpLrtklbEAgrOYAakXi9beoDKAEh5EOFKnHppQcrcRorG7eyXeRWCDn8vHLgiloOzpkTB8QhUjnzL1hCqAck7r4FzezsehM7jrdJvevw+Uiz7zv7zvvO8z6eeb27lrUB/m8tvptT91Nk8eLbm+X+znarvbPdutOtJzmdpJGMd4oUq0nxeXItnS1fL5+shysed573Pn1r4YvmvbudvfF6q45vHNbvaLbqLbNJxupyQOOPG+96WU49TXhFb4Zlwi50EwfD9mCfrUG6P+V9C4yCovN7c5+Z5EySyfp1QOrVoXG80T17A61yAAAAcEK9sJvdbGZ62HEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASVJ//39Rb41ufTZF9/v/J+rnUtdPtPvDDgAAAAAAAAAAnoFvF1u72cx0d/9BUf3N/3y1c7Z6/Fo+ynqWs5bT2cxSNrKRtTSTzPQNNLG5tLGx1nxMz0t9PecP7Dl/PPMFAAAAAAAAgOfUr7K49/d/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYBUUy1imq7Wy3PpPGeJLJJBPlcVvJ37v1k+z+sAMAAACAY/DCbnazmenu/oOies//SvW+fzIfZTUbWclG2n+crj8L6Lzrb+xst9o726075bZ/3B/+d6AwqhHT+exh35mznBuZq44oej0W85P8LBczm3eylpX8PEvZyHJm8+OqtpQiM3XEM904D4732kN77zy096e96lhdvlZFMpWbWaliu5Tr+SDt3EijmkN1zOFnvFtmpxjL1coRc3SjLssZ/aH3sxgFM1VGTvUyMlfnqszGi4dnYsDr5NEzNdPofQZ19ig5v3p1oJyfqcsy178bpZzP5pFMzPddfa8cnonk/L++9ddb7dXbt26uXxyZKX1Zj14Trb5MvPrETEzm+chEMd5ZRWd6K1Uj53qtT14tz1d9p7OSn+aD3Mhy3sxC3sx83sgbmctCrvTl9dwR7rXGYPfahe/Wlakkv6/L0VDm9cW+vPavdDNVW/8ze1l6aYAV6Qf/PlIo49+oK+U5fl2Xo+HRTDT7MvHy4Zn484Pycb29envt1tKHRzzfd+qyvG1/O0prc3W9vFT+sKq9h6+Osu3lA9uaVdvZXltjX9u5XtuT7tSJ+jXc/pHmq7ZXD2xrVW2v9bUd9CoHgJF35vUzE1P/mfrn1GdTv5m6NfX25I9OL5z+5kRO/WP8b2N/adxrfL94PZ/ll3vv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9v/eNPbi+128trJ7GSyc4kRiWeYVa635o1KvEMUBk76dfhc1k5bNU4fQwrE/BVu7xx58PL6x9/8r2VO0vvL7+/vNpqNa/ML1xZmL9y+eZKe3mu8zjsMIGvwN4v/WFHAgAAAAAAAAAAABzVcfw7wbDnCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxsi+/m1P0Uac5dmkuRZLvV3tlutcu2btkxnqSRpPhFUnyeXEtny0zfcMXjzvPep28tfNG8d3dvrPHu8Y3D+h3NVr1lNslYXT6r8a4/9XhFb4Zlwi50EwfD9r8AAAD//41MBFY=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

4.702237955s ago: executing program 1 (id=713):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000100)={r0, r0, 0x0, 0x0, 0x0, 0xc2, 0xff, 0x15c2, 0x5886, 0x6, 0x0, 0x8, 'syz1\x00'})

4.687007315s ago: executing program 0 (id=714):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x0, &(0x7f0000000f40), 0x1, 0xeb0, &(0x7f0000000f80)="$eJzs3UFsHNUZAOA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0RATA+ISogiRZwqDlRcKJVSpFYCVaqintqeWvXWE+qFSlUqBfXSSImrOO+td5893fXYno13v0/69+2bNzv/P17LmZnMvg3AyGqsPh49Ol+E8P7n5598/bnit9eX3dde48DqYxF7rRBCs6NfZNv7Ii64evm1Exu1RTi8+pj64alL7ddOhxCWw4FwMbTCJ4tLX338wRMHP31r6o53z77wxg7tflu+HwAAMIwu/Hnp7w/980+PzF25sP94mGwvT8fnrdifjsf9h+KBcjpeboTuftERnSay9cZiNLL1xrL1xrM84yX5mtl2miXrTfTIN9axbKP9BAAAgN0onde2QtFY6Oo3GgsLN877r/tidqJYeOn00qkzAyoUAAAAqOw/51ZvuhVCCCGEEEIIIcQQx8rsoK9AAAAAAKMmny9sneXtnamrvbVWf/kvPd7Y+PWwDer+/Zd/d+X/6E1/cQAAqG5YjybTfqXj6DSPQT6P4Fj2us0e/zey7Yxvss6yeQV3y3yDZXXmP9ebVVn9m30fB6Ws/nw+zJtVWf35PJ03q7L6J2uuo6qy+qdqrqOqsvr31FxHVWX17625jqrK6p+uuY6qyuqfqbmOqsrqv6XmOqoqq39fzXVUVVb/brmttqz+Vs11VFVW/1zNdVRVVv+tNddRVVn9t9VcR1Vl9d9ecx2Dcm9s089hfzbeef6cn9PtlnM8AAAAGHX/Nf+fEEIIIYQQQggx9HFu0BcgAAAAgIFLnwtIn3pfidL4WI/x8R7jzR7jEz3GJ3uMAwAAACH87u1Td71XrH3Of6vz4aV5o9L8S5udxyifj3Cz+bc679lW8++WecsAAAAYLcX3Ll57+MkPX5m7cmH/8Y6z32vxfDfNAzoerw18FvvpvoCZrF+kc+jj3XkaJevl1wduKdve01vcUQAAABhh6fy9FYrGQsd5dys0GgsLa+fj86FZnDq9dPJQ7KfvZ/njbHPy+vLHaq4bAAAA6N/a+f7G5//pe3znw0Sx8NLppVNnbvRn2subjc7rArNry4vO6wKtbPnhkuVHYj99f+cPZvesLl848cOl57Z75wEAAGBEnHn17AvPLi2d/JEnnnjiSfvJoP8yAQAA2+3LL883f3xk5vc3Pv+/Nv9d+vz/gdhvxbn9/hJXSPcJpM8BrPu8/jPdeWbL1nu5e71Wtt5YjMms7qmO7YSO+QbT6+bK8rW6tzNRkm86yzeT5cvnKRjP1k/59mXL8/kJ03qz2fJ8HsbxLEeR5b8/AAAAQLnFV158efHMq2cfPf3is8+ffP7kS0cOH/vusWOHHvvOY4ur9/Uvdt7dDwAAAOxGazf9DroSAAAAAAAAAAAAAAAAAAAAGF11fJ3YoPcRAAAARt2/z4UQloUQQgghhBBCCDHMsbKSf9M8AAAAwM66evm1E53tOsvFtuZrb611o7kW86Z25tG/zV2PtNqlx7uvl+zd1moYdXX//su/u/J/9Ob25p9KT/r++9fo3sDxankfXPzlfGf+u8f7zJ/v/9PV8h/M8j8Y+su/8mGW/5lq+R/K8u/tM/+6/X+5Wv6HY/752D/4QL/5u9//ydim/djTZ/5vZ/v/XOg3f7b/rT4TZh6J+QFgFDUGXcAOSUcJ6Th6OvbT/sbDzZDf/bDZ4/9Gtp3xLVfevd10HHRn7KfjpZksb7LZ+qez7d1Ssc7cbrmrpKz+7Xofd1pZ/c2a66iqrP6Jmuuoqqz+yZrrqKqs/qma66iqrP5+z0MHraz+3XJduaz+6ZrrqKqs/pma66iqrP7N/js+KGX176u5jqrK6p+tuY6qyuqveFmtdmX1z9VcR1Vl9d9acx1VldV/W811VFVW/+011zEo98S27Hw4nX/OxrHUb2X9yQ1+lsN6bQEAAAB2m3+Z/08IIYQQQgghhBj6WFkZ9BUIBmlnP80MwM3K3//R5v0fbd7/0eb95/9J9/AXWT8Z6zE+3mO82WN8IhvPf18ne4zflm13JUrjt/cY/1qP8X09xu/sMT7fY/yuHuN39xi/p8c4AAAAo+GO2Do/BAAAgOH1+q8+e+c3Dz5zee7Khf3Hw8S6eecPxX4R4+3Yz+e9T5rx//x/Evu/iO0fYvuPbH33nwAAAMDOS98T4///AQAAYHil7yl1/g8AAADDay62zv8BAABgeN0aW+f/AAAAMMSKqY0XxzZdF7g/tv3O6wcA3Py+Htt7Y7s/tvfF9huxTccBD8T2mzXVBwBsn59//6fH3ivW5vs/ko1fjctTu87yjSsFRaN7Jv89sd0b22/1WU/+fQD95k/29Zlnp/LPbjE/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8GquPR4/OFyG8//n5J3828c5fry+7r73GgdXHIvZaIYRm+3VpdK3/67ji1cuvnehsr8W2CIdDEYr28vDUpXam6RDCcjgQLoZW+GRx6auPP3ji4KdvTd3x7tkX3tjBH0HX/gEAAMAw+l8AAAD//55bHyM=")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000000300)=""/104, 0x68)
getdents64(r0, 0x0, 0x0)

4.651139506s ago: executing program 4 (id=715):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x2, 0x2, 0x6, 0xfffa}, 0x103a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x10001, 0x4d, 0x0, 0x6, 0x0, 0xffff, 0xffff2d37, 0xffffff03, 0x9, 0x3, 0x0, 0x5, 0x10005, 0x1, 0xe, 0x3c5b, 0x1, 0x7, 0x6, 0x1, 0x5, 0xfffffe73, 0xe661, 0x4, 0x7, 0x5, 0x7, 0x7, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x5, 0x4, 0x2017, 0x1, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x979b, 0x0, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x45, 0x7, 0x800b241, 0x4, 0xfffffffe, 0x41], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x9, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6ca, 0x9, 0xfffffffc, 0x3, 0xffffffff, 0x0, 0x5, 0x5, 0xe, 0x312, 0xd, 0xea4, 0xfffffffd, 0x1, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x6, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0x10000, 0xffff, 0x6, 0x9, 0x5, 0x3, 0x9, 0xffffffff, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffc, 0x100, 0x8d2, 0xe45, 0x2, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x6, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x9, 0x23, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x8000002, 0x5, 0x1, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x6, 0x80, 0x3, 0x4, 0x2, 0xffe, 0xa2, 0x7, 0x3, 0x5, 0x9, 0xac8, 0xbf, 0xfff, 0x3, 0x7ff, 0x12b, 0x4, 0x3cf400, 0x0, 0x0, 0x5, 0x10001c, 0x120000, 0x1909, 0x2006, 0x80a2ed, 0x4, 0x25], [0xd, 0xbb33, 0x7, 0xb, 0xc, 0x5, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x7, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x8000201, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0xa0000003, 0x5, 0x4, 0xc5, 0x20000009, 0x4, 0x10000, 0x10000004, 0x7e, 0x100, 0x9602, 0x5, 0xaf, 0xfffff20e, 0x4, 0x10226, 0xffff, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x8000f40, 0x0, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x9, 0x8, 0xffff3441, 0xfff]}, 0x45c)
r0 = socket$inet6(0xa, 0x80002, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a8, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x328, 0x3d8, 0x3d8, 0x328, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0, 0x4001}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308)

4.37213845s ago: executing program 5 (id=716):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000380)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000280)=ANY=[@ANYBLOB='b *:4\trr'], 0xa)

4.145247434s ago: executing program 1 (id=717):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = dup(0xffffffffffffffff)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000260001000000", @ANYRES32, @ANYBLOB="00000000000000000c001a80080005"], 0x2c}, 0x1, 0x0, 0x0, 0x48011}, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x4000000)
r4 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$cgroup_int(r4, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'syz_tun\x00'})
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
r6 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x8, &(0x7f0000000000)={0x0, 0x1, 0x7})
mq_timedreceive(r6, &(0x7f0000000640)=""/4096, 0x1000, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
ptrace$ARCH_MAP_VDSO_X32(0x1e, r0, 0x400, 0x2001)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

3.949162387s ago: executing program 5 (id=718):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)

3.913861577s ago: executing program 0 (id=719):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@bridge_dellink={0x34, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x5, 0x0, 0x1, {0xc, 0x5, 0x0, 0x1, [{0x8, 0x1}]}}]}]}, 0x34}}, 0x0)

3.863821168s ago: executing program 4 (id=720):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={0x90, r2, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x63, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x45}, @broadcast, @broadcast, @initial, {0x3, 0x5}, @value=@ver_80211n={0x0, 0x5, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}}, 0xffffffffffffffff, @random=0x5, 0x1038, @val={0x0, 0x6, @default_ibss_ssid}, @val, @void, @void, @void, @void, @void, @val={0x2a, 0x1, {0x1, 0x1, 0x1}}, @val={0x3c, 0x4, {0x0, 0x4, 0x64, 0x5}}, @val={0x2d, 0x1a, {0xc, 0x3, 0x6, 0x0, {0x3, 0x1c3f, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1}, 0x400, 0xb, 0x7}}, @val={0x72, 0x6}, @void, @void}}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x90}}, 0x0)

2.968847463s ago: executing program 5 (id=721):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000680)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610936dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84bb90577b8b405a48292eeca69f5275cb7b7027d4bf643bd69b034c0221a30"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3fGeefeYw+8SJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAsh9HX+7wUAAAAAAAAAAAAAAAAAAIC/o833/3PRiSbv/48lx5EW9dff6vwY6ZyJt6+OXRgcSvZ/j7blv54k/XKuK/Q32fc9u//7uUz95vu/b+9ntxrja/TbF6J4IHUexwMDIXyTbPx+KjoSl8pLlVdvlZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+////bruaquc39+4Se66l49/Vsty3n0Ztxf98pt5+xJ/dS8e/u5bWu7XASH0CqMb/8+6d4z+Wab9T8T8eQshF1bHmUjNAdQ1TTW+1XiEtHf9DtbTU1Jn8I1vd/79n4n8h0/5Bzf8r2Q8imkrH/1+1tJ5Uic37vz/e+f6/mGn/IOJfHf+Kz/+2pON/uJ7YnSpS+0+2O/+PZ9rvVPyvx8k4j0epK2A1qqe3+r460tLx79mWv/n8F7e1/ruUqb9fz3+NfhvPf43p/+Wo/vxHc+n497Ys1+79P5Gp1+n5f6S2/mO30vE/UktLr53rX8rZbvwnM+13Kv61VUlPI/6b88kfh+vpX1v/tSUd/3/XE+OtJVZqP2vrv2jn9f/lTPsHsf6rjn8l7myvz4t0/I+2LFeN/w9tfP5fydTrfPxDGLTW37V0/I+1LFe7/3t2jv9Upl6n4/9SJxsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAaMJse+EMUDqfM4HhgI4XxyfiociaYLs/npUnnmo6UQxpL0XDgR3S6Vpwul/NxCebaYL5RK5ZkQLiT5J0NPtFQqV/LzhbsXN9rqje4UC4uV6WKhEkIYT9L/H4412pqeq8wX7oYQLm3k/ScuL969U1jIz84tvjk4ODgYJjbG0B8VP6kUFyr13uu5IUxu1O2Ltgyuln15YyxHow/Ly4sLhVIt/cqWOqXyTKG0pc5UkvdF6I8qi8sLM4VKMV8q3270d5BGkuPYxLX3rl0Z2pZ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8RY+G3/gyhNBdP4tDCCONX6Jm5R8+Lp7NP526vzZ8enL1wdqTVuUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coDQRRGIDfjIXaeQyrZbezXVFEC1cET6DH8DB6FC/hHVKkSJsiBJJZCJtd2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WUfRtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//+UFHyA=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
truncate(&(0x7f0000000680)='./bus\x00', 0xff)
fallocate(r0, 0x3, 0x800008, 0x5)

2.908380253s ago: executing program 1 (id=722):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
sendto$inet(r1, &(0x7f0000000140)='^', 0x1, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @empty}, 0x10)
listen(r1, 0xda90)
setsockopt$inet_opts(r1, 0x0, 0x4, 0x0, 0x0)
accept4(r1, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)={0x14, 0x34, 0x701, 0x0, 0x0, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
socket$inet6(0xa, 0x3, 0x3ff)
unshare(0x6a040000)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="00080300000000000000330000000e0001006e657464657673696d0000000f0002006e657064657673696d30000008008e0000000000"], 0x3c}}, 0x20000040)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r4, 0x0, 0x20048010)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x40083}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_6RD_PREFIXLEN={0x6, 0xd, 0x9}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast1}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
socketpair(0x1a, 0x1, 0x11, &(0x7f0000000040))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000580), r5)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r5, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000006c0)={0x24, r6, 0x773cba0c76b3a6fd, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x4008000)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffffc}}}, 0x32)

2.858265874s ago: executing program 4 (id=723):
r0 = syz_mount_image$udf(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x804008, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES16], 0x1, 0x4b1, &(0x7f0000000740)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file7\x00', 0x400, &(0x7f0000000540)=ANY=[@ANYRES8=r0], 0xfd, 0x2b3, &(0x7f0000000c00)="$eJzs3M9rE0EUwPGXpD9T2uQggoL40Iteljb+BUFaEANKbUQ9CFO70ZA1KdkYiYjtrVf/juLRm2D9B3rx5l28FEHw0oN0JZvdNimhTUvbTZvvB9qd7uybnd3ZhbeFma0nH1+XCq5VMDWJj6nERVZlWyTdLAViwTbul0ek3arcnvj749qjp8/uZ3O52XnVuezCnYyqTl3/+vb9pxvfahOPP099GZXN9POtP5mfm5c3r2ztLIStV2pqdLFSqZlFx9aloluyVB86tnFtLZZdu9pRX3Aqy8sNNeWlyeRy1XZdNeWGluyG1ipaqzbUvDTFslqWpZNJGTSJI0fk1+fnTfZUOoMojHfbWa1mTaJrZX79LDoFAAD6S1T5/6uiq0VXy4fl/3Hpnv/HVkXI/4+uc/T8/H+na9KIc2Ls4Orh5gdA1iSD97cT+T8AAAAAAAAAAAAAAAAAAAAAAOfBtuelPM9LhdvwZzSYWRD+HXU/cTqOMf6xCLuLE9Y2ca85rmv1fD0v4qw1fzdlC1IUJ9aaSPTPfx4CrfLcvdzstPrSsuGsBPH+NLPRMD6U7h4/04rXtviVen5YkrvnF1sykpJL3eMz++KHRaSeH5FbN9viLUnJ9xdSEUeW/Od6L/7DjOrdB7l95x/3jwMAAAAA4CKwdFe68/u3tZqkZWm4bMi++tbO3e/raUkd8v8BlY0R2YsfkqtD0V03AAAAAACDxG28KxnHsav9UkicQDtyBl3tw1t37MKUiPRysBWsNXtgg57nrUiPDR5ciItIRLflt4j0y+icYOHXm9YA9vQSAQAAALhg9pL+qHsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDg6nXxsPD446w91na6RDRXCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPSH/wEAAP//hJEXdw==")
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')

2.818254545s ago: executing program 0 (id=724):
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x1}, 0x6e)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_init_net_socket$ax25(0x3, 0x5, 0x6)
pipe(&(0x7f0000000040))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x10002, 0x1, 0x1})
r5 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

1.19709641s ago: executing program 4 (id=725):
socket$netlink(0x10, 0x3, 0x6)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
open$dir(0x0, 0x111001, 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r5}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000000c0)={'ip6gretap0\x00', &(0x7f0000000580)=@ethtool_gfeatures={0x3a, 0x3, [{}, {}, {}]}})
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp(r7, r7, 0x6efabeaea90cffbd, 0xffffffffffffffff, 0xffffffffffffffff)
getsockname$packet(r0, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)

0s ago: executing program 4 (id=726):
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x802, &(0x7f0000000340)=ANY=[], 0x5, 0x2e1, &(0x7f0000000e00)="$eJzs3c1OE10cx/HfmbYP5eWBETAmbjQoiW6IqAvjpsZ0696VUduSEBuMgIm6AY1L4wW49xa8CDcab0BXrrwAdmPO6ekwQ6dTILRj4ftJaKZnzst/ODOd8x8jFYAz63795+dbv+2PkUoqSborBZKqUlnSeV2ovtzYXt9ut5p5HZVcC/tj1Glpeuo0NlpZTW0718IL7buyZpJlGI4oiu79KjoIFM5d/RkCacJfh25/dcRxDcuudKnoGEYtOcFmT3t6pdkCwwEA/AP8/T/wt4kZV2QUBNKyv+2fqvv/XtEBnKzb7Z6iKLdB4v7vVneRsfM753bt53suhbP7g26WeJhgKgfe/6fOmZVaYJpBWaWLJZhcWy9rpfFWzUDvVPMS1Rbda7Nz6nYNiHapNzcNco6nf28VPZjqHI1bUfbpdGdtvd2asFsZ8S/kjjiRE9Yxma/mu3lkQn1SM17/lSNjp8nNVHhgpoKKjf9G/x6nXStbSz7tr9Vq6V/oOTfIRT+CN2CWqtkZSbLP7gOC3TiCvDjd2PNKP1boHN1qfqv/F7JahfG7PmMtplrZo7FjrTSGMKuDdQ/RfDQPzZL+lL6onlj/Bza+ZSWuzLyPeuNq+jOj8bzdTM9sQtnVDHvuHPuXy+U4Aq+QX8/4O9rTsg96qjua3Xr95lmp3W5t2o0nfmNOdsPIlryY2TR+V+W9FNcZ7UZJOXW0u18SWTtRdNieo2EGf/1EO7SfH3GJvXyyKturLC4JRj1NZ2Wj/k15J+T4bESR1GdX5qdG3jIJY2jL2LlO3Domi4wGBbDXtOnkf24l71d1LkWyL2HOOj0/yVSqx9U4g0svBefd69SRMrjpjH9d7B3xZp+c0eVcV65JVxOFRrkjhj7OU8LU9UOPef4PAAAAAAAAAAAAAAAAAAAwbkbxPw2KPkYAAAAAAAAAAAAAAAAAAAAAAMbdsb7/N+tvxLvv/w35/l9gjPwNAAD//xwMdM8=")
r0 = open(&(0x7f0000000080)='./file2\x00', 0x20042, 0x1)
fsync(r0)
rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000080)='./file2\x00')

kernel console output (not intermixed with test programs):

  248.823350][ T7816] BTRFS info (device loop0): rebuilding free space tree
[  248.855523][ T7816] BTRFS info (device loop0): disabling free space tree
[  248.862571][ T7816] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  248.872366][ T7816] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  249.202170][ T5777] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  249.225700][ T7842] loop3: detected capacity change from 0 to 1024
[  249.476764][ T5780] hfsplus: bad catalog entry type
[  249.578352][ T6020] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  249.758615][ T3460] hfsplus: b-tree write err: -5, ino 4
[  249.778827][ T6020] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  249.809251][ T6020] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  249.868871][ T6020] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  249.914625][ T6020] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.941382][ T7844] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  249.963910][ T6020] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  250.078581][   T49] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.307596][ T6020] usb 2-1: USB disconnect, device number 10
[  250.501230][   T49] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.586919][ T7855] tmpfs: Unknown parameter 'nr_ino'
[  250.854974][   T49] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.988749][ T7858] netlink: 12 bytes leftover after parsing attributes in process `syz.0.430'.
[  251.067665][ T5789] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  251.080439][ T5789] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  251.131867][ T5789] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  251.141098][ T5789] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  251.159089][ T5789] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  251.172486][ T5789] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  251.325280][   T49] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.653967][ T7866] loop0: detected capacity change from 0 to 32768
[  251.698550][ T7866] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.433 (7866)
[  251.714404][ T7866] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  251.724980][ T7866] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  251.733818][ T7866] BTRFS info (device loop0): setting nodatacow, compression disabled
[  251.742013][ T7866] BTRFS info (device loop0): max_inline at 0
[  251.748102][ T7866] BTRFS info (device loop0): enabling disk space caching
[  251.755158][ T7866] BTRFS info (device loop0): turning off barriers
[  251.761647][ T7866] BTRFS info (device loop0): turning on flush-on-commit
[  251.768689][ T7866] BTRFS info (device loop0): doing ref verification
[  251.775316][ T7866] BTRFS info (device loop0): force clearing of disk cache
[  251.782482][ T7866] BTRFS info (device loop0): enabling ssd optimizations
[  251.789513][ T7866] BTRFS info (device loop0): max_inline at 4096
[  251.795958][ T7866] BTRFS info (device loop0): disk space caching is enabled
[  251.925731][ T7866] BTRFS info (device loop0): auto enabling async discard
[  251.941362][ T7866] BTRFS info (device loop0): rebuilding free space tree
[  251.962012][ T7866] BTRFS info (device loop0): disabling free space tree
[  251.969060][ T7866] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  251.978766][ T7866] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  252.038660][ T7885] overlayfs: missing 'lowerdir'
[  252.142278][ T7887] netlink: 8 bytes leftover after parsing attributes in process `syz.1.434'.
[  252.380349][ T5777] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  252.793098][ T7868] Process accounting resumed
[  252.897242][ T7859] chnl_net:caif_netlink_parms(): no params data found
[  253.267384][ T5789] Bluetooth: hci3: command tx timeout
[  254.145349][ T7915] netlink: 8 bytes leftover after parsing attributes in process `syz.1.441'.
[  255.048081][ T7859] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.063380][ T7938] loop0: detected capacity change from 0 to 64
[  255.082245][ T7859] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.105017][ T7859] bridge_slave_0: entered allmulticast mode
[  255.118457][ T7938] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  255.129882][ T7859] bridge_slave_0: entered promiscuous mode
[  255.347381][ T5789] Bluetooth: hci3: command tx timeout
[  255.439953][ T7945] overlayfs: missing 'lowerdir'
[  255.567016][ T7859] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.595358][ T7859] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.619720][ T7944] netlink: 8 bytes leftover after parsing attributes in process `syz.1.446'.
[  255.644431][ T7859] bridge_slave_1: entered allmulticast mode
[  255.654132][ T7859] bridge_slave_1: entered promiscuous mode
[  256.042070][ T7942] Process accounting resumed
[  256.091475][ T7959] tmpfs: Unknown parameter 'nr_ino'
[  256.135419][ T7859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.150708][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  256.157392][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  256.177913][ T7859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  256.459557][ T7963] loop1: detected capacity change from 0 to 32768
[  256.473935][ T7963] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.450 (7963)
[  256.502060][ T7963] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  256.512735][ T7963] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  256.521725][ T7963] BTRFS info (device loop1): setting nodatacow, compression disabled
[  256.530827][ T7963] BTRFS info (device loop1): max_inline at 0
[  256.536886][ T7963] BTRFS info (device loop1): enabling disk space caching
[  256.543930][ T7963] BTRFS info (device loop1): turning off barriers
[  256.550549][ T7963] BTRFS info (device loop1): turning on flush-on-commit
[  256.557555][ T7963] BTRFS info (device loop1): doing ref verification
[  256.564155][ T7963] BTRFS info (device loop1): force clearing of disk cache
[  256.571415][ T7963] BTRFS info (device loop1): enabling ssd optimizations
[  256.578440][ T7963] BTRFS info (device loop1): max_inline at 4096
[  256.584886][ T7963] BTRFS info (device loop1): disk space caching is enabled
[  256.644461][ T7963] BTRFS info (device loop1): auto enabling async discard
[  256.653651][ T7963] BTRFS info (device loop1): rebuilding free space tree
[  256.677837][ T7963] BTRFS info (device loop1): disabling free space tree
[  256.686205][ T7963] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  256.696016][ T7963] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  257.273796][ T7859] team0: Port device team_slave_0 added
[  257.322847][ T5773] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  257.352631][ T7985] loop2: detected capacity change from 0 to 256
[  257.430908][ T5789] Bluetooth: hci3: command tx timeout
[  257.456428][ T7859] team0: Port device team_slave_1 added
[  257.514968][ T7985] FAT-fs (loop2): Directory bread(block 64) failed
[  257.548480][ T7985] FAT-fs (loop2): Directory bread(block 65) failed
[  257.586833][ T7985] FAT-fs (loop2): Directory bread(block 66) failed
[  257.604652][ T7985] FAT-fs (loop2): Directory bread(block 67) failed
[  257.613698][ T5790] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 13 /dev/loop1 scanned by udevd (5790)
[  257.648135][ T7985] FAT-fs (loop2): Directory bread(block 68) failed
[  257.684407][ T7985] FAT-fs (loop2): Directory bread(block 69) failed
[  257.702396][ T7985] FAT-fs (loop2): Directory bread(block 70) failed
[  257.920387][ T7985] FAT-fs (loop2): Directory bread(block 71) failed
[  258.025810][ T7985] FAT-fs (loop2): Directory bread(block 72) failed
[  258.073022][ T7985] FAT-fs (loop2): Directory bread(block 73) failed
[  258.354436][ T7859] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.386695][ T7859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.508873][ T8002] loop2: detected capacity change from 0 to 64
[  258.515444][ T7859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  258.536088][ T8002] hfs: unable to locate alternate MDB
[  258.579739][ T8002] hfs: continuing without an alternate MDB
[  258.671937][ T7859] batman_adv: batadv0: Adding interface: batadv_slave_1
[  258.710972][ T7859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.866867][ T7859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.222109][ T8011] tmpfs: Unknown parameter 'nr_ino'
[  259.291290][ T8011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.456'.
[  259.465971][ T7859] hsr_slave_0: entered promiscuous mode
[  259.485066][ T8016] tmpfs: Unknown parameter 'nr_ino'
[  259.516870][ T5789] Bluetooth: hci3: command tx timeout
[  259.517007][ T7859] hsr_slave_1: entered promiscuous mode
[  259.537932][ T7859] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  259.580319][ T7859] Cannot create hsr debugfs directory
[  260.764258][ T8020] loop2: detected capacity change from 0 to 32768
[  260.799237][ T8020] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 13
[  261.107864][   T49] hsr_slave_0: left promiscuous mode
[  261.272479][   T49] hsr_slave_1: left promiscuous mode
[  261.274342][ T5790] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 13
[  261.291561][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  261.304975][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  261.313223][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.324697][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  261.332980][   T49] bridge_slave_1: left allmulticast mode
[  261.345036][   T49] bridge_slave_1: left promiscuous mode
[  261.367063][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.393390][   T49] bridge_slave_0: left allmulticast mode
[  261.404762][   T49] bridge_slave_0: left promiscuous mode
[  261.413885][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.628803][   T49] veth1_macvtap: left promiscuous mode
[  261.634434][   T49] veth0_macvtap: left promiscuous mode
[  261.647904][   T49] veth1_vlan: left promiscuous mode
[  261.682015][   T49] veth0_vlan: left promiscuous mode
[  263.795879][   T49] team0 (unregistering): Port device team_slave_1 removed
[  264.018420][   T49] team0 (unregistering): Port device team_slave_0 removed
[  264.112019][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  264.201247][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  265.829563][ T8046] tmpfs: Unknown parameter 'nr_ino'
[  265.851184][ T8046] netlink: 8 bytes leftover after parsing attributes in process `syz.1.464'.
[  265.998575][   T49] bond0 (unregistering): Released all slaves
[  266.189811][ T8055] loop1: detected capacity change from 0 to 512
[  266.198851][ T8055] EXT4-fs: Ignoring removed i_version option
[  266.295310][ T8055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.711124][ T5773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.299048][ T8063] syz.2.468: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  268.307545][ T8082] tmpfs: Unknown parameter 'nr_ino'
[  268.366584][ T8063] CPU: 1 PID: 8063 Comm: syz.2.468 Not tainted 6.6.94-syzkaller #0
[  268.374555][ T8063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  268.379888][ T7859] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  268.384788][ T8063] Call Trace:
[  268.395020][ T8063]  <TASK>
[  268.398080][ T8063]  dump_stack_lvl+0x16c/0x230
[  268.402893][ T8063]  ? show_regs_print_info+0x20/0x20
[  268.408124][ T8063]  ? load_image+0x3b0/0x3b0
[  268.412675][ T8063]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  268.419117][ T8063]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  268.425822][ T8063]  warn_alloc+0x210/0x300
[  268.430271][ T8063]  ? zone_watermark_ok_safe+0x230/0x230
[  268.435971][ T8063]  ? _raw_spin_unlock+0x28/0x40
[  268.440857][ T8063]  ? __vb2_queue_alloc+0x794/0x1410
[  268.446087][ T8063]  __vmalloc_node_range+0x662/0x1320
[  268.451516][ T8063]  ? free_vm_area+0x50/0x50
[  268.456087][ T8063]  vmalloc_user+0x74/0x80
[  268.460747][ T8063]  ? vb2_vmalloc_alloc+0xef/0x330
[  268.465810][ T8063]  vb2_vmalloc_alloc+0xef/0x330
[  268.470700][ T8063]  ? __copy_timestamp+0x1f0/0x1f0
[  268.475754][ T8063]  __vb2_queue_alloc+0x794/0x1410
[  268.480828][ T8063]  vb2_core_reqbufs+0xa57/0x1140
[  268.485804][ T8063]  ? vb2_verify_memory_type+0x570/0x570
[  268.491384][ T8063]  ? vb2_reqbufs+0x360/0x5a0
[  268.496032][ T8063]  v4l2_m2m_ioctl_reqbufs+0x16c/0x230
[  268.501448][ T8063]  __video_do_ioctl+0xcbd/0xdd0
[  268.506344][ T8063]  ? video_ioctl2+0x30/0x30
[  268.510888][ T8063]  video_usercopy+0x838/0x1330
[  268.515783][ T8063]  ? video_ioctl2+0x30/0x30
[  268.520315][ T8063]  ? v4l_printk_ioctl+0x160/0x160
[  268.525374][ T8063]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  268.531031][ T8063]  ? v4l2_poll+0x2b0/0x2b0
[  268.535572][ T8063]  v4l2_ioctl+0x18a/0x1e0
[  268.539941][ T8063]  ? v4l2_poll+0x2b0/0x2b0
[  268.544399][ T8063]  __se_sys_ioctl+0xfd/0x170
[  268.549227][ T8063]  do_syscall_64+0x55/0xb0
[  268.553681][ T8063]  ? clear_bhb_loop+0x40/0x90
[  268.558378][ T8063]  ? clear_bhb_loop+0x40/0x90
[  268.563076][ T8063]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  268.569004][ T8063] RIP: 0033:0x7f891218e929
[  268.573469][ T8063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.593212][ T8063] RSP: 002b:00007f8911fbd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  268.601673][ T8063] RAX: ffffffffffffffda RBX: 00007f89123b6160 RCX: 00007f891218e929
[  268.609669][ T8063] RDX: 00002000000000c0 RSI: 00000000c0145608 RDI: 000000000000000a
[  268.617673][ T8063] RBP: 00007f8912210b39 R08: 0000000000000000 R09: 0000000000000000
[  268.625670][ T8063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  268.633662][ T8063] R13: 0000000000000000 R14: 00007f89123b6160 R15: 00007ffea92e7998
[  268.641853][ T8063]  </TASK>
[  268.693796][ T7859] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  268.716821][ T8063] Mem-Info:
[  268.727603][ T8063] active_anon:8320 inactive_anon:0 isolated_anon:0
[  268.727603][ T8063]  active_file:1385 inactive_file:39966 isolated_file:0
[  268.727603][ T8063]  unevictable:768 dirty:174 writeback:0
[  268.727603][ T8063]  slab_reclaimable:10388 slab_unreclaimable:93848
[  268.727603][ T8063]  mapped:32070 shmem:4243 pagetables:685
[  268.727603][ T8063]  sec_pagetables:0 bounce:0
[  268.727603][ T8063]  kernel_misc_reclaimable:0
[  268.727603][ T8063]  free:1359503 free_pcp:6165 free_cma:0
[  268.776655][ T7859] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  268.790268][ T8063] Node 0 active_anon:33296kB inactive_anon:0kB active_file:5540kB inactive_file:159660kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:128280kB dirty:696kB writeback:0kB shmem:15436kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12160kB pagetables:2740kB sec_pagetables:0kB all_unreclaimable? no
[  268.835629][ T7859] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  268.846917][ T8063] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  268.923625][ T8063] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  268.977406][ T8063] lowmem_reserve[]: 0 2525 2526 2526 2526
[  268.985223][ T8063] Node 0 DMA32 free:1518840kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:34948kB inactive_anon:0kB active_file:5540kB inactive_file:158324kB unevictable:1536kB writepending:696kB present:3129332kB managed:2589668kB mlocked:0kB bounce:0kB free_pcp:5628kB local_pcp:1192kB free_cma:0kB
[  269.057874][ T8063] lowmem_reserve[]: 0 0 1 1 1
[  269.062641][ T8063] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1336kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  269.111122][ T8063] lowmem_reserve[]: 0 0 0 0 0
[  269.151797][ T8063] Node 1 Normal free:3902304kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18784kB local_pcp:7680kB free_cma:0kB
[  269.191861][ T8063] lowmem_reserve[]: 0 0 0 0 0
[  269.203669][ T8063] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  269.225279][ T8063] Node 0 DMA32: 2*4kB (ME) 13*8kB (UM) 2*16kB (UM) 365*32kB (UME) 382*64kB (UME) 329*128kB (UME) 61*256kB (UM) 26*512kB (UME) 15*1024kB (UME) 4*2048kB (UM) 338*4096kB (UM) = 1515312kB
[  269.253594][ T8063] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  269.286039][ T8063] Node 1 Normal: 262*4kB (UME) 55*8kB (UME) 45*16kB (UME) 84*32kB (UME) 25*64kB (UE) 10*128kB (UME) 1*256kB (U) 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 949*4096kB (M) = 3902304kB
[  269.316069][ T7859] 8021q: adding VLAN 0 to HW filter on device bond0
[  269.337395][ T8063] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  269.371415][ T8063] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  269.398348][ T8063] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  269.411592][ T7859] 8021q: adding VLAN 0 to HW filter on device team0
[  269.433569][ T8063] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  269.449286][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.456499][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.465300][ T8063] 47914 total pagecache pages
[  269.491122][ T8063] 0 pages in swap cache
[  269.506162][ T8063] Free swap  = 124996kB
[  269.515860][ T8063] Total swap = 124996kB
[  269.521158][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.528356][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.542012][ T8063] 2097051 pages RAM
[  269.576193][ T8063] 0 pages HighMem/MovableOnly
[  269.600963][ T8063] 416120 pages reserved
[  269.616708][ T8063] 0 pages cma reserved
[  269.775119][ T8103] loop1: detected capacity change from 0 to 128
[  270.103358][ T8109] loop1: detected capacity change from 0 to 512
[  270.206828][ T8109] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  270.254368][ T8109] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0082]
[  270.308526][ T8109] System zones: 1-12
[  270.361306][ T8109] EXT4-fs (loop1): 1 truncate cleaned up
[  270.368178][ T7859] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.397955][ T8109] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.650572][ T5773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.300876][ T7859] veth0_vlan: entered promiscuous mode
[  271.348364][ T7859] veth1_vlan: entered promiscuous mode
[  271.498281][ T7859] veth0_macvtap: entered promiscuous mode
[  271.557309][ T8118] loop0: detected capacity change from 0 to 32768
[  271.569320][ T7859] veth1_macvtap: entered promiscuous mode
[  271.668971][ T7859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.705398][ T7859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.748940][ T7859] batman_adv: batadv0: Interface activated: batadv_slave_0
[  271.764922][ T8123] loop2: detected capacity change from 0 to 32768
[  271.777571][ T8128] loop1: detected capacity change from 0 to 32768
[  271.791530][ T7859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  271.802589][ T7859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.812800][ T7859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  271.855944][ T7859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.889568][ T8128] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  271.898684][ T7859] batman_adv: batadv0: Interface activated: batadv_slave_1
[  271.932156][ T8128] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  271.969804][ T8128] BTRFS info (device loop1): enabling ssd optimizations
[  271.984262][ T7859] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.016675][ T8128] BTRFS info (device loop1): using spread ssd allocation scheme
[  272.024399][ T8128] BTRFS info (device loop1): using free space tree
[  272.036737][ T7859] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.067051][ T7859] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.083222][ T7859] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.295196][ T8128] BTRFS info (device loop1): auto enabling async discard
[  272.488199][ T8162] loop2: detected capacity change from 0 to 512
[  272.519797][ T8162] EXT4-fs: Ignoring removed orlov option
[  272.529617][ T3422] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.550863][ T8162] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  272.587718][ T3422] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.651188][ T8162] EXT4-fs (loop2): 1 orphan inode deleted
[  272.702765][ T8162] EXT4-fs (loop2): 1 truncate cleaned up
[  272.750268][ T8162] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.783776][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.831013][ T5773] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  272.850574][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.956116][ T8162] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz.2.477: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0
[  273.096700][ T8162] EXT4-fs (loop2): Remounting filesystem read-only
[  273.302903][ T6456] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.430775][ T8172] tipc: Started in network mode
[  273.435713][ T8172] tipc: Node identity -:, cluster identity 4711
[  273.471015][ T8172] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  273.677836][ T8176] loop0: detected capacity change from 0 to 64
[  273.716950][ T8176] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  273.840728][ T8177] loop2: detected capacity change from 0 to 4096
[  273.881122][ T8177] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  274.073091][ T8186] loop0: detected capacity change from 0 to 1024
[  274.753007][ T8193] loop1: detected capacity change from 0 to 764
[  274.921544][ T8193] rock: directory entry would overflow storage
[  274.972477][ T8193] rock: sig=0x4654, size=5, remaining=4
[  275.925681][ T8202] netlink: 8 bytes leftover after parsing attributes in process `syz.4.487'.
[  276.089967][ T8212] loop0: detected capacity change from 0 to 512
[  276.110291][ T8215] loop2: detected capacity change from 0 to 2048
[  276.154034][ T8215] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  276.239806][ T8212] EXT4-fs (loop0): 1 orphan inode deleted
[  276.246491][ T8212] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.259156][ T3422] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  276.317563][ T8212] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.352009][ T3422] EXT4-fs error (device loop0): ext4_release_dquot:6974: comm kworker/u4:9: Failed to release dquot type 1
[  276.485992][ T8223] loop4: detected capacity change from 0 to 512
[  276.511559][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.664653][ T8223] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  277.466660][ T6019] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  277.790765][ T8250] bridge0: entered promiscuous mode
[  277.807757][ T8250] macvlan2: entered promiscuous mode
[  277.825627][ T6019] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.875426][ T6019] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.923766][ T6019] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  278.159278][ T6019] usb 5-1: New USB device found, idVendor=056a, idProduct=0017, bcdDevice= 0.00
[  278.221105][ T6019] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.244403][ T8259] overlayfs: missing 'lowerdir'
[  278.340319][ T8255] loop2: detected capacity change from 0 to 1024
[  279.238082][ T6019] usb 5-1: config 0 descriptor??
[  279.276142][ T8262] syz.0.499: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  279.294253][ T8262] CPU: 1 PID: 8262 Comm: syz.0.499 Not tainted 6.6.94-syzkaller #0
[  279.302211][ T8262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  279.312754][ T8262] Call Trace:
[  279.316085][ T8262]  <TASK>
[  279.319062][ T8262]  dump_stack_lvl+0x16c/0x230
[  279.319284][ T8259] netlink: 8 bytes leftover after parsing attributes in process `syz.1.500'.
[  279.323783][ T8262]  ? show_regs_print_info+0x20/0x20
[  279.323822][ T8262]  ? load_image+0x3b0/0x3b0
[  279.342368][ T8262]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  279.348845][ T8262]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  279.355419][ T8262]  warn_alloc+0x210/0x300
[  279.359826][ T8262]  ? zone_watermark_ok_safe+0x230/0x230
[  279.365438][ T8262]  ? _raw_spin_unlock+0x28/0x40
[  279.370366][ T8262]  ? __vb2_queue_alloc+0x794/0x1410
[  279.375637][ T8262]  __vmalloc_node_range+0x662/0x1320
[  279.381031][ T8262]  ? free_vm_area+0x50/0x50
[  279.385619][ T8262]  vmalloc_user+0x74/0x80
[  279.390027][ T8262]  ? vb2_vmalloc_alloc+0xef/0x330
[  279.395115][ T8262]  vb2_vmalloc_alloc+0xef/0x330
[  279.400124][ T8262]  ? __copy_timestamp+0x1f0/0x1f0
[  279.405231][ T8262]  __vb2_queue_alloc+0x794/0x1410
[  279.410354][ T8262]  vb2_core_reqbufs+0xa57/0x1140
[  279.415541][ T8262]  ? vb2_verify_memory_type+0x570/0x570
[  279.421197][ T8262]  ? vb2_reqbufs+0x360/0x5a0
[  279.425934][ T8262]  v4l2_m2m_ioctl_reqbufs+0x16c/0x230
[  279.431426][ T8262]  __video_do_ioctl+0xcbd/0xdd0
[  279.436411][ T8262]  ? video_ioctl2+0x30/0x30
[  279.440985][ T8262]  ? __might_fault+0xc6/0x120
[  279.445719][ T8262]  ? __might_fault+0xaa/0x120
[  279.450461][ T8262]  video_usercopy+0x838/0x1330
[  279.455279][ T8262]  ? video_ioctl2+0x30/0x30
[  279.459921][ T8262]  ? v4l_printk_ioctl+0x160/0x160
[  279.465025][ T8262]  v4l2_ioctl+0x18a/0x1e0
[  279.469405][ T8262]  ? v4l2_poll+0x2b0/0x2b0
[  279.473890][ T8262]  __se_sys_ioctl+0xfd/0x170
[  279.478803][ T8262]  do_syscall_64+0x55/0xb0
[  279.483280][ T8262]  ? clear_bhb_loop+0x40/0x90
[  279.488007][ T8262]  ? clear_bhb_loop+0x40/0x90
[  279.492736][ T8262]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  279.498811][ T8262] RIP: 0033:0x7f608d98e929
[  279.503254][ T8262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.522891][ T8262] RSP: 002b:00007f608e81b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  279.531365][ T8262] RAX: ffffffffffffffda RBX: 00007f608dbb6160 RCX: 00007f608d98e929
[  279.539644][ T8262] RDX: 00002000000000c0 RSI: 00000000c0145608 RDI: 000000000000000c
[  279.547671][ T8262] RBP: 00007f608da10b39 R08: 0000000000000000 R09: 0000000000000000
[  279.555751][ T8262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  279.564043][ T8262] R13: 0000000000000000 R14: 00007f608dbb6160 R15: 00007ffcaf557728
[  279.572680][ T8262]  </TASK>
[  279.615157][ T8262] Mem-Info:
[  279.619217][ T8262] active_anon:8669 inactive_anon:0 isolated_anon:0
[  279.619217][ T8262]  active_file:1417 inactive_file:39975 isolated_file:0
[  279.619217][ T8262]  unevictable:768 dirty:98 writeback:0
[  279.619217][ T8262]  slab_reclaimable:10452 slab_unreclaimable:96109
[  279.619217][ T8262]  mapped:29995 shmem:4376 pagetables:752
[  279.619217][ T8262]  sec_pagetables:0 bounce:0
[  279.619217][ T8262]  kernel_misc_reclaimable:0
[  279.619217][ T8262]  free:1352937 free_pcp:8094 free_cma:0
[  279.671603][   T28] audit: type=1800 audit(1750802090.160:3): pid=8255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.498" name="file1" dev="loop2" ino=20 res=0 errno=0
[  279.696674][ T8262] Node 0 active_anon:34776kB inactive_anon:0kB active_file:5668kB inactive_file:159696kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119980kB dirty:388kB writeback:0kB shmem:15968kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12712kB pagetables:3008kB sec_pagetables:0kB all_unreclaimable? no
[  279.729921][ T8262] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  279.768667][ T8265] Process accounting resumed
[  279.781629][ T8255] hfsplus: request for non-existent node 16777216 in B*Tree
[  279.820802][ T6019] wacom 0003:056A:0017.000C: unknown main item tag 0x0
[  279.828705][ T8255] hfsplus: request for non-existent node 16777216 in B*Tree
[  279.847315][ T6019] wacom 0003:056A:0017.000C: unknown main item tag 0x0
[  279.858593][ T8262] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  279.885151][ T6019] wacom 0003:056A:0017.000C: unknown main item tag 0x0
[  279.896656][ T6019] wacom 0003:056A:0017.000C: unknown main item tag 0x0
[  279.903622][ T6019] wacom 0003:056A:0017.000C: unknown main item tag 0x0
[  279.927060][ T5789] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  279.935922][ T5789] Bluetooth: hci0: Injecting HCI hardware error event
[  279.947571][ T5789] Bluetooth: hci0: hardware error 0x00
[  279.959025][ T6019] wacom 0003:056A:0017.000C: Unknown device_type for 'HID 056a:0017'. Assuming pen.
[  279.971952][ T6019] wacom 0003:056A:0017.000C: hidraw0: USB HID v0.00 Device [HID 056a:0017] on usb-dummy_hcd.4-1/input0
[  279.987404][ T6019] input: Wacom BambooFun 4x5 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:0017.000C/input/input9
[  279.991539][ T8262] lowmem_reserve[]: 0 2525 2526 2526 2526
[  280.052282][ T8262] Node 0 DMA32 free:1493128kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:34428kB inactive_anon:0kB active_file:5668kB inactive_file:158360kB unevictable:1536kB writepending:388kB present:3129332kB managed:2589668kB mlocked:0kB bounce:0kB free_pcp:19164kB local_pcp:7892kB free_cma:0kB
[  280.114708][ T6019] usb 5-1: USB disconnect, device number 2
[  280.145522][ T8269] fido_id[8269]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  280.160461][ T8262] lowmem_reserve[]: 0 0 1 1 1
[  280.186468][ T8262] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1336kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  280.328579][ T8274] netlink: 8 bytes leftover after parsing attributes in process `syz.1.501'.
[  280.460413][ T8262] lowmem_reserve[]: 0 0 0 0 0
[  280.511413][ T8262] Node 1 Normal free:3902560kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18560kB local_pcp:7456kB free_cma:0kB
[  280.976674][ T8262] lowmem_reserve[]: 0 0 0 0 0
[  280.981490][ T8262] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  281.041494][ T8262] Node 0 DMA32: 2*4kB (UM) 3*8kB (UME) 137*16kB (ME) 241*32kB (ME) 310*64kB (UM) 328*128kB (UME) 58*256kB (UM) 24*512kB (UME) 14*1024kB (UME) 1*2048kB (M) 335*4096kB (UM) = 1487440kB
[  281.165187][ T8262] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  281.209604][ T8262] Node 1 Normal: 262*4kB (UME) 55*8kB (UME) 45*16kB (UME) 86*32kB (UME) 28*64kB (UE) 10*128kB (UME) 1*256kB (U) 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 949*4096kB (M) = 3902560kB
[  281.228052][ T6026] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  282.122206][ T8262] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  282.146677][ T5789] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  282.157221][ T6026] usb 3-1: config 0 has an invalid interface number: 123 but max is 0
[  282.175900][ T6026] usb 3-1: config 0 has no interface number 0
[  282.188224][ T8262] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  282.226665][ T8262] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  282.288642][ T6026] usb 3-1: New USB device found, idVendor=20df, idProduct=0001, bcdDevice=97.6d
[  282.306113][ T8262] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  282.325883][ T6026] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.340071][ T6026] usb 3-1: Product: syz
[  282.344322][ T6026] usb 3-1: Manufacturer: syz
[  282.359047][ T8262] 45997 total pagecache pages
[  282.368088][ T8262] 0 pages in swap cache
[  282.376719][ T6026] usb 3-1: SerialNumber: syz
[  282.396650][ T8262] Free swap  = 124996kB
[  282.400892][ T8262] Total swap = 124996kB
[  282.405070][ T8262] 2097051 pages RAM
[  282.417705][ T6026] usb 3-1: config 0 descriptor??
[  282.440911][ T6026] cdc_acm 3-1:0.123: More than one union descriptor, skipping ...
[  282.455621][ T8262] 0 pages HighMem/MovableOnly
[  282.486816][ T8262] 416120 pages reserved
[  282.491064][ T8262] 0 pages cma reserved
[  282.696304][ T6026] usb 3-1: USB disconnect, device number 9
[  282.965734][ T8299] loop4: detected capacity change from 0 to 32768
[  283.001888][ T8299] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.506 (8299)
[  283.055716][ T8299] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  283.066240][ T8299] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  283.075050][ T8299] BTRFS info (device loop4): setting nodatacow, compression disabled
[  283.083358][ T8299] BTRFS info (device loop4): max_inline at 0
[  283.089487][ T8299] BTRFS info (device loop4): enabling disk space caching
[  283.096579][ T8299] BTRFS info (device loop4): turning off barriers
[  283.103025][ T8299] BTRFS info (device loop4): turning on flush-on-commit
[  283.110083][ T8299] BTRFS info (device loop4): doing ref verification
[  283.116711][ T8299] BTRFS info (device loop4): force clearing of disk cache
[  283.123829][ T8299] BTRFS info (device loop4): enabling ssd optimizations
[  283.130871][ T8299] BTRFS info (device loop4): max_inline at 4096
[  283.137158][ T8299] BTRFS info (device loop4): disk space caching is enabled
[  283.345800][ T8299] BTRFS info (device loop4): auto enabling async discard
[  283.358033][ T8299] BTRFS info (device loop4): rebuilding free space tree
[  283.394194][ T8299] BTRFS info (device loop4): disabling free space tree
[  283.401244][ T8299] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  283.411004][ T8299] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  284.309431][ T8327] netlink: 8 bytes leftover after parsing attributes in process `syz.2.508'.
[  284.570865][ T7859] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  285.181810][ T8340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.511'.
[  286.097282][ T8346] netlink: 8 bytes leftover after parsing attributes in process `syz.2.512'.
[  286.389443][ T8353] overlayfs: missing 'lowerdir'
[  286.456900][ T8359] netlink: 8 bytes leftover after parsing attributes in process `syz.4.509'.
[  287.737102][ T8371] Process accounting resumed
[  288.753221][ T8380] xt_CT: You must specify a L4 protocol and not use inversions on it
[  289.116678][ T6019] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  289.255817][ T8388] loop2: detected capacity change from 0 to 256
[  289.391591][ T6019] usb 1-1: too many endpoints for config 0 interface 0 altsetting 2: 253, using maximum allowed: 30
[  289.436996][ T6019] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.451599][ T6019] usb 1-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  289.504687][ T6019] usb 1-1: config 0 interface 0 has no altsetting 0
[  289.535548][ T6019] usb 1-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  289.576701][ T6019] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.630327][ T6019] usb 1-1: config 0 descriptor??
[  289.995375][ T8399] loop2: detected capacity change from 0 to 2048
[  290.041667][ T8399] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.124273][ T6019] creative-sb0540 0003:041E:3100.000D: No inputs registered, leaving
[  290.132233][ T8395] netlink: 8 bytes leftover after parsing attributes in process `syz.4.520'.
[  290.142756][ T6019] creative-sb0540 0003:041E:3100.000D: hidraw0: USB HID v0.00 Device [HID 041e:3100] on usb-dummy_hcd.0-1/input0
[  290.170345][ T8399] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[  290.307870][ T6456] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.374540][ T6026] usb 1-1: USB disconnect, device number 6
[  290.683791][ T8412] loop2: detected capacity change from 0 to 512
[  290.722225][ T8412] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  292.003521][ T8426] loop0: detected capacity change from 0 to 764
[  292.110125][ T8425] overlayfs: missing 'lowerdir'
[  292.180847][ T8426] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  292.271473][ T8437] loop2: detected capacity change from 0 to 512
[  292.324235][ T8425] netlink: 8 bytes leftover after parsing attributes in process `syz.4.524'.
[  292.350797][ T8437] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.366954][ T8437] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.835452][ T8432] Process accounting resumed
[  292.836774][ T6026] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  292.968834][ T6456] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.046812][ T6026] usb 2-1: Using ep0 maxpacket: 8
[  293.058772][ T6026] usb 2-1: config 5 has an invalid interface number: 72 but max is 0
[  293.070553][ T6026] usb 2-1: config 5 has no interface number 0
[  293.097197][ T6026] usb 2-1: config 5 interface 72 has no altsetting 0
[  293.125203][ T6026] usb 2-1: New USB device found, idVendor=1b3d, idProduct=01cd, bcdDevice= 8.00
[  293.136877][ T6026] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.144928][ T6026] usb 2-1: Product: syz
[  293.183202][ T6026] usb 2-1: Manufacturer: syz
[  293.193160][ T6026] usb 2-1: SerialNumber: syz
[  293.454080][ T6026] ftdi_sio 2-1:5.72: FTDI USB Serial Device converter detected
[  293.472227][ T6026] usb 2-1: Detected FT4232H
[  293.485719][ T6026] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  293.497587][ T8456] netlink: 8 bytes leftover after parsing attributes in process `syz.4.532'.
[  293.515008][ T6026] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  293.538193][ T6026] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  293.571855][ T6026] usb 2-1: USB disconnect, device number 11
[  293.589677][ T6026] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  293.659883][ T6026] ftdi_sio 2-1:5.72: device disconnected
[  294.534283][ T8473] loop1: detected capacity change from 0 to 512
[  294.586327][ T8473] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  296.070550][ T8490] syz.1.538: attempt to access beyond end of device
[  296.070550][ T8490] loop1: rw=0, sector=0, nr_sectors = 1 limit=0
[  296.315884][ T8495] loop2: detected capacity change from 0 to 164
[  296.355429][ T8495] ISOFS: unable to read i-node block
[  296.382767][ T8495] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  296.405202][ T8498] loop1: detected capacity change from 0 to 512
[  296.510827][ T8498] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.568985][ T8498] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.658664][ T8508] loop0: detected capacity change from 0 to 1024
[  296.825167][ T8504] netlink: 8 bytes leftover after parsing attributes in process `syz.4.541'.
[  296.858482][ T5773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.009182][ T8513] loop2: detected capacity change from 0 to 256
[  297.049665][   T28] audit: type=1800 audit(1750802107.550:4): pid=8512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.542" name="file1" dev="loop0" ino=20 res=0 errno=0
[  297.383175][ T8504] Process accounting resumed
[  297.417895][ T8513] FAT-fs (loop2): Directory bread(block 64) failed
[  297.424534][ T8513] FAT-fs (loop2): Directory bread(block 65) failed
[  297.599974][ T8513] FAT-fs (loop2): Directory bread(block 66) failed
[  297.628857][ T8513] FAT-fs (loop2): Directory bread(block 67) failed
[  297.694863][ T8513] FAT-fs (loop2): Directory bread(block 68) failed
[  298.583961][ T8513] FAT-fs (loop2): Directory bread(block 69) failed
[  298.636995][ T8513] FAT-fs (loop2): Directory bread(block 70) failed
[  298.646022][ T8513] FAT-fs (loop2): Directory bread(block 71) failed
[  298.656621][ T8513] FAT-fs (loop2): Directory bread(block 72) failed
[  298.663275][ T8513] FAT-fs (loop2): Directory bread(block 73) failed
[  298.722228][ T8528] loop4: detected capacity change from 0 to 512
[  298.761189][ T8528] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  298.920794][ T8528] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  298.985328][ T8528] System zones: 1-12
[  299.158081][ T8528] EXT4-fs (loop4): 1 truncate cleaned up
[  299.178772][ T8516] loop1: detected capacity change from 0 to 32768
[  299.192027][ T8528] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.227766][ T8516] XFS: noikeep mount option is deprecated.
[  299.441522][ T8516] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  299.505719][ T7859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.788758][ T8546] netlink: 36 bytes leftover after parsing attributes in process `syz.4.548'.
[  299.809979][ T8516] XFS (loop1): Ending clean mount
[  299.886068][ T8516] XFS (loop1): Quotacheck needed: Please wait.
[  300.859954][ T8516] XFS (loop1): Quotacheck: Done.
[  300.942334][ T5773] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  302.868145][ T8586] netlink: 65047 bytes leftover after parsing attributes in process `syz.1.553'.
[  302.908646][ T8578] loop0: detected capacity change from 0 to 32768
[  302.966758][ T8578] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.552 (8578)
[  303.057266][ T8578] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  303.068151][ T8590] tmpfs: Unknown parameter 'nr_ino'
[  303.084705][ T8578] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  303.107956][ T8578] BTRFS info (device loop0): enabling ssd optimizations
[  303.131165][ T8578] BTRFS info (device loop0): using spread ssd allocation scheme
[  303.146802][ T8578] BTRFS info (device loop0): using free space tree
[  303.161560][ T8593] overlayfs: missing 'lowerdir'
[  303.345048][ T8593] netlink: 8 bytes leftover after parsing attributes in process `syz.1.555'.
[  303.490144][ T8578] BTRFS info (device loop0): auto enabling async discard
[  304.031896][ T5777] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  304.052484][ T8588] Process accounting resumed
[  304.365160][ T8623] loop4: detected capacity change from 0 to 128
[  304.583551][ T8620] loop2: detected capacity change from 0 to 32768
[  304.643488][ T8620] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.560 (8620)
[  304.656755][ T6025] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  304.673547][ T8623] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  304.690504][ T8620] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  304.701020][ T8620] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  304.710023][ T8620] BTRFS info (device loop2): setting nodatacow, compression disabled
[  304.718239][ T8620] BTRFS info (device loop2): max_inline at 0
[  304.724261][ T8620] BTRFS info (device loop2): enabling disk space caching
[  304.731347][ T8620] BTRFS info (device loop2): turning off barriers
[  304.737804][ T8620] BTRFS info (device loop2): turning on flush-on-commit
[  304.744758][ T8620] BTRFS info (device loop2): doing ref verification
[  304.751441][ T8620] BTRFS info (device loop2): force clearing of disk cache
[  304.759409][ T8620] BTRFS info (device loop2): enabling ssd optimizations
[  304.766415][ T8620] BTRFS info (device loop2): max_inline at 4096
[  304.772843][ T8620] BTRFS info (device loop2): disk space caching is enabled
[  304.863060][ T8629] netlink: 8 bytes leftover after parsing attributes in process `syz.0.557'.
[  305.166681][ T6025] usb 2-1: too many endpoints for config 0 interface 0 altsetting 2: 253, using maximum allowed: 30
[  305.186806][ T6025] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  305.209835][ T6025] usb 2-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  305.231654][ T6025] usb 2-1: config 0 interface 0 has no altsetting 0
[  305.238487][ T6025] usb 2-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  305.248513][ T6025] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.260133][ T6025] usb 2-1: config 0 descriptor??
[  305.715467][ T8620] BTRFS info (device loop2): auto enabling async discard
[  305.745149][ T8620] BTRFS info (device loop2): rebuilding free space tree
[  305.819771][ T8620] BTRFS info (device loop2): disabling free space tree
[  305.828600][ T8620] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  305.838708][ T8620] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  306.341556][ T6025] creative-sb0540 0003:041E:3100.000E: No inputs registered, leaving
[  306.380803][ T8650] loop0: detected capacity change from 0 to 64
[  306.418636][ T6025] creative-sb0540 0003:041E:3100.000E: hidraw0: USB HID v0.00 Device [HID 041e:3100] on usb-dummy_hcd.1-1/input0
[  306.488834][ T6456] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  306.523102][ T6025] usb 2-1: USB disconnect, device number 12
[  306.601608][ T8653] fido_id[8653]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[  306.914199][ T8660] loop4: detected capacity change from 0 to 1024
[  307.051996][ T8660] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  307.074378][ T8660] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.235060][ T8671] tmpfs: Unknown parameter 'nr_ino'
[  307.307646][ T8676] tmpfs: Unknown parameter 'nr_ino'
[  307.477599][ T8676] Set syz1 is full, maxelem 1038 reached
[  307.501139][ T7859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.480562][ T8714] loop0: detected capacity change from 0 to 1024
[  311.531222][ T8714] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  311.906753][ T6023] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  311.942459][ T8721] loop0: detected capacity change from 0 to 4096
[  312.119818][ T8721] ntfs3: loop0: ino=5, "/" directory corrupted
[  312.147009][ T8721] ntfs3: loop0: ino=5, "/" directory corrupted
[  312.157682][ T6023] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  312.175105][ T6023] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.196610][ T6023] usb 5-1: Product: syz
[  312.207036][ T6023] usb 5-1: Manufacturer: syz
[  312.211706][ T6023] usb 5-1: SerialNumber: syz
[  312.278824][ T6023] usb 5-1: config 0 descriptor??
[  312.328788][ T8733] batadv0: entered promiscuous mode
[  312.352211][ T8732] batadv0: left promiscuous mode
[  312.433971][ T8735] tmpfs: Unknown parameter 'nr_ino'
[  312.611509][ T6023] usb 5-1: USB disconnect, device number 3
[  312.915566][ T8747] loop0: detected capacity change from 0 to 164
[  312.995793][ T8747] Unsupported NM flag settings (8)
[  313.288694][ T8753] loop0: detected capacity change from 0 to 1024
[  313.313669][ T8726] loop2: detected capacity change from 0 to 40427
[  313.331927][ T8753] hfsplus: gid requires an argument
[  313.345554][ T8753] hfsplus: unable to parse mount options
[  313.354172][ T8726] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  313.376614][ T8726] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  313.461707][ T8726] F2FS-fs (loop2): invalid crc value
[  313.516118][ T8726] F2FS-fs (loop2): Found nat_bits in checkpoint
[  313.715420][ T8726] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  313.729776][ T8726] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  313.787279][ T8726] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=64616572, run fsck to fix.
[  313.803020][ T8740] loop1: detected capacity change from 0 to 32768
[  313.864431][ T8740] JBD2: Ignoring recovery information on journal
[  314.011610][ T8740] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  314.256982][ T8740] (syz.1.576,8740,0):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  314.280956][ T8740] (syz.1.576,8740,0):ocfs2_group_add:495 ERROR: Can't read the group descriptor # 17179869184 from the device.
[  314.308073][ T8782] loop4: detected capacity change from 0 to 64
[  314.432875][ T5773] ocfs2: Unmounting device (7,1) on (node local)
[  315.327071][ T8786] loop1: detected capacity change from 0 to 22
[  315.407978][ T8786] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  315.476604][ T8786] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  315.500106][ T8792] loop0: detected capacity change from 0 to 512
[  315.556368][ T8792] EXT4-fs (loop0): Test dummy encryption mode enabled
[  315.596554][ T8792] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  315.673814][ T8792] EXT4-fs (loop0): 1 truncate cleaned up
[  315.727893][ T8792] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.784994][ T8800] tmpfs: Unknown parameter 'nr_ino'
[  315.790588][ T6025] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  315.983770][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.006061][ T8808] loop1: detected capacity change from 0 to 2048
[  316.055190][ T6025] usb 3-1: config 0 has an invalid interface number: 16 but max is 0
[  316.071553][ T8808] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  316.086474][ T6025] usb 3-1: config 0 has no interface number 0
[  316.095550][ T6025] usb 3-1: config 0 interface 16 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  316.140183][ T6025] usb 3-1: config 0 interface 16 altsetting 1 endpoint 0x89 has invalid maxpacket 40805, setting to 64
[  316.180013][ T6025] usb 3-1: config 0 interface 16 has no altsetting 0
[  316.228148][ T6025] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  316.252786][ T6025] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  316.289405][ T6025] usb 3-1: Product: syz
[  316.293665][ T6025] usb 3-1: Manufacturer: syz
[  316.320405][ T6025] usb 3-1: SerialNumber: syz
[  316.343402][ T6025] usb 3-1: config 0 descriptor??
[  316.363454][ T8794] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  316.612246][ T8794] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  316.676819][ T6025] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.16/input/input12
[  317.002234][ T8823] loop1: detected capacity change from 0 to 512
[  317.028048][ T6023] usb 3-1: USB disconnect, device number 10
[  317.046436][ T8823] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  317.081121][ T8823] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  317.122782][ T8823] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  317.170574][ T8823] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  317.196777][ T8823] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c041e01c, mo2=0000]
[  317.204966][ T8823] EXT4-fs (loop1): orphan cleanup on readonly fs
[  317.263407][ T8823] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.593: bg 0: block 34: padding at end of block bitmap is not set
[  317.341280][ T8823] Quota error (device loop1): write_blk: dquota write failed
[  317.386801][ T8823] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  317.422106][ T8823] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.593: Failed to acquire dquot type 1
[  317.494285][ T8823] EXT4-fs (loop1): 1 truncate cleaned up
[  317.519240][ T8823] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  317.538894][ T8813] loop0: detected capacity change from 0 to 32768
[  317.592168][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  317.600423][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  317.628231][ T8813] XFS (loop0): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  317.638242][ T8815] loop4: detected capacity change from 0 to 32768
[  317.798291][ T5773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.800471][ T8847] loop2: detected capacity change from 0 to 2048
[  317.852179][ T8813] XFS (loop0): Ending clean mount
[  317.897075][ T6025] XFS (loop0): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x20 
[  317.952180][ T8847] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  317.977132][ T6025] XFS (loop0): Unmount and run xfs_repair
[  317.982951][ T6025] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  318.035375][ T6025] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  318.081168][ T6025] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40  ....... .......@
[  318.133049][ T8852] tmpfs: Unknown parameter 'nr_ino'
[  318.138443][ T6025] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[  318.161598][ T6025] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37  .......F......@7
[  318.315175][ T6025] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  318.325777][ T6025] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00  ................
[  318.335540][ T6025] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  318.344809][ T6025] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  318.354424][ T8813] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x1d7/0x2d0" at daddr 0x20 len 8 error 74
[  318.366923][ T8813] XFS (loop0): Failed to initialize disk quotas.
[  319.543078][ T8865] loop1: detected capacity change from 0 to 64
[  319.753247][ T5777] XFS (loop0): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  320.366022][ T8880] loop4: detected capacity change from 0 to 256
[  320.386223][ T8880] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  320.722104][ T8888] loop0: detected capacity change from 0 to 512
[  320.787776][ T8888] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.599: bad orphan inode 11
[  320.835246][ T8888] ext4_test_bit(bit=10, block=4) = 1
[  320.852285][ T8888] is_bad_inode(inode)=0
[  320.876981][ T8888] NEXT_ORPHAN(inode)=2080374784
[  320.897069][ T8888] max_ino=32
[  320.906693][ T8888] i_nlink=0
[  320.910041][ T8888] EXT4-fs (loop0): 1 truncate cleaned up
[  320.939684][ T8888] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.104379][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.582945][ T8882] loop1: detected capacity change from 0 to 32768
[  321.604362][ T8882] XFS: ikeep mount option is deprecated.
[  321.707774][ T8882] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  321.770687][ T8887] loop2: detected capacity change from 0 to 40427
[  321.791285][ T8887] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff
[  321.827396][ T8887] F2FS-fs (loop2): invalid crc value
[  321.858929][ T8887] F2FS-fs (loop2): Found nat_bits in checkpoint
[  321.890099][ T8892] loop4: detected capacity change from 0 to 32768
[  321.896806][ T8882] XFS (loop1): Ending clean mount
[  321.914052][ T8892] XFS: ikeep mount option is deprecated.
[  321.936962][ T8882] XFS (loop1): Quotacheck needed: Please wait.
[  321.944592][ T8892] XFS: ikeep mount option is deprecated.
[  321.971856][ T8892] XFS: noikeep mount option is deprecated.
[  322.027657][ T8882] XFS (loop1): Quotacheck: Done.
[  322.049701][ T8892] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  322.096700][ T8887] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  322.334197][ T8892] XFS (loop4): Ending clean mount
[  322.366015][ T8892] XFS: ikeep mount option is deprecated.
[  322.401593][ T8918] netlink: 8 bytes leftover after parsing attributes in process `syz.0.607'.
[  322.416768][ T8892] XFS: ikeep mount option is deprecated.
[  322.679740][ T5773] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  323.296082][ T8923] loop0: detected capacity change from 0 to 2048
[  323.303738][ T8923] EXT4-fs: Ignoring removed bh option
[  323.309383][ T8923] EXT4-fs: Ignoring removed orlov option
[  323.324061][ T7859] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  323.385705][ T8923] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.436852][ T8923] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  323.700590][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.007002][ T8930] tmpfs: Unknown parameter 'nr_ino'
[  325.387586][ T8936] overlayfs: missing 'lowerdir'
[  325.468317][ T8938] syz.0.611: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  325.492667][ T8939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.610'.
[  325.525160][ T8938] CPU: 1 PID: 8938 Comm: syz.0.611 Not tainted 6.6.94-syzkaller #0
[  325.533137][ T8938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  325.543228][ T8938] Call Trace:
[  325.546542][ T8938]  <TASK>
[  325.549560][ T8938]  dump_stack_lvl+0x16c/0x230
[  325.554306][ T8938]  ? show_regs_print_info+0x20/0x20
[  325.559571][ T8938]  ? load_image+0x3b0/0x3b0
[  325.564131][ T8938]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  325.570600][ T8938]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  325.577248][ T8938]  warn_alloc+0x210/0x300
[  325.581638][ T8938]  ? zone_watermark_ok_safe+0x230/0x230
[  325.587262][ T8938]  ? _raw_spin_unlock+0x28/0x40
[  325.592187][ T8938]  ? __vb2_queue_alloc+0x794/0x1410
[  325.597455][ T8938]  __vmalloc_node_range+0x662/0x1320
[  325.603098][ T8938]  ? free_vm_area+0x50/0x50
[  325.607679][ T8938]  vmalloc_user+0x74/0x80
[  325.611978][ T8928] loop1: detected capacity change from 0 to 32768
[  325.612146][ T8938]  ? vb2_vmalloc_alloc+0xef/0x330
[  325.623642][ T8938]  vb2_vmalloc_alloc+0xef/0x330
[  325.628542][ T8938]  ? __copy_timestamp+0x1f0/0x1f0
[  325.633613][ T8938]  __vb2_queue_alloc+0x794/0x1410
[  325.638718][ T8938]  vb2_core_reqbufs+0xa57/0x1140
[  325.643728][ T8938]  ? vb2_verify_memory_type+0x570/0x570
[  325.649342][ T8938]  ? vb2_reqbufs+0x360/0x5a0
[  325.652378][ T8937] Process accounting resumed
[  325.653975][ T8938]  v4l2_m2m_ioctl_reqbufs+0x16c/0x230
[  325.664009][ T8938]  __video_do_ioctl+0xcbd/0xdd0
[  325.668930][ T8938]  ? video_ioctl2+0x30/0x30
[  325.673499][ T8938]  ? __might_fault+0xc6/0x120
[  325.678227][ T8938]  ? __might_fault+0xaa/0x120
[  325.682970][ T8938]  video_usercopy+0x838/0x1330
[  325.687807][ T8938]  ? video_ioctl2+0x30/0x30
[  325.692469][ T8938]  ? v4l_printk_ioctl+0x160/0x160
[  325.697746][ T8938]  v4l2_ioctl+0x18a/0x1e0
[  325.702152][ T8938]  ? v4l2_poll+0x2b0/0x2b0
[  325.706642][ T8938]  __se_sys_ioctl+0xfd/0x170
[  325.711306][ T8938]  do_syscall_64+0x55/0xb0
[  325.715792][ T8938]  ? clear_bhb_loop+0x40/0x90
[  325.720514][ T8938]  ? clear_bhb_loop+0x40/0x90
[  325.725220][ T8938]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  325.731160][ T8938] RIP: 0033:0x7f608d98e929
[  325.735614][ T8938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.755697][ T8938] RSP: 002b:00007f608e81b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  325.764234][ T8938] RAX: ffffffffffffffda RBX: 00007f608dbb6160 RCX: 00007f608d98e929
[  325.772319][ T8938] RDX: 00002000000000c0 RSI: 00000000c0145608 RDI: 000000000000000c
[  325.780326][ T8938] RBP: 00007f608da10b39 R08: 0000000000000000 R09: 0000000000000000
[  325.788321][ T8938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  325.796316][ T8938] R13: 0000000000000000 R14: 00007f608dbb6160 R15: 00007ffcaf557728
[  325.804321][ T8938]  </TASK>
[  325.842115][ T8938] Mem-Info:
[  325.845286][ T8938] active_anon:12909 inactive_anon:0 isolated_anon:0
[  325.845286][ T8938]  active_file:10988 inactive_file:39999 isolated_file:0
[  325.845286][ T8938]  unevictable:768 dirty:223 writeback:0
[  325.845286][ T8938]  slab_reclaimable:10606 slab_unreclaimable:96380
[  325.845286][ T8938]  mapped:30019 shmem:8345 pagetables:790
[  325.845286][ T8938]  sec_pagetables:0 bounce:0
[  325.845286][ T8938]  kernel_misc_reclaimable:0
[  325.845286][ T8938]  free:1338504 free_pcp:5547 free_cma:0
[  325.946745][ T8938] Node 0 active_anon:51936kB inactive_anon:0kB active_file:43952kB inactive_file:160092kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120076kB dirty:892kB writeback:0kB shmem:31844kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12632kB pagetables:3160kB sec_pagetables:0kB all_unreclaimable? no
[  325.980735][ T8938] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  326.011568][ T8938] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  326.043133][ T8947] overlayfs: missing 'lowerdir'
[  326.048608][ T8938] lowmem_reserve[]: 0 2525 2526 2526 2526
[  326.054612][ T8938] Node 0 DMA32 free:1435108kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:51988kB inactive_anon:0kB active_file:43952kB inactive_file:158756kB unevictable:1536kB writepending:892kB present:3129332kB managed:2589668kB mlocked:0kB bounce:0kB free_pcp:7920kB local_pcp:2116kB free_cma:0kB
[  326.110313][ T8938] lowmem_reserve[]: 0 0 1 1 1
[  326.115108][ T8938] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1336kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  326.157207][ T8938] lowmem_reserve[]: 0 0 0 0 0
[  326.162979][ T8938] Node 1 Normal free:3903072kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18080kB local_pcp:6944kB free_cma:0kB
[  326.252147][ T8938] lowmem_reserve[]: 0 0 0 0 0
[  326.258083][ T8938] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  326.271807][ T8938] Node 0 DMA32: 1*4kB (E) 228*8kB (UME) 626*16kB (UM) 343*32kB (ME) 231*64kB (UME) 290*128kB (UM) 60*256kB (UME) 23*512kB (UM) 12*1024kB (UME) 7*2048kB (M) 319*4096kB (UM) = 1435108kB
[  326.290993][ T8938] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  326.303170][ T8938] Node 1 Normal: 262*4kB (UME) 55*8kB (UME) 45*16kB (UME) 102*32kB (UME) 28*64kB (UE) 10*128kB (UME) 1*256kB (U) 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 949*4096kB (M) = 3903072kB
[  326.333305][ T8938] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  326.358279][ T8938] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  326.380828][ T8938] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  326.409196][ T8938] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  326.432289][ T8938] 56770 total pagecache pages
[  326.445466][ T8938] 0 pages in swap cache
[  326.466718][ T8938] Free swap  = 124996kB
[  326.474723][ T8938] Total swap = 124996kB
[  326.491311][ T8938] 2097051 pages RAM
[  326.503632][ T8938] 0 pages HighMem/MovableOnly
[  326.515521][ T8938] 416120 pages reserved
[  326.530223][ T8938] 0 pages cma reserved
[  326.606857][ T6025] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  326.916657][ T8956] loop1: detected capacity change from 0 to 32768
[  326.950726][ T8956] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.616 (8956)
[  326.975303][ T6025] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  327.003421][ T8956] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  327.013908][ T8956] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  327.022738][ T8956] BTRFS info (device loop1): setting nodatacow, compression disabled
[  327.031017][ T8956] BTRFS info (device loop1): max_inline at 0
[  327.037114][ T8956] BTRFS info (device loop1): enabling disk space caching
[  327.044286][ T8956] BTRFS info (device loop1): turning off barriers
[  327.050900][ T8956] BTRFS info (device loop1): turning on flush-on-commit
[  327.057963][ T8956] BTRFS info (device loop1): doing ref verification
[  327.064571][ T8956] BTRFS info (device loop1): force clearing of disk cache
[  327.071741][ T8956] BTRFS info (device loop1): enabling ssd optimizations
[  327.078799][ T8956] BTRFS info (device loop1): max_inline at 4096
[  327.085676][ T8956] BTRFS info (device loop1): disk space caching is enabled
[  327.127428][ T6025] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  327.172644][ T8956] BTRFS info (device loop1): auto enabling async discard
[  327.181363][ T8956] BTRFS info (device loop1): rebuilding free space tree
[  327.203214][ T8956] BTRFS info (device loop1): disabling free space tree
[  327.210256][ T8956] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  327.220206][ T8956] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  327.273497][ T8973] netlink: 8 bytes leftover after parsing attributes in process `syz.2.617'.
[  327.288360][ T6025] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  327.368409][ T8974] overlayfs: missing 'lowerdir'
[  327.592800][ T6025] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.176426][ T6025] usb 5-1: config 0 descriptor??
[  328.325240][ T8979] netlink: 8 bytes leftover after parsing attributes in process `syz.2.618'.
[  328.355280][ T5773] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  329.310096][ T6025] hid-led: probe of 0003:27B8:01ED.000F failed with error -71
[  329.361010][ T6025] usb 5-1: USB disconnect, device number 4
[  329.626779][ T8991] loop0: detected capacity change from 0 to 256
[  329.661738][ T8991] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  331.105312][ T9002] loop2: detected capacity change from 0 to 64
[  331.251508][ T9004] loop0: detected capacity change from 0 to 512
[  331.399042][ T9004] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002]
[  331.468392][ T9004] System zones: 1-12
[  331.478886][ T9004] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.622: Directory hole found for htree index block 0
[  331.522479][ T9004] EXT4-fs (loop0): Remounting filesystem read-only
[  331.537082][ T9004] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117
[  331.561097][ T9004] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  331.561696][ T9008] loop2: detected capacity change from 0 to 512
[  331.585499][ T9004] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.650859][ T9004] EXT4-fs: user quota file already specified
[  331.663023][ T9008] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.696916][ T9008] ext4 filesystem being mounted at /103/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  331.798088][ T6456] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.837981][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.049471][ T9015] loop2: detected capacity change from 0 to 512
[  332.093544][ T9016] loop0: detected capacity change from 0 to 2048
[  332.142725][ T9015] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.162363][ T9019] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  332.226874][ T9015] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  332.344261][ T9010] loop1: detected capacity change from 0 to 32768
[  332.349071][ T9000] loop4: detected capacity change from 0 to 32768
[  332.394079][ T9000] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  332.491149][ T9022] netlink: 8 bytes leftover after parsing attributes in process `syz.0.629'.
[  332.540233][ T9000] (syz.4.623,9000,1):ocfs2_clear_journal_error:1147 ERROR: File system error -318767104 recorded in journal 0.
[  332.623073][ T9000] (syz.4.623,9000,0):ocfs2_clear_journal_error:1149 ERROR: File system on device loop4 needs checking.
[  332.811212][ T9000] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  332.822574][ T6456] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.601888][ T9029] loop2: detected capacity change from 0 to 1024
[  333.824824][ T6456] hfsplus: bad catalog entry type
[  333.849893][ T7859] ocfs2: Unmounting device (7,4) on (node local)
[  334.097877][ T6018] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  334.152761][ T3426] hfsplus: b-tree write err: -5, ino 4
[  334.279311][ T9033] loop4: detected capacity change from 0 to 64
[  334.313160][ T6018] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  334.355666][ T6018] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  334.393249][ T3480] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.395370][ T6018] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  334.458292][ T9035] loop1: detected capacity change from 0 to 256
[  334.474888][ T6018] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.494828][ T9035] exfat: Deprecated parameter 'namecase'
[  334.503324][ T6018] usb 1-1: config 0 descriptor??
[  334.578606][ T9035] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  334.644063][ T3480] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.779646][ T3480] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.869789][ T3480] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.130961][ T6018] hid-led: probe of 0003:27B8:01ED.0010 failed with error -71
[  335.178060][ T6018] usb 1-1: USB disconnect, device number 7
[  335.745860][ T5776] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  335.762343][ T5776] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  335.788905][ T5776] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  335.817971][ T5776] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  335.832775][ T5776] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  335.841618][ T5776] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  336.100577][ T9039] loop1: detected capacity change from 0 to 32768
[  336.282068][ T9040] loop4: detected capacity change from 0 to 32768
[  336.311515][ T9040] XFS: ikeep mount option is deprecated.
[  336.453666][ T9040] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  336.679027][ T9075] loop1: detected capacity change from 0 to 64
[  336.719964][ T9040] XFS (loop4): Ending clean mount
[  336.738251][ T9040] XFS (loop4): Quotacheck needed: Please wait.
[  336.914908][ T9040] XFS (loop4): Quotacheck: Done.
[  337.200286][ T7859] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  337.483536][ T9093] overlayfs: missing 'lowerdir'
[  337.543450][ T9095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.643'.
[  337.986892][ T5776] Bluetooth: hci0: command tx timeout
[  338.088682][   T28] audit: type=1326 audit(1750802148.600:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa92d8e929 code=0x7ffc0000
[  338.144305][   T28] audit: type=1326 audit(1750802148.620:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7faa92d8e929 code=0x7ffc0000
[  338.187766][   T28] audit: type=1326 audit(1750802148.620:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa92d8e929 code=0x7ffc0000
[  338.211203][   T28] audit: type=1326 audit(1750802148.620:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa92d8e929 code=0x7ffc0000
[  338.236037][   T28] audit: type=1326 audit(1750802148.620:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7faa92d8e929 code=0x7ffc0000
[  338.276295][   T28] audit: type=1326 audit(1750802148.620:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa92d8e929 code=0x7ffc0000
[  338.332930][   T28] audit: type=1326 audit(1750802148.620:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa92d8e929 code=0x7ffc0000
[  338.366406][ T3480] hsr_slave_0: left promiscuous mode
[  338.395004][ T3480] hsr_slave_1: left promiscuous mode
[  338.483028][ T3480] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.804438][ T3480] batman_adv: batadv0: Removing interface: batadv_slave_0
[  338.827660][ T3480] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.835148][ T3480] batman_adv: batadv0: Removing interface: batadv_slave_1
[  338.894052][ T9113] loop1: detected capacity change from 0 to 128
[  339.182145][ T3480] bridge_slave_1: left allmulticast mode
[  339.271671][ T3480] bridge_slave_1: left promiscuous mode
[  339.282298][ T3480] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.331152][ T3480] bridge_slave_0: left allmulticast mode
[  339.335094][ T9113] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  339.346559][ T3480] bridge_slave_0: left promiscuous mode
[  339.376071][ T3480] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.382769][ T9113] ext4 filesystem being mounted at /194/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  339.468295][ T9113] EXT4-fs warning (device loop1): verify_group_input:151: Cannot add at group 12829 (only 1 groups)
[  339.501230][ T3480] veth1_macvtap: left promiscuous mode
[  339.507061][ T3480] veth0_macvtap: left promiscuous mode
[  339.512746][ T3480] veth1_vlan: left promiscuous mode
[  339.518296][ T3480] veth0_vlan: left promiscuous mode
[  339.523816][ T5773] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  340.076765][ T5776] Bluetooth: hci0: command tx timeout
[  340.235254][ T3480] team0 (unregistering): Port device team_slave_1 removed
[  340.300119][ T3480] team0 (unregistering): Port device team_slave_0 removed
[  340.360306][ T3480] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  340.425030][ T3480] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.062736][ T3480] bond0 (unregistering): Released all slaves
[  341.154101][ T9108] netlink: 8 bytes leftover after parsing attributes in process `syz.4.645'.
[  341.227436][ T9119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.256695][ T9119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.298621][ T9119] batadv_slave_0: entered allmulticast mode
[  341.299336][ T9122] loop4: detected capacity change from 0 to 128
[  341.323110][ T9048] chnl_net:caif_netlink_parms(): no params data found
[  341.398856][ T9122] FAT-fs (loop4): error, clusters badly computed (2 != 1)
[  341.406475][ T9122] FAT-fs (loop4): Filesystem has been set read-only
[  341.449531][ T9122] FAT-fs (loop4): error, clusters badly computed (3 != 2)
[  341.457540][ T9122] FAT-fs (loop4): error, clusters badly computed (4 != 3)
[  341.470251][ T9122] FAT-fs (loop4): error, clusters badly computed (5 != 4)
[  341.501702][ T9122] FAT-fs (loop4): error, clusters badly computed (6 != 5)
[  341.530100][ T9122] FAT-fs (loop4): error, clusters badly computed (7 != 6)
[  341.550866][ T9122] FAT-fs (loop4): error, clusters badly computed (8 != 7)
[  341.565420][ T9122] FAT-fs (loop4): error, clusters badly computed (9 != 8)
[  341.593290][ T9122] FAT-fs (loop4): error, clusters badly computed (10 != 9)
[  341.617246][ T9122] FAT-fs (loop4): error, clusters badly computed (11 != 10)
[  341.681648][ T9122] FAT-fs (loop4): error, clusters badly computed (12 != 11)
[  341.701778][ T9122] FAT-fs (loop4): error, clusters badly computed (13 != 12)
[  341.719979][ T9122] FAT-fs (loop4): error, clusters badly computed (14 != 13)
[  341.768001][ T9122] FAT-fs (loop4): error, clusters badly computed (15 != 14)
[  341.791407][ T9122] FAT-fs (loop4): error, clusters badly computed (16 != 15)
[  341.812202][ T9127] overlayfs: missing 'lowerdir'
[  341.823011][ T9122] FAT-fs (loop4): error, clusters badly computed (17 != 16)
[  341.865749][ T9048] bridge0: port 1(bridge_slave_0) entered blocking state
[  341.892142][ T9048] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.898176][ T9122] syz.4.648: attempt to access beyond end of device
[  341.898176][ T9122] loop4: rw=2049, sector=145, nr_sectors = 81 limit=128
[  341.899884][ T9127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.649'.
[  341.918109][ T9048] bridge_slave_0: entered allmulticast mode
[  341.931983][ T9048] bridge_slave_0: entered promiscuous mode
[  341.940772][ T9048] bridge0: port 2(bridge_slave_1) entered blocking state
[  341.948214][ T9048] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.955461][ T9048] bridge_slave_1: entered allmulticast mode
[  341.963202][ T9048] bridge_slave_1: entered promiscuous mode
[  342.092577][ T9048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  342.147067][ T5776] Bluetooth: hci0: command tx timeout
[  342.212672][ T9048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  342.379997][ T9124] Process accounting resumed
[  342.420610][ T9048] team0: Port device team_slave_0 added
[  342.469898][ T9048] team0: Port device team_slave_1 added
[  342.570810][ T9048] batman_adv: batadv0: Adding interface: batadv_slave_0
[  342.719481][ T6019] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[  342.758422][ T9048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  342.801105][ T9048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  342.824474][ T9048] batman_adv: batadv0: Adding interface: batadv_slave_1
[  342.838814][ T9149] loop0: detected capacity change from 0 to 256
[  342.873174][ T9048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  342.972963][ T6019] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  343.016989][ T6019] usb 5-1: config 0 has no interface number 0
[  343.038917][ T9149] FAT-fs (loop0): Directory bread(block 64) failed
[  343.065916][ T6019] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  343.088435][ T9149] FAT-fs (loop0): Directory bread(block 65) failed
[  343.095081][ T9149] FAT-fs (loop0): Directory bread(block 66) failed
[  343.363827][ T9048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  343.910492][ T6019] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  343.926736][ T9149] FAT-fs (loop0): Directory bread(block 67) failed
[  343.926986][ T6019] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  343.942682][ T6019] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.964144][ T6019] usb 5-1: config 0 descriptor??
[  343.971294][ T9139] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  343.987201][ T6019] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  344.001495][ T9149] FAT-fs (loop0): Directory bread(block 68) failed
[  344.008532][ T9149] FAT-fs (loop0): Directory bread(block 69) failed
[  344.015207][ T9149] FAT-fs (loop0): Directory bread(block 70) failed
[  344.021955][ T9149] FAT-fs (loop0): Directory bread(block 71) failed
[  344.029013][ T9149] FAT-fs (loop0): Directory bread(block 72) failed
[  344.036094][ T9149] FAT-fs (loop0): Directory bread(block 73) failed
[  344.226708][ T5776] Bluetooth: hci0: command tx timeout
[  344.283229][ T6018] usb 5-1: USB disconnect, device number 5
[  344.504907][ T9048] hsr_slave_0: entered promiscuous mode
[  344.560483][ T9048] hsr_slave_1: entered promiscuous mode
[  344.570703][ T9048] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  344.578765][ T9048] Cannot create hsr debugfs directory
[  344.641202][ T9159] overlayfs: missing 'lowerdir'
[  344.674329][ T9159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.653'.
[  345.335681][ T9169] overlayfs: missing 'lowerdir'
[  345.440931][ T9174] netlink: 8 bytes leftover after parsing attributes in process `syz.4.655'.
[  345.458566][ T9173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.656'.
[  346.015215][ T9048] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  346.027739][ T9180] loop0: detected capacity change from 0 to 256
[  346.032207][ T9048] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  346.072076][ T9166] Process accounting resumed
[  346.098838][ T9048] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  346.423154][ T9180] FAT-fs (loop0): Directory bread(block 64) failed
[  346.446284][ T9180] FAT-fs (loop0): Directory bread(block 65) failed
[  346.486949][ T9180] FAT-fs (loop0): Directory bread(block 66) failed
[  346.493582][ T9180] FAT-fs (loop0): Directory bread(block 67) failed
[  346.510277][ T9048] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  346.566808][ T9180] FAT-fs (loop0): Directory bread(block 68) failed
[  346.573443][ T9180] FAT-fs (loop0): Directory bread(block 69) failed
[  346.605400][ T9180] FAT-fs (loop0): Directory bread(block 70) failed
[  346.614159][ T9180] FAT-fs (loop0): Directory bread(block 71) failed
[  346.630934][ T9180] FAT-fs (loop0): Directory bread(block 72) failed
[  346.663153][ T9180] FAT-fs (loop0): Directory bread(block 73) failed
[  346.815907][ T9048] 8021q: adding VLAN 0 to HW filter on device bond0
[  346.829512][ T9197] overlayfs: missing 'lowerdir'
[  346.902653][ T9048] 8021q: adding VLAN 0 to HW filter on device team0
[  346.935514][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.942785][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[  347.106367][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.113603][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[  347.200918][ T9205] loop0: detected capacity change from 0 to 16
[  347.226026][ T9205] erofs: (device loop0): mounted with root inode @ nid 36.
[  347.324473][ T9205] erofs: (device loop0): erofs_init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[  347.453610][ T9191] Process accounting resumed
[  347.663954][ T9214] loop4: detected capacity change from 0 to 128
[  347.791103][ T9215] loop0: detected capacity change from 0 to 2048
[  347.897702][ T9222] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  348.180844][ T9222] NILFS (loop0): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[  348.194624][ T9222] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=16)
[  348.232618][ T9222] Remounting filesystem read-only
[  348.248535][ T9048] 8021q: adding VLAN 0 to HW filter on device batadv0
[  348.285580][ T9215] syz.0.661 (9215) used greatest stack depth: 19344 bytes left
[  348.416047][ T5777] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  348.479457][ T5777] NILFS (loop0): discard dirty page: offset=0, ino=16
[  348.511517][ T5777] NILFS (loop0): discard dirty block: blocknr=23, size=1024
[  348.519806][ T5777] NILFS (loop0): discard dirty block: blocknr=24, size=1024
[  348.539628][ T5777] NILFS (loop0): discard dirty block: blocknr=25, size=1024
[  348.566788][ T5777] NILFS (loop0): discard dirty block: blocknr=26, size=1024
[  348.584512][ T5777] NILFS (loop0): discard dirty page: offset=4096, ino=16
[  348.606609][ T5777] NILFS (loop0): discard dirty block: blocknr=27, size=1024
[  348.624321][ T5777] NILFS (loop0): discard dirty block: blocknr=28, size=1024
[  348.646659][ T5777] NILFS (loop0): discard dirty block: blocknr=29, size=1024
[  348.675817][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.700500][ T5777] NILFS (loop0): discard dirty page: offset=8192, ino=16
[  348.726755][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.740501][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.761647][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.783520][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.806687][ T5777] NILFS (loop0): discard dirty page: offset=12288, ino=16
[  348.826592][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.833883][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.877239][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.884620][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.913726][ T5777] NILFS (loop0): discard dirty page: offset=16384, ino=16
[  348.935907][ T9219] loop1: detected capacity change from 0 to 32768
[  348.937336][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  348.980736][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.009067][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.045829][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.074362][ T5777] NILFS (loop0): discard dirty page: offset=20480, ino=16
[  349.090882][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.099923][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.107429][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.121004][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.129106][ T5777] NILFS (loop0): discard dirty page: offset=24576, ino=16
[  349.138642][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.156126][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.169465][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.193905][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.204402][ T9048] veth0_vlan: entered promiscuous mode
[  349.212768][ T5777] NILFS (loop0): discard dirty page: offset=28672, ino=16
[  349.222511][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.235855][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.244771][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.257087][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.264528][ T5777] NILFS (loop0): discard dirty page: offset=32768, ino=16
[  349.279781][ T9048] veth1_vlan: entered promiscuous mode
[  349.299193][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.315781][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.325824][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.345851][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.369741][ T5777] NILFS (loop0): discard dirty page: offset=36864, ino=16
[  349.397328][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.398642][ T9048] veth0_macvtap: entered promiscuous mode
[  349.413397][ T9227] loop4: detected capacity change from 0 to 32768
[  349.415358][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.456001][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.460400][ T9048] veth1_macvtap: entered promiscuous mode
[  349.483314][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.501494][ T9227] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  349.514977][ T5777] NILFS (loop0): discard dirty page: offset=40960, ino=16
[  349.533829][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.543040][ T9048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  349.550123][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.571365][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.580810][ T9048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.592365][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.601845][ T9048] batman_adv: batadv0: Interface activated: batadv_slave_0
[  349.605732][ T5777] NILFS (loop0): discard dirty page: offset=45056, ino=16
[  349.627003][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.634302][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.642450][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.650832][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.658357][ T5777] NILFS (loop0): discard dirty page: offset=49152, ino=16
[  349.662051][ T9048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  349.665494][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.684019][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.691838][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.699363][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.717107][ T5777] NILFS (loop0): discard dirty page: offset=53248, ino=16
[  349.724741][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.735822][ T9048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.756549][ T9048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  349.756657][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.789434][ T9048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.797645][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.812474][ T9048] batman_adv: batadv0: Interface activated: batadv_slave_1
[  349.849205][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.881032][ T5777] NILFS (loop0): discard dirty page: offset=57344, ino=16
[  349.881241][ T9048] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  349.909879][ T9227] XFS (loop4): Ending clean mount
[  349.917890][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.925178][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.954348][ T9048] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  349.956580][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  349.991267][ T9048] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  350.004840][ T9048] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  350.007015][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  350.076663][ T5777] NILFS (loop0): discard dirty page: offset=61440, ino=16
[  350.083944][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  350.107235][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  350.122573][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.145847][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.180631][ T5777] NILFS (loop0): discard dirty page: offset=4096, ino=6
[  350.227206][ T5777] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[  350.235071][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.254091][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.265549][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.301871][ T7859] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  350.330386][ T5777] NILFS (loop0): discard dirty page: offset=0, ino=5
[  350.348182][ T5777] NILFS (loop0): discard dirty block: blocknr=41, size=1024
[  350.389118][ T3480] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  350.404600][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.422839][ T3480] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  350.435405][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.478919][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.515139][ T5777] NILFS (loop0): discard dirty page: offset=0, ino=3
[  350.524564][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  350.573717][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  350.581240][ T5777] NILFS (loop0): discard dirty block: blocknr=42, size=1024
[  350.599859][ T5777] NILFS (loop0): discard dirty block: blocknr=43, size=1024
[  350.617405][ T5777] NILFS (loop0): discard dirty block: blocknr=44, size=1024
[  350.624777][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  350.656821][ T5777] NILFS (loop0): discard dirty page: offset=4096, ino=3
[  350.663863][ T5777] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  350.687810][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.709590][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  350.737705][ T5777] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  351.188144][ T9273] netlink: 8 bytes leftover after parsing attributes in process `syz.4.667'.
[  352.065013][ T9260] loop1: detected capacity change from 0 to 40427
[  352.152555][ T9260] F2FS-fs (loop1): invalid crc value
[  352.185773][ T9260] F2FS-fs (loop1): Found nat_bits in checkpoint
[  352.388378][ T9260] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  352.421522][ T9287] overlayfs: missing 'lowerdir'
[  352.657072][ T9266] loop0: detected capacity change from 0 to 32768
[  352.897020][ T9266] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  352.915491][ T5773] syz-executor: attempt to access beyond end of device
[  352.915491][ T5773] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  353.055393][ T9285] Process accounting resumed
[  353.069456][ T5773] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  353.262408][ T9266] XFS (loop0): Ending clean mount
[  353.315793][ T9266] XFS (loop0): Quotacheck needed: Please wait.
[  353.451411][ T9266] XFS (loop0): Quotacheck: Done.
[  353.533455][ T9304] loop4: detected capacity change from 0 to 4096
[  353.567907][ T5777] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  353.589064][ T9304] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  353.777297][   T28] audit: type=1800 audit(1750802164.280:12): pid=9304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.671" name="file1" dev="loop4" ino=30 res=0 errno=0
[  354.169831][ T9314] loop4: detected capacity change from 0 to 2048
[  354.187937][ T9317] tmpfs: Unknown parameter 'nr_ino'
[  354.258809][ T9314] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.282785][ T9317] Set syz1 is full, maxelem 1038 reached
[  354.335347][ T9314] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  354.458427][ T7859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.471687][ T9325] netlink: 8 bytes leftover after parsing attributes in process `syz.5.675'.
[  354.481086][ T6025] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  354.917445][ T6025] usb 2-1: Using ep0 maxpacket: 16
[  355.318183][ T6025] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  355.336561][ T6025] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.352498][ T6025] usb 2-1: Product: syz
[  355.361802][ T6025] usb 2-1: Manufacturer: syz
[  355.381322][ T6025] usb 2-1: SerialNumber: syz
[  355.395277][ T6025] ssu100 2-1:254.0: Quatech SSU-100 USB to Serial Driver converter detected
[  355.867206][ T9338] overlayfs: missing 'lowerdir'
[  355.986670][ T6023] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  356.014147][ T6025] ssu100: probe of 2-1:254.0 failed with error -71
[  356.024279][ T9338] netlink: 8 bytes leftover after parsing attributes in process `syz.4.677'.
[  356.043057][ T6025] usb 2-1: USB disconnect, device number 13
[  356.184891][ T6023] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[  356.218967][ T6023] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  356.274720][ T6023] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  356.349052][ T6023] usb 6-1: config 220 has no interface number 2
[  356.384745][ T6023] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  356.402946][ T6023] usb 6-1: config 220 interface 0 has no altsetting 0
[  356.410247][ T6023] usb 6-1: config 220 interface 76 has no altsetting 0
[  356.417589][ T6023] usb 6-1: config 220 interface 1 has no altsetting 0
[  356.429339][ T6023] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  356.439067][ T6023] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.469364][ T6023] usb 6-1: Product: syz
[  356.474287][ T6023] usb 6-1: Manufacturer: syz
[  356.480023][ T6023] usb 6-1: SerialNumber: syz
[  356.724156][ T6023] uvcvideo 6-1:220.1: Unknown video format 00000000-0000-0000-0000-000000000000
[  356.750287][ T6023] usb 6-1: Found UVC 7.01 device syz (8086:0b07)
[  356.796616][ T6023] usb 6-1: No valid video chain found.
[  356.807237][ T6023] usb 6-1: selecting invalid altsetting 0
[  356.816968][ T9362] loop1: detected capacity change from 0 to 256
[  356.820813][ T9361] overlayfs: missing 'lowerdir'
[  356.837888][ T6023] usb 6-1: selecting invalid altsetting 0
[  356.884968][ T6023] usbtest: probe of 6-1:220.1 failed with error -22
[  356.947393][ T6023] usb 6-1: USB disconnect, device number 2
[  357.637721][ T9356] Process accounting resumed
[  357.762775][ T9378] loop1: detected capacity change from 0 to 1024
[  357.788354][ T9378] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  357.873417][ T9378] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.951834][ T9378] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  358.154624][ T9378] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  358.250978][ T9378] EXT4-fs (loop1): Remounting filesystem read-only
[  358.349310][ T9390] overlayfs: missing 'lowerdir'
[  358.456850][ T9390] netlink: 8 bytes leftover after parsing attributes in process `syz.4.687'.
[  358.532286][ T9374] loop5: detected capacity change from 0 to 32768
[  358.535041][ T5773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.558043][ T9372] loop0: detected capacity change from 0 to 32768
[  358.580038][ T9372] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.683 (9372)
[  358.626873][ T9372] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  358.659120][ T9372] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  358.721698][ T9374] MetaData crosses page boundary!!
[  358.736860][ T9372] BTRFS info (device loop0): force clearing of disk cache
[  358.780062][ T9374] lblock = 60b00, size  = 8908800
[  358.786833][ T9372] BTRFS info (device loop0): enabling auto defrag
[  358.793713][ T9372] BTRFS info (device loop0): max_inline at 0
[  358.815160][ T9372] BTRFS info (device loop0): enabling disk space caching
[  358.826930][ T9374] CPU: 1 PID: 9374 Comm: syz.5.684 Not tainted 6.6.94-syzkaller #0
[  358.834875][ T9374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  358.844942][ T9374] Call Trace:
[  358.848229][ T9374]  <TASK>
[  358.851167][ T9374]  dump_stack_lvl+0x16c/0x230
[  358.855863][ T9374]  ? show_regs_print_info+0x20/0x20
[  358.861085][ T9374]  ? load_image+0x3b0/0x3b0
[  358.865689][ T9374]  ? folio_unlock+0x118/0x2e0
[  358.870382][ T9374]  __get_metapage+0xaac/0xfa0
[  358.875077][ T9374]  dtSearch+0x591/0x21b0
[  358.879358][ T9374]  jfs_lookup+0x156/0x380
[  358.883702][ T9374]  ? jfs_get_parent+0xb0/0xb0
[  358.888434][ T9374]  ? __lock_acquire+0x7c80/0x7c80
[  358.888990][ T9372] BTRFS info (device loop0): disk space caching is enabled
[  358.893492][ T9374]  ? __rwlock_init+0x150/0x150
[  358.905495][ T9374]  ? _raw_spin_unlock+0x28/0x40
[  358.910377][ T9374]  ? d_alloc+0x173/0x1b0
[  358.914645][ T9374]  lookup_one_qstr_excl+0x112/0x250
[  358.919861][ T9374]  filename_create+0x222/0x460
[  358.924646][ T9374]  ? kern_path_create+0x50/0x50
[  358.929521][ T9374]  ? __virt_addr_valid+0x18c/0x540
[  358.934644][ T9374]  ? __virt_addr_valid+0x469/0x540
[  358.939776][ T9374]  do_mkdirat+0xa1/0x440
[  358.944035][ T9374]  ? vfs_mkdir+0x440/0x440
[  358.948475][ T9374]  __x64_sys_mkdirat+0x89/0xa0
[  358.953267][ T9374]  do_syscall_64+0x55/0xb0
[  358.957901][ T9374]  ? clear_bhb_loop+0x40/0x90
[  358.962606][ T9374]  ? clear_bhb_loop+0x40/0x90
[  358.967303][ T9374]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  358.973214][ T9374] RIP: 0033:0x7f2f2818e929
[  358.977642][ T9374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.997521][ T9374] RSP: 002b:00007f2f28f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  359.005968][ T9374] RAX: ffffffffffffffda RBX: 00007f2f283b5fa0 RCX: 00007f2f2818e929
[  359.013991][ T9374] RDX: 0000000000000000 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  359.021989][ T9374] RBP: 00007f2f28210b39 R08: 0000000000000000 R09: 0000000000000000
[  359.029980][ T9374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  359.037970][ T9374] R13: 0000000000000000 R14: 00007f2f283b5fa0 R15: 00007ffc3dbbfa38
[  359.045970][ T9374]  </TASK>
[  359.099679][ T9374] bread failed!
[  359.103265][ T9374] jfs_lookup: dtSearch returned -5
[  359.164686][  T112] blkno = 8ed2c, nblocks = 1
[  359.170315][  T112] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  359.170315][  T112] 
[  359.184405][  T112] ERROR: (device loop5): remounting filesystem as read-only
[  359.192698][  T112] JFS: metapage_get_blocks failed
[  359.208255][  T112] ERROR: (device loop5): release_metapage: metapage_write_one() failed
[  359.208255][  T112] 
[  359.495442][  T112] blkno = 8ed2c, nblocks = 1
[  359.529113][  T112] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  359.529113][  T112] 
[  359.690978][ T9372] BTRFS info (device loop0): enabling ssd optimizations
[  359.723433][ T9372] BTRFS info (device loop0): rebuilding free space tree
[  359.920149][ T9372] BTRFS info (device loop0): disabling free space tree
[  359.927483][ T9372] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  359.937611][ T9372] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  360.128790][ T9421] loop1: detected capacity change from 0 to 32768
[  360.183546][ T9421]  loop1: p1 p2 p3 < p5 >
[  360.188643][ T9421] loop1: p1 size 242222080 extends beyond EOD, truncated
[  361.520689][ T5777] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  361.653147][ T6169] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 11 /dev/loop0 scanned by udevd (6169)
[  361.683878][ T9425] warn_alloc: 1 callbacks suppressed
[  361.683898][ T9425] syz.4.690: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  361.833473][ T9425] CPU: 1 PID: 9425 Comm: syz.4.690 Not tainted 6.6.94-syzkaller #0
[  361.841457][ T9425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  361.851559][ T9425] Call Trace:
[  361.854885][ T9425]  <TASK>
[  361.857860][ T9425]  dump_stack_lvl+0x16c/0x230
[  361.862621][ T9425]  ? show_regs_print_info+0x20/0x20
[  361.867889][ T9425]  ? load_image+0x3b0/0x3b0
[  361.872462][ T9425]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  361.878935][ T9425]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  361.885512][ T9425]  warn_alloc+0x210/0x300
[  361.889910][ T9425]  ? zone_watermark_ok_safe+0x230/0x230
[  361.895525][ T9425]  ? _raw_spin_unlock+0x28/0x40
[  361.900449][ T9425]  ? __vb2_queue_alloc+0x794/0x1410
[  361.905715][ T9425]  __vmalloc_node_range+0x662/0x1320
[  361.911099][ T9425]  ? free_vm_area+0x50/0x50
[  361.915869][ T9425]  vmalloc_user+0x74/0x80
[  361.920277][ T9425]  ? vb2_vmalloc_alloc+0xef/0x330
[  361.925359][ T9425]  vb2_vmalloc_alloc+0xef/0x330
[  361.930266][ T9425]  ? __copy_timestamp+0x1f0/0x1f0
[  361.935348][ T9425]  __vb2_queue_alloc+0x794/0x1410
[  361.940466][ T9425]  vb2_core_reqbufs+0xa57/0x1140
[  361.945487][ T9425]  ? vb2_verify_memory_type+0x570/0x570
[  361.951107][ T9425]  ? vb2_reqbufs+0x360/0x5a0
[  361.955757][ T9425]  v4l2_m2m_ioctl_reqbufs+0x16c/0x230
[  361.961195][ T9425]  __video_do_ioctl+0xcbd/0xdd0
[  361.966129][ T9425]  ? video_ioctl2+0x30/0x30
[  361.970788][ T9425]  ? __might_fault+0xc6/0x120
[  361.975528][ T9425]  ? __might_fault+0xaa/0x120
[  361.980286][ T9425]  video_usercopy+0x838/0x1330
[  361.985126][ T9425]  ? video_ioctl2+0x30/0x30
[  361.989705][ T9425]  ? v4l_printk_ioctl+0x160/0x160
[  361.994831][ T9425]  v4l2_ioctl+0x18a/0x1e0
[  361.999657][ T9425]  ? v4l2_poll+0x2b0/0x2b0
[  362.004130][ T9425]  __se_sys_ioctl+0xfd/0x170
[  362.008823][ T9425]  do_syscall_64+0x55/0xb0
[  362.013315][ T9425]  ? clear_bhb_loop+0x40/0x90
[  362.018045][ T9425]  ? clear_bhb_loop+0x40/0x90
[  362.022780][ T9425]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  362.028754][ T9425] RIP: 0033:0x7faa92d8e929
[  362.033229][ T9425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.052892][ T9425] RSP: 002b:00007faa93bf2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  362.061362][ T9425] RAX: ffffffffffffffda RBX: 00007faa92fb6160 RCX: 00007faa92d8e929
[  362.069383][ T9425] RDX: 00002000000000c0 RSI: 00000000c0145608 RDI: 000000000000000b
[  362.077406][ T9425] RBP: 00007faa92e10b39 R08: 0000000000000000 R09: 0000000000000000
[  362.085431][ T9425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  362.093450][ T9425] R13: 0000000000000000 R14: 00007faa92fb6160 R15: 00007ffe8a31ada8
[  362.101578][ T9425]  </TASK>
[  362.199138][ T7166] udevd[7166]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  362.199727][ T5774] udevd[5774]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  362.230050][ T6005] udevd[6005]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  362.245696][ T5790] udevd[5790]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  362.255732][ T9425] Mem-Info:
[  362.255750][ T9425] active_anon:13471 inactive_anon:0 isolated_anon:0
[  362.255750][ T9425]  active_file:10988 inactive_file:40031 isolated_file:0
[  362.255750][ T9425]  unevictable:768 dirty:204 writeback:0
[  362.255750][ T9425]  slab_reclaimable:10784 slab_unreclaimable:97110
[  362.255750][ T9425]  mapped:31155 shmem:8363 pagetables:862
[  362.255750][ T9425]  sec_pagetables:0 bounce:0
[  362.255750][ T9425]  kernel_misc_reclaimable:0
[  362.255750][ T9425]  free:1337454 free_pcp:9169 free_cma:0
[  362.255809][ T9425] Node 0 active_anon:53884kB inactive_anon:0kB active_file:43952kB inactive_file:159920kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:124620kB dirty:812kB writeback:0kB shmem:31916kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12784kB pagetables:3448kB sec_pagetables:0kB all_unreclaimable? no
[  362.255866][ T9425] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  362.255920][ T9425] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  362.255981][ T9425] lowmem_reserve[]: 0 2525 2526 2526 2526
[  362.256027][ T9425] Node 0 DMA32 free:1431128kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:53836kB inactive_anon:0kB active_file:43952kB inactive_file:158584kB unevictable:1536kB writepending:808kB present:3129332kB managed:2589668kB mlocked:0kB bounce:0kB free_pcp:18852kB local_pcp:5648kB free_cma:0kB
[  362.498958][ T9446] overlayfs: missing 'lowerdir'
[  362.510164][ T9425] lowmem_reserve[]: 0 0 1 1 1
[  362.516131][ T9425] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1336kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  362.653114][ T9425] lowmem_reserve[]: 0 0 0 0 0
[  362.744625][ T9452] loop5: detected capacity change from 0 to 512
[  362.842452][ T9452] EXT4-fs error (device loop5): ext4_do_update_inode:5224: inode #16: comm syz.5.696: corrupted inode contents
[  362.876435][ T9452] EXT4-fs error (device loop5): ext4_dirty_inode:6100: inode #16: comm syz.5.696: mark_inode_dirty error
[  362.892479][ T9452] EXT4-fs error (device loop5): ext4_do_update_inode:5224: inode #16: comm syz.5.696: corrupted inode contents
[  362.911381][ T9425] Node 1 Normal free:3903328kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:17824kB local_pcp:6944kB free_cma:0kB
[  362.997906][ T9425] lowmem_reserve[]: 0 0 0 0 0
[  363.002732][ T9425] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  363.061820][ T9452] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #16: comm syz.5.696: mark_inode_dirty error
[  363.101251][ T9425] Node 0 DMA32: 562*4kB (UME) 1010*8kB (UME) 598*16kB (UME) 331*32kB (UME) 265*64kB (UM) 321*128kB (UME) 70*256kB (UME) 26*512kB (UM) 11*1024kB (UM) 7*2048kB (M) 320*4096kB (UM) = 1456088kB
[  363.135228][ T9425] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  363.144223][ T9444] Process accounting resumed
[  363.151982][ T9452] EXT4-fs error (device loop5): ext4_do_update_inode:5224: inode #16: comm syz.5.696: corrupted inode contents
[  363.223906][ T9457] loop1: detected capacity change from 0 to 512
[  363.227367][ T9452] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  363.241807][ T9457] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  363.278588][ T9425] Node 1 Normal: 262*4kB (UME) 55*8kB (UME) 45*16kB (UME) 106*32kB (UME) 30*64kB (UE) 10*128kB (UME) 1*256kB (U) 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 949*4096kB (M) = 3903328kB
[  363.293411][ T9452] EXT4-fs error (device loop5): ext4_do_update_inode:5224: inode #16: comm syz.5.696: corrupted inode contents
[  363.312060][ T9457] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm syz.1.697: bg 0: block 5: invalid block bitmap
[  363.335357][ T9452] EXT4-fs error (device loop5): ext4_truncate:4283: inode #16: comm syz.5.696: mark_inode_dirty error
[  363.366346][ T9425] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  363.380760][ T9457] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6642: Corrupt filesystem
[  363.381657][ T9425] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  363.392794][ T9457] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.697: invalid indirect mapped block 3 (level 2)
[  363.400018][ T9452] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  363.423105][ T9457] EXT4-fs (loop1): 2 truncates cleaned up
[  363.431576][ T9457] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.454634][ T9452] EXT4-fs (loop5): 1 truncate cleaned up
[  363.462016][ T9452] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.481652][   T48] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  363.494727][ T9425] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  363.498327][   T48] EXT4-fs error (device loop5): ext4_release_dquot:6974: comm kworker/u4:3: Failed to release dquot type 1
[  363.522402][ T9425] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  363.542229][ T9425] 55476 total pagecache pages
[  363.563624][ T9425] 0 pages in swap cache
[  363.568182][ T9452] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.598262][ T9425] Free swap  = 124996kB
[  363.618374][ T9425] Total swap = 124996kB
[  363.641828][ T9425] 2097051 pages RAM
[  363.671522][ T9425] 0 pages HighMem/MovableOnly
[  363.708059][ T9425] 416120 pages reserved
[  363.717578][ T9425] 0 pages cma reserved
[  363.828765][ T5773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.861643][ T9048] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.068582][ T9462] loop1: detected capacity change from 0 to 16
[  364.097030][ T9462] erofs: (device loop1): mounted with root inode @ nid 36.
[  364.227508][ T9462] overlayfs: failed to get redirect (-117)
[  364.470344][ T9475] loop1: detected capacity change from 0 to 512
[  364.494493][ T9470] overlayfs: missing 'lowerdir'
[  364.521939][ T9470] netlink: 8 bytes leftover after parsing attributes in process `syz.5.699'.
[  364.527473][ T9450] loop0: detected capacity change from 0 to 32768
[  364.539161][ T9475] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  364.580289][ T9450] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  364.604190][ T9475] EXT4-fs (loop1): 1 truncate cleaned up
[  364.641985][ T9475] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.656868][ T9450] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  364.666293][ T9450] BTRFS info (device loop0): force clearing of disk cache
[  364.716790][ T9450] BTRFS info (device loop0): enabling auto defrag
[  364.760000][ T9450] BTRFS info (device loop0): max_inline at 0
[  364.810955][ T9450] BTRFS info (device loop0): enabling disk space caching
[  364.866947][ T9450] BTRFS info (device loop0): disk space caching is enabled
[  364.933596][ T9485] overlayfs: missing 'lowerdir'
[  364.968301][ T5773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.040203][ T9485] netlink: 8 bytes leftover after parsing attributes in process `syz.4.703'.
[  365.196848][ T9450] BTRFS info (device loop0): enabling ssd optimizations
[  365.337639][ T9450] BTRFS info (device loop0): rebuilding free space tree
[  365.531141][ T9450] BTRFS info (device loop0): disabling free space tree
[  365.552494][ T9450] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  365.566588][ T9450] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  366.060813][ T9485] Process accounting resumed
[  366.126801][ T5777] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  366.279834][ T9517] loop4: detected capacity change from 0 to 1024
[  366.283062][ T9518] loop5: detected capacity change from 0 to 256
[  366.492470][ T9518] FAT-fs (loop5): Directory bread(block 64) failed
[  366.504905][ T9518] FAT-fs (loop5): Directory bread(block 65) failed
[  366.513586][ T9518] FAT-fs (loop5): Directory bread(block 66) failed
[  366.525828][ T9518] FAT-fs (loop5): Directory bread(block 67) failed
[  366.555821][ T9518] FAT-fs (loop5): Directory bread(block 68) failed
[  366.575747][ T9518] FAT-fs (loop5): Directory bread(block 69) failed
[  366.589710][ T9518] FAT-fs (loop5): Directory bread(block 70) failed
[  366.598175][   T49] hfsplus: b-tree write err: -5, ino 4
[  366.611136][ T9518] FAT-fs (loop5): Directory bread(block 71) failed
[  366.618516][ T9518] FAT-fs (loop5): Directory bread(block 72) failed
[  366.625128][ T9518] FAT-fs (loop5): Directory bread(block 73) failed
[  368.188069][ T9535] loop5: detected capacity change from 0 to 1024
[  368.796586][ T9540] loop5: detected capacity change from 0 to 1024
[  368.871873][ T5790] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  368.914704][ T9543] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input13
[  368.992889][ T9545] loop0: detected capacity change from 0 to 4096
[  369.050857][ T9545] NILFS (loop0): invalid segment: Checksum error in segment payload
[  369.166211][ T9545] NILFS (loop0): trying rollback from an earlier position
[  369.273849][ T9545] NILFS (loop0): recovery complete
[  369.330479][ T9553] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  369.532852][ T9557] netlink: 8 bytes leftover after parsing attributes in process `syz.1.717'.
[  370.646751][ T9578] loop4: detected capacity change from 0 to 128
[  370.681920][ T9578] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  370.726204][ T9578] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  372.472974][ T9574] loop5: detected capacity change from 0 to 32768
[  372.578434][ T9574] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  373.508183][ T9601] 
[  373.510575][ T9601] ======================================================
[  373.517611][ T9601] WARNING: possible circular locking dependency detected
[  373.524659][ T9601] 6.6.94-syzkaller #0 Not tainted
[  373.529688][ T9601] ------------------------------------------------------
[  373.536720][ T9601] syz.5.721/9601 is trying to acquire lock:
[  373.542623][ T9601] ffff888078158608 (sb_internal#3){.+.+}-{0:0}, at: ocfs2_setattr+0x95a/0x1b20
[  373.551615][ T9601] 
[  373.551615][ T9601] but task is already holding lock:
[  373.558983][ T9601] ffff88805ccfbf60 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_setattr+0x94b/0x1b20
[  373.569278][ T9601] 
[  373.569278][ T9601] which lock already depends on the new lock.
[  373.569278][ T9601] 
[  373.579688][ T9601] 
[  373.579688][ T9601] the existing dependency chain (in reverse order) is:
[  373.588727][ T9601] 
[  373.588727][ T9601] -> #4 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}:
[  373.597556][ T9601]        down_write+0x97/0x1f0
[  373.602342][ T9601]        ocfs2_try_remove_refcount_tree+0xb7/0x320
[  373.608945][ T9601]        ocfs2_xattr_set+0x596/0x11f0
[  373.614329][ T9601]        ocfs2_set_acl+0x4e1/0x590
[  373.619444][ T9601]        ocfs2_iop_set_acl+0x1ab/0x2a0
[  373.624916][ T9601]        vfs_set_acl+0x803/0xa60
[  373.629868][ T9601]        __se_sys_fsetxattr+0x450/0x4b0
[  373.635436][ T9601]        do_syscall_64+0x55/0xb0
[  373.640395][ T9601]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  373.646828][ T9601] 
[  373.646828][ T9601] -> #3 (&oi->ip_xattr_sem){++++}-{3:3}:
[  373.654655][ T9601]        down_read+0x46/0x2e0
[  373.659344][ T9601]        ocfs2_init_acl+0x2fa/0x720
[  373.664546][ T9601]        ocfs2_mknod+0x12e5/0x20f0
[  373.669668][ T9601]        ocfs2_mkdir+0x196/0x410
[  373.674615][ T9601]        vfs_mkdir+0x296/0x440
[  373.679385][ T9601]        do_mkdirat+0x1d4/0x440
[  373.684241][ T9601]        __x64_sys_mkdirat+0x89/0xa0
[  373.689543][ T9601]        do_syscall_64+0x55/0xb0
[  373.694504][ T9601]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  373.700941][ T9601] 
[  373.700941][ T9601] -> #2 (jbd2_handle){++++}-{0:0}:
[  373.708339][ T9601]        start_this_handle+0x1e9d/0x20c0
[  373.713985][ T9601]        jbd2__journal_start+0x2bb/0x5b0
[  373.719625][ T9601]        jbd2_journal_start+0x2a/0x40
[  373.725553][ T9601]        ocfs2_start_trans+0x376/0x6c0
[  373.731118][ T9601]        ocfs2_mknod+0xe47/0x20f0
[  373.736176][ T9601]        ocfs2_create+0x196/0x410
[  373.741477][ T9601]        path_openat+0x1277/0x3190
[  373.746644][ T9601]        do_filp_open+0x1c5/0x3d0
[  373.751719][ T9601]        do_sys_openat2+0x12c/0x1c0
[  373.757024][ T9601]        __x64_sys_openat+0x139/0x160
[  373.762427][ T9601]        do_syscall_64+0x55/0xb0
[  373.767458][ T9601]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  373.773890][ T9601] 
[  373.773890][ T9601] -> #1 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  373.782416][ T9601]        down_read+0x46/0x2e0
[  373.787117][ T9601]        ocfs2_start_trans+0x36a/0x6c0
[  373.792581][ T9601]        ocfs2_mknod+0xe47/0x20f0
[  373.797626][ T9601]        ocfs2_create+0x196/0x410
[  373.802671][ T9601]        path_openat+0x1277/0x3190
[  373.807806][ T9601]        do_filp_open+0x1c5/0x3d0
[  373.812842][ T9601]        do_sys_openat2+0x12c/0x1c0
[  373.818081][ T9601]        __x64_sys_openat+0x139/0x160
[  373.823489][ T9601]        do_syscall_64+0x55/0xb0
[  373.828450][ T9601]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  373.834886][ T9601] 
[  373.834886][ T9601] -> #0 (sb_internal#3){.+.+}-{0:0}:
[  373.842462][ T9601]        __lock_acquire+0x2ddb/0x7c80
[  373.847861][ T9601]        lock_acquire+0x197/0x410
[  373.852908][ T9601]        ocfs2_start_trans+0x26b/0x6c0
[  373.858378][ T9601]        ocfs2_setattr+0x95a/0x1b20
[  373.863588][ T9601]        notify_change+0xb0d/0xe10
[  373.868717][ T9601]        do_truncate+0x19b/0x220
[  373.873665][ T9601]        vfs_truncate+0x266/0x300
[  373.878706][ T9601]        do_sys_truncate+0xe0/0x1a0
[  373.883932][ T9601]        do_syscall_64+0x55/0xb0
[  373.889074][ T9601]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  373.895519][ T9601] 
[  373.895519][ T9601] other info that might help us debug this:
[  373.895519][ T9601] 
[  373.905752][ T9601] Chain exists of:
[  373.905752][ T9601]   sb_internal#3 --> &oi->ip_xattr_sem --> &ocfs2_file_ip_alloc_sem_key
[  373.905752][ T9601] 
[  373.919952][ T9601]  Possible unsafe locking scenario:
[  373.919952][ T9601] 
[  373.928103][ T9601]        CPU0                    CPU1
[  373.933469][ T9601]        ----                    ----
[  373.938847][ T9601]   lock(&ocfs2_file_ip_alloc_sem_key);
[  373.944400][ T9601]                                lock(&oi->ip_xattr_sem);
[  373.951515][ T9601]                                lock(&ocfs2_file_ip_alloc_sem_key);
[  373.959598][ T9601]   rlock(sb_internal#3);
[  373.963938][ T9601] 
[  373.963938][ T9601]  *** DEADLOCK ***
[  373.963938][ T9601] 
[  373.972083][ T9601] 3 locks held by syz.5.721/9601:
[  373.977106][ T9601]  #0: ffff888078158418 (sb_writers#23){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  373.986457][ T9601]  #1: ffff88805ccfc2d8 (&sb->s_type->i_mutex_key#27){+.+.}-{3:3}, at: do_truncate+0x187/0x220
[  373.996877][ T9601]  #2: ffff88805ccfbf60 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_setattr+0x94b/0x1b20
[  374.007735][ T9601] 
[  374.007735][ T9601] stack backtrace:
[  374.013656][ T9601] CPU: 0 PID: 9601 Comm: syz.5.721 Not tainted 6.6.94-syzkaller #0
[  374.021553][ T9601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  374.031890][ T9601] Call Trace:
[  374.035236][ T9601]  <TASK>
[  374.038200][ T9601]  dump_stack_lvl+0x16c/0x230
[  374.042899][ T9601]  ? load_image+0x3b0/0x3b0
[  374.047421][ T9601]  ? show_regs_print_info+0x20/0x20
[  374.052637][ T9601]  ? print_circular_bug+0x12b/0x1a0
[  374.057882][ T9601]  check_noncircular+0x2bd/0x3c0
[  374.062834][ T9601]  ? print_deadlock_bug+0x5d0/0x5d0
[  374.068039][ T9601]  ? lockdep_lock+0xe0/0x220
[  374.072639][ T9601]  ? _find_first_zero_bit+0xd3/0x100
[  374.077935][ T9601]  __lock_acquire+0x2ddb/0x7c80
[  374.082802][ T9601]  ? verify_lock_unused+0x140/0x140
[  374.088012][ T9601]  ? verify_lock_unused+0x140/0x140
[  374.093222][ T9601]  ? verify_lock_unused+0x140/0x140
[  374.098431][ T9601]  ? sb_end_intwrite+0xe9/0x1c0
[  374.103310][ T9601]  lock_acquire+0x197/0x410
[  374.107822][ T9601]  ? ocfs2_setattr+0x95a/0x1b20
[  374.112692][ T9601]  ? __might_sleep+0xe0/0xe0
[  374.117292][ T9601]  ? do_raw_spin_lock+0x121/0x2c0
[  374.122328][ T9601]  ? read_lock_is_recursive+0x20/0x20
[  374.127719][ T9601]  ? __rwlock_init+0x150/0x150
[  374.132510][ T9601]  ? do_raw_spin_unlock+0x121/0x230
[  374.137729][ T9601]  ocfs2_start_trans+0x26b/0x6c0
[  374.142673][ T9601]  ? ocfs2_setattr+0x95a/0x1b20
[  374.147541][ T9601]  ? ocfs2_recovery_exit+0x50/0x50
[  374.152659][ T9601]  ? setattr_prepare+0x1e6/0xac0
[  374.157645][ T9601]  ? inode_newsize_ok+0x17d/0x1b0
[  374.162684][ T9601]  ocfs2_setattr+0x95a/0x1b20
[  374.167385][ T9601]  ? ocfs2_extend_allocation+0x1760/0x1760
[  374.173210][ T9601]  ? ktime_get_coarse_real_ts64+0x3a/0x120
[  374.179115][ T9601]  ? seqcount_lockdep_reader_access+0x176/0x1c0
[  374.185374][ T9601]  ? ktime_get_coarse_real_ts64+0x110/0x120
[  374.191286][ T9601]  ? current_time+0x18e/0x270
[  374.196064][ T9601]  ? inode_set_ctime_current+0x2d0/0x2d0
[  374.201709][ T9601]  ? evm_inode_setattr+0x94/0x6a0
[  374.206778][ T9601]  ? bpf_lsm_inode_setattr+0x9/0x10
[  374.211988][ T9601]  ? try_break_deleg+0x79/0x120
[  374.216853][ T9601]  ? ocfs2_extend_allocation+0x1760/0x1760
[  374.222675][ T9601]  notify_change+0xb0d/0xe10
[  374.227292][ T9601]  do_truncate+0x19b/0x220
[  374.231722][ T9601]  ? put_page_bootmem+0x2c0/0x2c0
[  374.236762][ T9601]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  374.241731][ T9601]  ? bpf_lsm_path_truncate+0x9/0x10
[  374.246939][ T9601]  vfs_truncate+0x266/0x300
[  374.251498][ T9601]  do_sys_truncate+0xe0/0x1a0
[  374.256181][ T9601]  ? break_lease+0xd0/0xd0
[  374.260603][ T9601]  ? lockdep_hardirqs_on+0x98/0x150
[  374.265808][ T9601]  do_syscall_64+0x55/0xb0
[  374.270236][ T9601]  ? clear_bhb_loop+0x40/0x90
[  374.274915][ T9601]  ? clear_bhb_loop+0x40/0x90
[  374.279601][ T9601]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  374.285545][ T9601] RIP: 0033:0x7f2f2818e929
[  374.289968][ T9601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.309701][ T9601] RSP: 002b:00007f2f28f26038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  374.318123][ T9601] RAX: ffffffffffffffda RBX: 00007f2f283b6080 RCX: 00007f2f2818e929
[  374.326142][ T9601] RDX: 0000000000000000 RSI: 00000000000000ff RDI: 0000200000000680
[  374.334142][ T9601] RBP: 00007f2f28210b39 R08: 0000000000000000 R09: 0000000000000000
[  374.342211][ T9601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.350214][ T9601] R13: 0000000000000001 R14: 00007f2f283b6080 R15: 00007ffc3dbbfa38
[  374.358201][ T9601]  </TASK>
[  374.486202][ T9608] loop4: detected capacity change from 0 to 64
[  374.546211][ T9048] ocfs2: Unmounting device (7,5) on (node local)
[  375.986705][ T5789] Bluetooth: hci3: command 0x0406 tx timeout
[  379.030856][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  379.037271][ T1288] ieee802154 phy1 wpan1: encryption failed: -22