last executing test programs:

10m45.667566194s ago: executing program 32 (id=532):
socket$kcm(0x29, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000002240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
r2 = syz_io_uring_setup(0x88e, &(0x7f0000000140)={0x0, 0xaef2, 0x400, 0x2, 0xbfcffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xffffbffc, 0x0, 0x4)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000800)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1, {0x2}})
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

10m26.142784593s ago: executing program 33 (id=566):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
connect$tipc(r4, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8010002b)
write$dsp(0xffffffffffffffff, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
socket$nl_audit(0x10, 0x3, 0x9)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
getpeername$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
syz_clone3(&(0x7f0000000740)={0x40002800, &(0x7f0000000140), &(0x7f0000000180), 0x0, {0x20}, &(0x7f0000000580)=""/236, 0xec, &(0x7f0000000680)=""/117, 0x0}, 0x58)

10m19.632373977s ago: executing program 3 (id=600):
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000140)='./bus\x00', 0x10, &(0x7f0000001a80)=ANY=[@ANYBLOB="007301e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYRES16=0x0, @ANYRESDEC, @ANYBLOB="6ed156a242521086e79bd93ed1abea362aa84a26a8a489786ad848fb1db916b74b5e0c52fa5ee720866ceffd90aefa2bd3b9acbdae429b7a8d570776dd35988d0a9ca113be81d57b827d32f6a1f573a2bac4716032b15456f6a7f238d58ad57212371cc13c14cdacfdba9249f49bb72a1354943f8474a40e9b5dfb6d64bd3cffce47f322ba8d496f8291d4a925087ec372ea0d4252e95e03d5d8a4fc458e9e8782bdaf518d69c6baff377695d137d2b6ed4fe9f0068342a27ef210bb5642189c0f5ec091e0e7d4e8df9e75e51299e3510df804ea746b7ec5ba0c9e5e16d7e9c51615ae8cbf578c039f4ffed5f26e70a65ae37e40e3b40f4e17c686df10476379c6828fe71ca670e481c6a58e3f5ac460b1d138f3d191c663b595f54d7bd2d3238ecb446de9cd605ad6e86a24297bcafc113723d69231cd00bd9f799436037088eba060b5e6224016b860c3eeb00acce8686b9d0be6bcf05c7b97924958bc1f039db8d2a396c3327a4a951f87a0b24dc447842259f3e3092c1f3349f2b4ca815324e0dd72292c241d76abf07e8c198b7c14ef1df66644e420e260772c2e90e3f3fddfe0856d311f7b9d6dd0502d84b59a3348c3c05bc78581f70579a3498c3ef25546480a683c8c417a5c2e371d622f92f31d301c829faa0fa9cbcb18dbf13ad2de41e90fa3172be34976f9c222fd8a87315873781cf2bdbddbfbdd5ab73d869be2f0ab053abf6c0e9e271fad5b61735031611fb4dd45556a8cbe1eff88382c1eb7365418c83e6fc2dc7f1481c326109a8c700c02c2d07dd6e63a4f6fa5839ee64277441bd1ecc071e7f97f19ec4ee385fe749aa3991ed2749d0f0bd5ea978f3bb9be0ddf5df642d7f855d664f542f34aace8de7a47203b9d5392903d40b66a992354d61cb7da048f980f30d9a0aef6550dd19d8cb4c5a6b2747e21ceb425a79519b602db783cbf679d15571822a1329db76e3f1236c287162390a6a6db03f6c8d14f0affd52973823b8a4f6d3e00b65247ea86cd7e0d4b279f76c993f45a62fdd9e640eaaacb0f2da17e75f02059b5acbdeb833cf8011b00bbee723e50c1840d44e0aa01e1e3adbdf45290ae9289f374ebcce0b2897d61eb01afe375ef74fe82aef2f2009cb12d350802a431986c893a16bc21c883460429cf7bde2b59aceb27b03afccb5a4fd41d26e50f41de1629f8c9c1b727cfe13ad8386dd88f6050c7a9088d5cb6490a02533b429d4b2faef8400df2b2df712359f76deea25136c9668115f055c747a77a1285bdb6bab80bb37bd1462a694e85dbc22f12a466dd1037e1f56d8784aff5db5f13376cd2d8810d0f01b7c1e89768983bfe305fafd541a5cf558a12d5d5693cd2ab4317465829c83e4cf3a8fde3df5593b5857c0337c054db32255caffaa32ac2d38ff555ac7fd777edf7dda62e8fecf18d18aaa380034cb28b9d71f16d187db96e8c3ea0c2065bb75607a105c86664a5c26df6d93bd07c48ba34d649ee15bfdc472fe601d81e06f2a0df0e749f47c1d701d31a7f23d23f677b00cbc4e0af2a4ea0c83d0028e3331d7f23b319be180caf18033fc77e64b10ce875c6f2e63befd900571a34f1d4a1f90a274239fc9f748e12594226835ccdb077610a7a1de0e53677816f66784764f2f222f31898c57e614cd42c5c3d57f2f6f31561fb550ef7c2bbae2b90b5c0963556901120a28269796e1f0c576a67bcc7ce0f961edfd9409091d59454f2c88b51b8340559f6110790643c8058fdc2c2eb92231060d7e86eeda2e65f1db12e1561acd0b21174a1559f40f45da97b5315f12df0d256e2eef68a07e431cd45b2a10421cab0a8b3f42ea14914321aa3b9ce2d076007772f3be9a02f11db34daf223c433400154573a3c5e5310c2db5b3a1ce0d9e0cab93fae74625577c43ad8d87ffc53ff3cc4c6fcafe53d12068ec1adf078fd292595fc6bd50102a8b2d25172d89cd8c9284f6f4826f088e3cd0aa9ef5650ebfc27dfeb2ad57d90b68ada930c96e36c982a8ec1220ab4b255acc813646e142defed4d676ce3a4465c160b72674fbcb7aa3c30dc90e72f2f943e8ce17d699ec3b3475b2ba4d5a4bc0c6a3c0663a8cab980ee074239d1ad7f3426ca1e584aa1420efc4d0170248c4d1bf63964b03e9332bc8d5ee6b3aa9d00464d3c2ee9100bcf33546206500069d7adc7362b896217a8efd86abf7b2af5ba6694060feb82f78e33a08611f0c6dae4615b8b436cf71b21b05eeb5684ce9f25ab1513f52ecd55e98ff0fbf882fc10ee48666e5a32b209d7b687f9482ca0017b001b443e258a0a99c5f0a9dd44b61e727bb2c9941d6447809f2fedfc6110976ef882eda3cdbb93d0ae1217642e256d1f6ee4a529b0e1f72ffa70c726ac02d751ab36adadd27411e4385d0b3deb70aa7cf056d5ac4781ed38e108ac65731cfba88623956f247438327e9d226ccc6ae7864ac92f60827674c606ed43fba032e8fefe32ed99d3131f2bc4fa0ce82770492fee9a9e11824b3cc4352694127fd270617a78349056a731a893b8e36ddd75664c2bd702fcc41e669be054f6e470c96f88e405329de85030263e0eb844ff0cbbca4ebb87cf9b3d3b2b938c969818802b1665ba584e05578a3f321035d3c472718584c9c7410b907a269ca1659d4e213c054cf2e1c17023e0f9aa0d6ae83eb6a7e6adce60f7df29abd5496da39e0be5ff33a5965683634b6ca788165e29e5013fa94a2d5ddfc691eed3d2036a51a18d787ee24940e04590bad7fab3b0759a0e574e15e60f862ccec81120fd2408edd1adbc837e18829dbf7e175d7605173a741fa45a59750748c14c015ace0c6b93bcf2ca5454721fb7d26170ede5d86dd01dc39f89d8c5fa2fb780b85652bb2ef3dc229edbb7ad028097792cb1838e01f62419cc7785ea9ce0125edce4c49574540ca4fb8ab8b97f6562e11ae23c809ab915857bf2200b9546b20ab0144650f216ad8beff019d9e0193c7f4927e08d07bca5ce470c9e1e098d988a46cc90f6e87e6272b7d2c0f7b0511760ad7bfea8b59db7f8eacc821d6a2487cccfd214cce61234700e7ab3dd4c7ad7b8df76cf7f9465e5ca618e30d9c27b7f6c1c05736ce3f88426ebbe5d238bad1c7b7ec4cefbec4db17bc1e450a473924e68715ef3fcdd169c8a58695924341137688d01cadb68be0b43296f4d1335e7e43f1d474b726628d2e3172747fc42c2db92fb1471323b9001dc61aff97e2301ae025ce1b50b846fa76e6fd53785986f419bb915628fa79f9d5912f4b163f4836dcf5a355ee8021ef1cca0f00df50f101844dd79073161de3c93eec5ba183bf5da28e707263720cda11383aedfbadea965deceab212e78625fdc7a8a8f2b5b2b5600b56fbcf30dda2c0749bf412f74b0be401effaffed45ee5af9e8fd5bdbcceb8b2410271e2187f0d3fdceffe2005bb54ad0ade8a58ccf2cdfebfc902837889b5024b6b0d68981491fb2f1be67fde1a05be9e2d3b4731556909abb5859f2e1c2743171f2a6b490d8ab6c8b3c61215977247127ec9db3a93bd823727ca51045dbd0db1faa569e64dbe3ee8bfc5d17681538cc733a6745868687c2e458427c2d4b0af64fe7ec2d4c8097fbeabf0dac3b3bc86fd0f922ba693c7f58455e4bdb2663752bcb7396a7d784d5add900d3300b402852dd03a7523763d9627f965143dd05c1a9fab8672c41dd107e74338dad00e574a16cde093073d91409d5c74dae9952a1d34216750215484feb8313891abf2a482b238febde932f4f97eceaadd0f870f9b25e2942353e002e039564854231fb0d2957d820c9c2e058931fdfb9466b8c505c2502f7c6f7a7ebdefd8a2e29db509fe2a2cf915243de3d908ce3aef0c76a44c8a2f2424c593c721dc6cad36f0457cd5be16c7df09010674834ad130369d634219274bafee6f04cbfdeb0416cbdb169c83817a39cfcc171fcc1998874cf5ed70923aa0896cdc8e543a8b680fd4df502f7332fa6b0f8644ca640e50636c121c2ee5f00b6f41421d205fdd7a19cee9cec4538792a22888bb77c92aa3431be4f320cd7843a19ef55a54bd6ff5a8d71862572e10ddc103c6fa33b6e1c25bdb7e11b32cccd86503afac0016d4e20c492a31e33397b00ef0bfae96f369942d1519c2ffb8102100dbdbfe94e98cc4baed27ccec142c14f6028f74f1a5f46f844afd4798dabbb4a2d93d41893711b7d93dcc9694b0e47fa7dfce56f8487e03fe0df3b6be6ee62007f050442c9849fdaf9fcbb7c24b3a2df883aa4366b0b2296905a8f8bdd72ff8e05f1640e364826bd7eb8b4a6e20a48018a2bc6dc395ff6e7d9f81de610791e9124e60c8473bb39877a152b38c9dce82d1dfd6e63a09c02a972cfc22684e9d9d4479993c0c7d2a2166fadf592fadaecc4603ffc55447292f7e778cf780bff9f179efe6c7a4368ffb1ac46e71bb5473ec9b09067289994196b87c88c7c656add2b28a0c46b8dfa6bb850f98040ec3bff77ef8cba53055fb929473807dee9b6d012d873d1a8b27009c94e1189eefcff38644771871268d4ea1018a4a416b979b9fd914d3965c35dece3f93a2485e65ba4fbce06b7edfe5aceca16f67eacab51834a1fc63cc0f298010aef1b27669f76ca30939e449c3fa43270d36af66dca5e05e80d9858b7cbcf9064c88b57b8e3a5a3b940e649f71e15f16d28fb1900dbe4f21ef9220795c9b38e10b33a980088e01a70d503139d11576a3a5ee459e3ebbc1f24765a6f7c3a6b6f71bdda8d1e07e167da646800ec0574f5a58035d217356f85dbab507cac33f4c3ffa5a8d287a023932c046070694bdcf16480fb1de03f6f4fc5978985bac1402516b97cdb73bf95119e238cfd6aac72f0928982bc6eaffcf2e38c116eb040ecf14617e4145d1752d0f29b642b4e4b5cb43b879d4386b671394253ad16d2e9583f6781aeda2707b755da39f0e064c3df739a9bea456742a3e1f536b8d6b95b3c8b935cba14b1d6166272461aafabf78bead26c7b4b12e7a186d7ee438783350bffd1434029b7b09b9d660104d7731702b7d5149d04e5549effd15d250edd7839839539e254541f23ef700bde919c1db9f36efffe967eeeeae08975e945dd21a13254370a507ea79e9ba76f2a80da875cf1ffcc4d566a90f76f7dcbd86637242c22646e34ecb4118d611ff7723ca60c2adcadf7c38ef300cec4b80210e4e41475647b89ac33e7cd178c5db305fd2646d3f997d67ba3506d99796927b75db54d4e8950407f25a7498cc163137866a332d3e4e8bed75c204ca67a7ff107de7eb73b1e60726eb8f8ddf54af9e2bac5b07702c3c7301e2b4f91e4e27e7afe5c6e5f3f97d4842c3b3193322bd181e10bec190455d2cb64990e68b6393ae627c3522c015538e3e66a38121005de497565e0681f1c0875f766d3216a992ea33a6aaad0f3e6b10f3912fb41099abde81512fd3836f39a9ba88f0fa5a26e0f4648af84342eb4d28a275535e5b91b8427ba858581641205bf2d782accbd76a94fc7e25c9a17c1ba8b23f64a1034b0b06415cf844d15994b5f7745b8a913ac6a320f17f6698a4b9fd88fc417e31b3fa9bb15be064b7eafb35fe3902fa3ec4bf2b822822791a645a7726399ab41d563edc12893632a32f4198612865b16df687cb380249aa7f6d39a91915f0c43efd27ed071612a4bb8afaf5b905ee8581dcae273787596f09c297d341b81dad4b37305fb686908d15fd21157408adb3e9625a7e2e0a15cd91a5a7dc6efb1a05149a8d4af11760ebee03cdcd6377d20b95b62698b60485f38a786adb7501e7e9"], 0x3, 0x1f9, &(0x7f00000001c0)="$eJzskr1rFEEYxp/ZndvsBWMOiYIiiBo0TXJ7Gzk/CgUbD7UQiRADgsdmcy5u/Mge6B0pVhBEbASDkCAWgiSIhfgPuIVVOoVgFwKpU6QQQRJXZvbdc47rrebXPDPvvPN+zdyJHkZ9AHa35z2gBAHHEL4xBg7gCJMmTJuZ2qRXSS06v2RkmpD+Jt093Z6cAlhwbL1qJHFmxM/VDXgYvIWzb698/H69sLC2b+v9F3Fy+UbrM9jJ6cF3bz69vLg4IMOzm1NqHDM5vGQfZbLYVzuT6xv8IIbyWMHC2n77z4HVp8sfqs9FB69nwJwlG8DY19HF887AC4NiRq323XoY+nPRhScGtmSqH9vznljcBpCmaSp7B1ADoPqI9lcUn0McmABgIu34cPyj3Jx9UI5a7dFgtt7wG/491x2vOqdoivCd8kwQ+g5TUtAEYQC/RBbxTEXlvABgB7gm9v3oRjil/VlpdM7Uu5bydCPHu+8aSlu5MiSdu33kJ2qfwAmI0T6KmWIdllE4ZEs1FGHSpsKV+rJcDQChP+bdt8kkPK2isgn9yiYKnYCuuhk/k38pPCMdJq2RLpNukuY/Ov+pXEYw6CVGYsDC43qzOVexgJU9dItsrhhctirF6sBE1pLZ3dw5Ez3s7TVpNBqNRqPRaDQazX/hbwAAAP//FKeYyA==")
syz_io_uring_setup(0x10b, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
lsetxattr$security_ima(&(0x7f0000000280)='./bus\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0)

10m15.512611215s ago: executing program 3 (id=607):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000083c0)={0x2020, 0x0, <r1=>0x0}, 0x49e8648f)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getdents64(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000080)={0x2a, 0x6, 0x0, {0x1, 0x200000000004, 0x1, 0x2, '\x00', 0x8}}, 0x2a)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)={0xb0, 0x0, 0x0, [{{0x200000000004, 0x0, 0x0, 0x2, 0x0, 0x0, {0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffe, 0x3, 0x0, 0x0, 0x2, 0x4000, 0x3000, 0x0, 0x0, 0x2000}}, {0x0, 0x0, 0x1, 0x0, '\x00'}}]}, 0x0, 0x0, 0x0})

10m13.887275388s ago: executing program 3 (id=608):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000002c0)="5c5eafd3ae55a73702d6befaee97f47f4be65587e1fca708cee084691e4587d887a5eaab43ac5edc4886496910cd7a153cd84b93208c7b1a625b3ea990092389b19dab4f61e30ee60a4d7e51ffc9a5accb", 0x51}, {&(0x7f0000000800)="104b0b7073fbd7f77a846bdbfdf6da474f700bf113b18d16d8380f42e296b49f1326c7d0d97be798e205654b8a885df6ee57ec7b690491c55ca484b54170549c7a72b8a579005ffcb0b309dae34571b17126534a763ca881f12d750072abc05a7cb8f0e32fc3ec3ed1", 0x69}, {&(0x7f0000000340)="195ca1e84c12829160283de4f634ba203fee4d872e86c3dd408dbae7edffb39f301f8a933a640bd2581f26fde59de5869a945b960d6d87a4706b64ec96592d5ea5e105bd583c18cd854dc50ce949f490816d2288b71f1384d3db8dd0", 0x5c}], 0x3}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000940)="4e6601e65215c622791c4bf404e49bea79da86bb1c1559ac36ae1afe229c64b2235b2a0e813739994b44a6c2865c2e6b70bd4aa7fd7a455fd55fda00eb32904d8bbdbb1dc864207ae1e3164281a58b148f903ab119a349b824a9fec5a1b3bb05558e6da76a28c95cb4381fd89b48ad02a7ac43e7cf91526d07c76752d441d17d827651f7153c5a20015facd0ed645ead3b21c43554e31110a67751702345bb998101f0", 0xa3}, {&(0x7f0000000b40)="5604b1f93280601007f1bfc8446f785300fcfc78c557b8e530dc9f84187a0dd96c1488a0a665ec777782588791c4fd3b0443cd5bde128419bfe468ef760112d01b4046540dc8a0e9087bde26b530a321fd36ffcbeddbc482d96b9f47e1", 0x5d}, {&(0x7f0000000e40)="d61f2c7a6ddbff16a09972b62284a63c170b9a6ec5cd29dfa047b76a9a0eeb4055c9dd2244e47c59e557c459c397cd02eb261fc7d521b1f2e95c3ce17726db0d3236a6d3b52d3f066554d84292329c8a6f034ff8d85d61dcf7ae508c5925903fb1feb7d07fe481313ad476131cf19514d6c77835e9cf82df2f153d9b82985da3e260fc6942d18345ac61b2958886a77e2a2726097d1888a25bee0fdec661520a057f8559f17e462bdf938f7f2303447bfaa744d3891372a825c63e83ff21650af922eaacab49bf078a3971194bf73af173a742171cec071d31eebd6526d7a8ddd052d30beb962aeca814ad530c1413e502b92f3e51eaf75ec5b595b19e4945a1a821a8c47f804465f9e04d0ec9aff13036fe4f3a56b324e9ea795cc89d0f30433f3fa8aa7cc4dd93197840d644c6e48329c266316227ea917708cde40163a6b092d3c722a71e9f21255315cb87a74916", 0x150}], 0x3}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000640)="97ee3b3f46983bb5afd79fe0b01666b2e1daf0709becb91257e88f024ddf07e66c8c7e6258b63b2b9a7cfe015be3d6f9805eea42c6ca6c3cee479f419d63066c0913def93694cf34e6cd93de6cfc6485ecb798231941cd45eba3ba6c232631d78832a9f7fb1b51c81ff248af73dd239f0dd900a024a118b51d0bb4049198388f722aeba7e1f972ef22746c7f62090334575b91bdde999b63e4d36fc9414a4e29ae87f6486d32e9b5046aa05fc23afb5a8a2e6f79346107249edc7d8fe6841b11b2a89d6b25a5db85151ac9048918db", 0xcf}, {&(0x7f0000000200)="066bb3d3b0b8b5d4577115b4ad68b3b7447796b717", 0x15}], 0x2}}], 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

10m12.432217165s ago: executing program 3 (id=611):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xcf, &(0x7f0000000100)=0xfc, 0x4)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x400009, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x6, 0xffffffffffffffff, 0xc595, 0xfffffffffffffffc, 0x80000000000001, 0x6, 0xffffffffffffffff, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10m10.849981676s ago: executing program 3 (id=615):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$unix(r0, &(0x7f00000029c0)=[{{&(0x7f0000000600)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x24}}], 0x20, 0x24000010}}], 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'wg1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r3], 0x20}}, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
sendmsg$nl_route(r4, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0)

10m0.557928986s ago: executing program 3 (id=624):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000001c0), 0x2, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

9m51.991115677s ago: executing program 1 (id=633):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[], 0x2, 0x5505, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x3000)
fallocate(r1, 0x0, 0x0, 0x1000f4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r3, r3, r3}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0xa0440, 0x0)
ioctl$TCSBRK(r4, 0x5409, 0x9)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

9m46.800440994s ago: executing program 1 (id=634):
socket$key(0xf, 0x3, 0x2)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, r0)
socket$alg(0x26, 0x5, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
fremovexattr(0xffffffffffffffff, &(0x7f0000000380)=@known='system.posix_acl_access\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r4)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x40, r6, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x40}, 0x4, 0x700000002000000}, 0x0)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x50, r3, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}]}, 0x50}}, 0x0)

9m45.789608635s ago: executing program 1 (id=636):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x10000009, 0xffffffff, 0x0, 0x0, 0x2, 0x7fffffff, 0x203, 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x8, 0x0, 0x0, 0x3, 0xa5, 0xbd, 0xf9, 0xa9, 0x4, 0x0, 0x0, 0x40000000}, {0x8, 0x5, 0xfc, 0x3, 0x41, 0x0, 0x0, 0x2, 0x6, 0xff, 0x0, 0x2, 0x6}, {0x1003fe, 0x9, 0x0, 0xfd, 0x20, 0x5, 0xb3, 0x0, 0x3, 0xfe, 0x80, 0xf6, 0xb82e}], 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x6)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

9m45.246130691s ago: executing program 1 (id=638):
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x3e, 0x2f0, &(0x7f0000000280)="$eJzs3E1rE1sYwPEnaZKm6W2SxeVe7gXpQTe6Gdq4F4O0IAYstRFfQJy2Ew0Zk5IZKhGxunIrfggXpcvuCtov0I07V27cdSO4sAtxJPOSpGlq35LGtv8flHPSc57knDlteM7AnM07b56UCpZW0G0Jx5WERES2RNISlkDIL8NuPSatXsql4W+fzt26e+9GNpebmFZqMjtzOaOUSo6+f/p8yO+2Nigb6QebXzNfNv7Z+G/z58zjoqWKlipXbKWr2cpnW581DTVftEqaUlOmoVuGKpYto+q1V7z2gllZWKgpvTw/klioGpal9HJNlYyasivKrtaU/kgvlpWmaWokIdhLfnl6Ws8eMniuy4NBj1SrWX1ARIZ2tOSX+zIgAADQV37+38j2w/WU/jD5f6Rj/r9yft0evr2a9PP/tVg9/xdpyf8fNt9rW/4fF5Ge5/87M6KTbbDtteP8vv+R8n+cEPX8P+H//7pe3V8Zcyvk/wAAAAAAAAAAAAAAAAAAAAAAnARbjpNyHCcVlMHPoIjE3SdIvNf9Hid6g/U/25oHd0SSIubrxfxi3iv9DusiYoohY5KSH+7fg69ej4lyO6m6tHwwl/z4pcX8gNuSLUjRjR+XlKTb4x1n8npuYlx5tsdHJdEan5GU/N05PtMeH62XMbl4oSVek5R8nJOKmDLvPxkXxL8YV+razVzb5w+5/QAAAAAAOA001dDYv7eeIqNpO9u9/bHX3thfd7w/4O2vxzru7yPyf6RfswYAAAAA4Gyxas9Kumka1VNXCWa436jgXONd+oQktFtTFyrBhx8gKtmjFYzu64qFDzLURmU0dsBF6VgJbhsZVcv+q0MfmTrMOzspkaNew3/fvvvevbW4shpvzrSrqxzba6bR4/n2AQAAAHCcmkl/8Jur/R0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABn0HEcxdfvOQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/il8BAAD//6b8BMI=")
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, 0x11, r0, 0x40e5f000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000000000000000000000008500000018000000850000005000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000080)=ANY=[])
lremovexattr(&(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x90, 0x40100000, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
socket(0x9, 0x6, 0x7de8)
fallocate(r1, 0x0, 0x10000, 0x20000)

9m44.993831378s ago: executing program 34 (id=624):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000001c0), 0x2, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

9m43.438631249s ago: executing program 1 (id=642):
syz_mount_image$exfat(&(0x7f0000000540), &(0x7f0000000040)='./file0\x00', 0x10, &(0x7f0000001d00)=ANY=[@ANYBLOB='utf8,utf8,iocharset=cp862,iocharset=cp864,discard,errors=remount-ro,fmask=00000000000000000007777,gid=', @ANYRES32, @ANYBLOB="2c757466382c616c6c6f775f7574696d653d303030303030303030303030303030303031000000000000000574696d653d30303030303030303030303030303030303030333737372c0002e5cc2c36e98b5de42988f4a143d240db32594e71dba90fd38f0cf248ae07ef49fa1c941445f8a8cc911a5be243403851c45f8b095d80488b8075db2dada63dd1f5a3d022cb29129f130cf745a03fe7a06c07516ca5f637a97ca99df53552b80ccee3d7b6b0499195b161d81d5314e4deeb2e3f1b26afd71c4a65ee9db8a4df28fe526af52c2f4ce24cd7a28c"], 0x1, 0x1526, &(0x7f0000000780)="$eJzs3Au4TdXXMPAx5pyLQ9JOcjmsMcdip4NJkuSSkEuSJEmSW0KSJElIbrklIQm5J7knndw6Tjru9/s16eSVJElISDK/53T5e3v7+vzf99/3eb/3jN/zrLPnOGuPsefc46y9117POeebLsNrNKpZtQEzw79C/XbbGwASAGAQAFwDAAEAlMlVJhcgQDaNvf+lBxF/swdnXekZiCtJ+p+5Sf8zN+l/5ib9z9yk/5mb9D9zk/5nbtJ/ITKzrbPzXytb5t2+6TK8xrJ/6vq//T/vxl9v5Pr/fyfZLrNf3v//x/qnjjTpf+Ym/c/cpP+Zm/Q/c5P+Z27S/8xN+p+5Sf+FyMyu9PXn/w+235+qKz2Py2zBfynvyv70CSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTILM75SwwA/D6+0vMSQgghhBBCCCHE38dnvdIzEEIIIYQQQgghxP99CGA0GAggC2SFBMgG2eEqyAFXQ064BmJwLeSC6yA3XA95IC/kg/yQCAWgIIRAYIEhgkJQGOLgPcCNkARFoRgUBwcloCTcBKXgZigNt0AZSE4BuA3KQXmoABXhdqgEd0BlqAJV4U6oBtWhBtSEu6AW3A214R6oA/dCXbgP6sH9UB8egAbwIDSEh6ARPAyN4RFoAk2hGTSHFv+l/BegB7wIPaEX9IY+0Bdegn7QHwbAQBgEL8NgeAWGwKswFIbBcHgNRsDrMBLegFEwGsbAmzAWxsF4mAATYRJMhrdgCrwNU+EdmAbTYQbMhFkwG+bAuzAX3oN58D4kI8B8WAALYREshg8hBZZAKnwES+FjSINlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbATtgFu2FPlb3wCeyDT2E/fAbp8Pl/Mv8s/DG/KwICKlRo0GAWzIIJmIDZMTvmwByYE3NiDGOYC3NhbsyNeTAP5sN8mIiJWBALIiEhI2MhLIRxjGMRLIJJmITFsBg6dFgSS2IpvBlLY2ksg2WwLJbFclgey2NFrIiVsBJWxspY9bYFAFgNa2ANvAvvwruxNtbGOlgH62JdrIf1sD7WxwbYABtiQ2yEjbAxNsYm2ASbYTNsgS2wJbbEVtgK22AbbIttsR22w/bYHjtgB+yIHbETdsLO2Bm7YBfsit2wG76AL+CL+CL2wmqqD/bFvtgP++EAHIgD8WUcjK/gK/gqDsVhOBxfw9fwdRyJZ3AUjsYxOAYrqXE4Hicgq0k4GSfjFJyCU3EqTsPpOB1n4iycjXNwDs7F9zDjCEvGD/ADXIALcBEuxsWYgkswFVNxKZ7FNFyGy3EFrsRVuBLX4Fpcg+txA67HTbgJt+AW3IbbcAfuwF24C/fgHvwEP8FP8VMciumYjgfwAB7Eg3gID+FhPIxH8Mi2qwDwGB7D43gcT+BJPIUn8TSexjN4Fs/hOTyP5/ECPpf4VcM9RdcNBZXBKKOyqCwqQSWo7Cq7yqFyqJwqp4qpmMqlcqncKrfKo/KofCqfSlSJqqAqqEiRYhWpQqqQiqu4KqKKqCSVpIqpYsopp0qqkqqUKqVKq9KqjLpVlVW3qXKqvGrtKqqKqpJq4yqrKqqqqqqqqeqqhqqpaqpaqpaqrWqrOqqOqqvqqnrqflVf9cEB+KDK6EwjNQwbq+HYRDVVzVRz9To+qlqqkdhKtVZt1ONqNI7Cdqqla6+eUh3UeOyonkn4/YWui3pedVXdVHf1guqhWrmeqpeahn1UXzUT+6n+aoAaqOZidfU+JmMN9aoaqoap4eo1tQhfVyPVG2qUGq3GqDfVWDVOjVcT1EQ1SU1Wb6kp6m01Vb2jpqnpaoaaqWap2WqOelfNVe+peep9law+UPPVArVQLVKL1YcqRS1RqeojtVR9rNLUMrVcrVAr1Sq1Wq1Ra9U6tV5tUBvVJrVZbVFb1Ta1Xe1QO9UutVvtUXvVJ2qf+lTtV5+pdPW5ynj9Pqi+UIfUl+qw+kodUV+ro+obdUx9q46rXuqEOqlOqe/VafWDOqPO9jmnflTn1U/qgvpZXVRegUattNZGBzqLzqoTdDadXV+lc+irdU59jY7pa3UufZ3Ora/XeXRenU/n14m6gC6oQ03aataRLqQL67i+QRfRN+okXVQX08W10yV0SX2TLqVv1qX1LbqMvlWX1bfpcrq8rqAr6tt1JX2Hrqyr6Kr6Tl1NV9c1dE19l66l79a19T26jr5X19X36Xr6fl1fP6Ab6Ad1Q/2QbqQf1o31I7qJbqqb6ea6hX5Ut9SP6Va6tW6jH9dt9RO6nX5St9dP6Q76ad1RP6M76Wd1Z/2c7qKf1111N91d/6wvaq976l66t+6j++qXdD/dXw/QA/Ug/bIerF/RQ/Sreqgepofr1/QI/boeqd/Qo/RoPUa/qcfqcXq8nqAn6kl6sn5LT9Fv66n6HT1NT9czdFaYpWfrAb9VmvdP5L/9h/yZOiN/yC+PvkVv1dv0dr1D79S79G69R+/Ve/U+vU/v1/t1uk7XB/QBfVAf1If0IX1YH9ZH9BF9VB/Vx/QxfVwf1yf0Sf2j/l6f1j/oM/qsPqt/1Of1eX3ht+cADBpltDEmMFlMVpNgspns5iqTw1xtcpprTMxca3KZ60xuc73JY/KafCa/STQFTEETGjLWsIlMIVPYxM0Npoi50SSZoqaYKW6cKWFKmptMzCD8K/l/Mb8VM349pk0L08K0NC1NK9PKtDFtTFvT1rQz7Ux70950MB1MR9PRdDKdTGfT2XQxXUxX09V0N91ND9PD9EQwvU1v09e8ZPqZ/maAGWgGmZdNRuEhZogZaoaa4Wa4GWFGmJFmpBllRpmMnWPNWDPejDcTzUQz2Uw2U8wUM9VMNdPMNDPDzDCzzCwzx8wxc81cM8/MM8km2cw3881Cs9AsNotNikkxqSbVLDVLTZpZZpaZFWaFWWVWmTVmjVln1pkNZoPZZDaZNLPVbDXbzXaz0+w0u81us9fsNfvMPrPf7DfpJt0cMAfMQXPQHDKHzGFz2BwxR8xRc9QcM8fMcXPcnDAnzClzypw2p80Zc8acM+fMeXPeXDAXzEVzMeO0L1CBCkxggixBliAhSAiyB9mDHEGOIGeQM4gFsSBXkCvIHVwf5AnyBvmC/EFiUCAoGIQBBTbgIAoKBYWDeHBDUCS4MUgKigbFguKBC0oEJYObglLBzUHp4JagTHBrUDa4LSgXlA8qBBWD24NKwR1B5aBKUDW4M6gWVA9qBDWDu4Jawd1B7eCeoE5wb1A3uC+oF9wf1A8eCBoEDwYNg4eCRsHDQePgkaBJ0DRoFjQPWvyt9b0/k/cx1zPsFWaFPmHf8KWwX9g/HBAODAeFL4eDw1fCIeGr4dBwWDg8fC0cEb4ejgzfCEeFo8Mx4Zvh2HBcOD6cEE4MJ4WTw7fCKeHb4dTwnXBaOD2cEc4MZ4Wzwznhu+Hc8L1wXvh+mBx+EM4PF4QLw0Xh4vDDMCVcEqaGH4VLw4/DtHBZuDxcEa4MV4WrwzXh2nBduD7cEG4MN4Wbwy3h1nBbuD3cEe4Md4W7wz3h3vCTcF/4abg//CxMDz8PD4S/v+19GR4OvwqPhF+HR8NvwmPht+Hx8LvwRHgyPBV+H54OfwjPhGfDc+GP4fnwp/BC+HN4MfQZJ/cZb+9kyFAWykIJlEDZKTvloByUk3JSjGKUi3JRbspNeSgP5aN8lEiJVJAKUgYmpkJUiOIUpyJUhJIoiYpRMXLkqCSVpFJUikpTaSpDZagslaVyVI4qUAW6nW6nO+gOqkJV6E66k6pTdapJNakW1aLaVJvqUB2qS3WpHtWj+lSfGlADakgNqRE1osbUmJpQE2pGzagFtaCW1JJaUStqQ22oLbWldtSO2lN76kAdqCN1pE7UiTpTZ+pCXagrdaXu1J16UA/qST2pN/WmvtSX+lE/GkADaBANosE0mIbQEBpKQ2k4DacRNIJG0kgaRaNpDL1JY2kcjacJNJEm0WSaTFNoCk2lqTSNptEMmkGzaBbNoTk0l+bSPJpHyZRM82k+LaSFtJgWUwqlUCql0lJaSmmURstpOa2klbSaVtNaWkvraT1tpI20mTbTVtpK22k77aSdtJt2017aS/toH+2n/ZRO6XSADtBBOkiH6BAdpsN0hI7QUTpKx+gYHafjdIJO0Ck6RafpNJ2hM3SOztF5+oku0M90kTwl2Gw2u73K5rBX25z2Gvsf43w2v020BWxBG9o8Nu8fYrLWJtmitpgtbp0tYUvam/4Ul7PlbQVb0d5uK9k7bOXfYoDf41prd/76i+j2XlvT3mVr2bttbXuPrWPvtXXtfbaefdjWt4/YBrapbWib20b2YdvYPmKb2Ka2mW1u29onbDv7pG1vn7Id7NN/ilPsErvWrrPr7Qa7z35qz9kf7VH7jT1vf7I9bS87yL5sB9tX7BD7qh1qh/0pHmPftGPtODveTrAT7aQ/xTPsTDvLzrZz7Lt2rn3vT/Fi+6FNtql2vl1gF9pFv8QZc0q1H9ml9mObZpfZ5XaFXWlX2dV2zT/musJuspvtFrvXfmK32x12p91ld9s9v8QZ69hvP7Pp9nN7xH5tD9ov7CF7zB62X/0SZ6zvmP3WHrff2RP2pD1lv7en7Q/2jD37y/oz1v69/dletN4CIyvWbDjgLJyVEzgbZ+erOAdfzTn5Go7xtZyLr+PcfD3n4bycj/NzIhfgghwysWXmiAtxYY7zDVyEb+QkLsrFuDg7LsEl+SYuxTdzac44e72Vy/JtXI7LcwWuyLdzJb6DK3MVrsp3cjWuzjW4Jt/Ftfhurs33cB2+l+vyfVyP7+f6/AA34Ae5IT/EjfhhbsyPcBNuys24ObfgR7klP8atuDW34ce5LT/B7fhJbs9PcQd+mjvyM9yJn+XO/Bx34ee5K3fj7vwC9+AXuSf34t7ch/vyS9yP+/MAHsiD+GUezK/wEH6Vh/IwHs6v8Qh+nUfyGzyKR/MYfpPH8jgezxN4Ik/iyfwWT+G3eSq/w9N4Os/gmTyLZ/Mcfpfn8ns8j9/nZP6A5/MCXsiLeDF/yCm8hFP5I17KH3MaL+PlvIJX8ipezWt4La/j9byBN/Im3sxbeCtv4+28g5F38W7ew3v5E97Hn/J+/ozT+XM+wP/GB/kLPsRf8mH+io/w13yUv+Fj/C0f5+/4BJ/kU/w9n+Yf+Ayf5XP8I5/nn/gC/8wX2TNEGKlIRyYKoixR1ighyhZlj66KckRXRzmja6JYdG2UK7ouyh1dH+WJ8kb5ovxRYlQgKhiFEUU24iiKCkWFo3h0Q1QkujFKiopGxaLikYtKRCWjm6JS0c1R6eiWqEx0a1Q2ui0qF5WPHr63YnR7VCm6I6ocVYmqRndG1aLqUY2oZnRXVCu6O6od3RPVie6NSkf3RfWi+6P60QNRA3gwahg9FDWKHo4aR49ETaKmUbOoedQiejRqGT0WtYpaR22ix6O20RNRu+jJqH30VNQhevqy+3tHfaK+0UvRS5H39+iF8UXxxfEP4ynxJfHU+EfxpfGP42nxZfHl8RXxlfFV8dXxNfG18XXx9fEN8Y3xTfHN8S1x72tmBYdOOe2MC1wWl9UluGwuu7vK5XBXu5zuGhdz17pc7jqX213v8ri8Lp/L7xJdAVfQhY6cdewiV8gVdnF3gyvibnRJrqgr5oo750q4kq65a+FauJbuMdfKtXZt3OPucfeEe8I96Z50T7kO7mnX0T3jOrlnXWf3nHvOPe+6um6uu3vB9XAvup6ul+vteru+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6im+wmuyluipvqprppbpqb4Wa4WW6Wm+PmuLlurpvn5rnkpGQ33813C91Ct9gtdikuxaW6VLfULXVpLs0td8vdSrfSrXar3Vq31q13691Gt9FtdpvdVrfVbXfb3U630+12u91et9ftc/vcfrffpbt0d8AdOOfdQXfIfekOu6/cEfe1O+q+ccfct+64+86dcCfdKfe9O+1+cGfcWXfO/ejOu5/cBfezu+i8mxx7KzYl9nZsauyd2LTY9NiM2MzYrNjs2JzYu7G5sfdi82Lvx5JjH8TmxxbEFsYWxRbHPoylxJbEUmMfxZbGPo6lxZbFlsdWxFbGVsW8L7A98oV8YR/3N/gi/kaf5Iv6Yr64d76EL+lv8qX8zb60v8WX8bf6sv42X86X9xX8I76Jb+qb+ea+hX/Ut/SP+Va+tW/jH/dt/RO+nX/St/dP+Q7+ad/RP+M7+Wd9Z/+c7+Kf9119N9/dv+B7+Bd9T699b9/H9/Uv+X6+vx/gB/pB/mU/2L/ih/hX/VA/zA/3r/kR/nU/0r/hR/nRfox/04/14/x4P8FP9JP8ZP+Wn+Lf9lP9O36an+5n+Jl+lp/t5/h3/Vz/np/n3/fJ/gM/3y/wC/0iv9h/6FP8Ep/qP/JL/cc+zS/zy/0KDwmr/Gq/xq/16/x6v8Fv9Jv8Zr/Fb/Xb/Ha/w+/0u/xuv8fv9Z/4ff5Tv99/5tP95/6A/zd/0H/hD/kv/WH/lT/iv/ZH/Tf+mP/WH/ff+RP+pD/lv/en/Q/+jD/rz/kf/Xn/k7/gf/YX5W/WhBBCCCH+Kfoy+/v8IVL/+Kp++05fALh6R/7D/7Hmxjy/jvurxLYxAHiqV5cHf9+qVevdu/dv903TEBReAACxS/lZ4FK8DNrAE9AeWkOp/+38+qtu5/ky9eO3AmT/dzkJcCm+VP/mv6g/Lvmy9RcAJBW+lJMNLsWX6pf+U+3gl/p5W16mfrYvJgO0+nd5OeBSfKl+SXgMnob2f7inEEIIIYQQQgjxq/6qQqfLfb7N+HyeaC7lZIVL8eU+nwshhBBCCCGEEOLKe7Zb9ycfbd++dae/GFT5610yyCyDLP89pnElBpc9QP4zA4ArvZx/DBDgl0t8f32fK/3KJIQQQgghhPi7XTrpv9IzEUIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghMq//F/9y7EqvUQghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhLjS/lcAAAD//98IJ/w=")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, 0x0}, 0x0)

9m43.39911313s ago: executing program 5 (id=643):
r0 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x6, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000ffffffff000000000e00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014002200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xe, 0x0, &(0x7f0000000440)="66d4492a0a1b30e699005a6d88a8", 0x0, 0x1498, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x9}, 0x50)

9m42.671158175s ago: executing program 5 (id=644):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x1}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0}, 0x10)

9m42.16674963s ago: executing program 1 (id=646):
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r5)
mknodat(0xffffffffffffff9c, &(0x7f0000018300)='./file1\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000d80)={0x1, &(0x7f0000000000)=[{0x6, 0x2, 0x38, 0x7fff0000}]})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}})

9m41.919024643s ago: executing program 5 (id=647):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x10000009, 0xffffffff, 0x0, 0x0, 0x2, 0x7fffffff, 0x203, 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x8, 0x0, 0x0, 0x3, 0xa5, 0xbd, 0xf9, 0xa9, 0x4, 0x0, 0x0, 0x40000000}, {0x8, 0x5, 0xfc, 0x3, 0x41, 0x0, 0x0, 0x2, 0x6, 0xff, 0x0, 0x2, 0x6}, {0x1003fe, 0x9, 0x0, 0xfd, 0x20, 0x5, 0xb3, 0x0, 0x3, 0xfe, 0x80, 0xf6, 0xb82e}], 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x6)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

9m37.532206454s ago: executing program 5 (id=649):
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x2b)
prlimit64(0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000006, 0x28011, 0xffffffffffffffff, 0x2f126000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_io_uring_setup(0x80010d, &(0x7f0000000180)={0x0, 0x45888, 0x800, 0x3, 0x36c}, &(0x7f0000000040)=<r2=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000240)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x18, 0x13, &(0x7f0000000680)=@raw=[@map_fd={0x18, 0x6}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x3}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x2}, @jmp={0x5, 0x1, 0x2, 0x8, 0x2, 0xfffffffffffffffc}, @map_idx={0x18, 0x1}, @jmp={0x5, 0x0, 0xd, 0x5, 0x6, 0x40, 0xfffffffffffffffc}], &(0x7f0000000740)='syzkaller\x00', 0x6e, 0x0, 0x0, 0x41100, 0x10, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000800)={0x5, 0xa, 0xffffaaf7, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x10}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newtfilter={0x44, 0x2c, 0xd27, 0x2, 0x0, {0x0, 0x0, 0x0, r5, {0xb, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_CT_MARK_MASK={0x8, 0x60, 0x80}, @TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0x31cf}]}}]}, 0x44}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000140)=0x7)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x7e)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x380, 0xffffffff, 0x98, 0x98, 0x98, 0xffffffff, 0xffffffff, 0x2e8, 0x2e8, 0x2e8, 0xffffffff, 0x4, 0x0, {[{{@ip={@private, @remote, 0x0, 0x0, 'rose0\x00', 'wg2\x00'}, 0xa00, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'snmp_trap\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'snmp\x00'}}]}, @REJECT={0x28}}, {{@ip={@remote, @dev, 0x0, 0x0, 'batadv_slave_0\x00', 'rose0\x00'}, 0x0, 0xc8, 0x128, 0x0, {}, [@common=@inet=@socket1={{0x28}}, @common=@addrtype={{0x30}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@broadcast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3e0)

9m36.009078943s ago: executing program 5 (id=651):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000200)={0x50, 0x0, r3, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)

9m33.13975504s ago: executing program 5 (id=652):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000740), 0xffffffffffffffff)
r1 = openat$audio1(0xffffff9c, &(0x7f0000000240), 0x80100, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0x4f}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x0, 0x0, 0x2}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x1, 0x1, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x10b85}, [@IFLA_IFNAME={0x14, 0x3, 'macsec0\x00'}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x90}, 0x0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x23010, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000d00)={[&(0x7f0000000840)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
ioctl$SNDCTL_DSP_GETBLKSIZE(r1, 0xc0045004, &(0x7f00000001c0))
sched_setaffinity(r2, 0x8, &(0x7f0000000380))
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x28, r0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x80c1}, 0x20040000)

9m26.578933726s ago: executing program 35 (id=646):
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r5)
mknodat(0xffffffffffffff9c, &(0x7f0000018300)='./file1\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000d80)={0x1, &(0x7f0000000000)=[{0x6, 0x2, 0x38, 0x7fff0000}]})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}})

9m17.48340536s ago: executing program 36 (id=652):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000740), 0xffffffffffffffff)
r1 = openat$audio1(0xffffff9c, &(0x7f0000000240), 0x80100, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0x4f}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x0, 0x0, 0x2}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x1, 0x1, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x10b85}, [@IFLA_IFNAME={0x14, 0x3, 'macsec0\x00'}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x90}, 0x0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x23010, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000d00)={[&(0x7f0000000840)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
ioctl$SNDCTL_DSP_GETBLKSIZE(r1, 0xc0045004, &(0x7f00000001c0))
sched_setaffinity(r2, 0x8, &(0x7f0000000380))
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x28, r0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x80c1}, 0x20040000)

8m58.602645102s ago: executing program 2 (id=691):
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x200000, &(0x7f0000000280)={[{@uid}, {@dir_umask={'dir_umask', 0x3d, 0x7}}, {@gid}, {@type={'type', 0x3d, "9d119198"}}, {@codepage={'codepage', 0x3d, 'cp950'}}, {}, {@iocharset={'iocharset', 0x3d, 'cp864'}}, {@file_umask={'file_umask', 0x3d, 0x3}}]}, 0x4, 0x337, &(0x7f0000000540)="$eJzs3U1r1EAYB/D/ZN9tqbGtVDxWC55KWw+KCIr05hfwIMXabqE0VrAVrChWzyLeBMGjN8+iX0Ev4hfQUw/Fk16KSCMzmWRntzPZTV82u/T/g+7rPJlnkkwysxIDIjq2bsz+eH9xS/6JEoACgCuAB6AKFAGcxlj14er68npQX0xbUEFFyD+BKFLsKbOwWreFyjgVofnyXRGD5md0NMIwDH+2LfW7K7lQfkTU9/fwgIruner7atcz25fNDgpUupNKDzG2sNjBDh5hKM90iIgof/r87+mzxKAev3seMKHH4f10/o+ZM4im8c0O8ORk9/PpGcn534veh0KuH7VGRGO+p6Zwch168SzRtizrPhE2VncZ0Z7VtAFEu1mlysWrLS0H9clNtYAXuKYZxUbV4yLihiiubMvR07hlbpoire3pBlQbSrINJUf+I5lr/LyNN/bq5r52kJP4Ir6JOeHjLRaT8V8xFHLlqPXjAzUzIMp/yr1E1Uo/KtXUykbvO6UqORtvgU8fGq2sudZrFQWZi41cimgdv/txnq/L7igMNx8UdOum3a1TUSPWqJnk/V9r1GhrVG2pFNQnF+4HqT+lHBrrjE68ErfEOH7hI2aN8b8nS0/A3TOberlQJfWekdqeoirp2I5NVAe+l6lnEvAvjGQMe4m7uIyhtY3HK/NBUH+Q/4u4q/RIPtGOqHdH+Yl8NsqgKl+UABxapbthGFq/KuIQqijHqbpyLqmmXnqXNFkdZvVPKQerHZvROjS+uu4u3Dhsyk/iI0LGSlX4syRKni2yhP/Rta9t2HdIYWRYPtodMq5qPgjOJBuugEpHPaW2j0pvPl2ZD/ZzLKJ+Y/SXsdvbV/NOh7pPjrtENP8z5itT6qgjH/yU2UjbUYexxGnHDGhYPZ7obAaXLNY5ThyIXwT1mbQ517kLwPmWGj3ENT5vXayv80Qv/qtkxZZWLS1CzOI77vD3fyIiIiIiIiIiIiIiIiIiIiIiIiKifpP1agT35QS7+jok+5UYDVvH8D/eICIiIiIiIiIiIiIiIiIiIiIiIiIiIiI6GOP+v0BB3TGmnPv9fwsd3P9XtL3FJxG18T8AAP//uTRlfg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)

8m57.505415934s ago: executing program 2 (id=692):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[], 0x56c}, 0x1, 0x0, 0x0, 0x40000}, 0x8051)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r1)
r2 = getpgrp(0x0)
fcntl$setown(r0, 0x8, r2)
sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[], 0x14}}, 0x4044057)

8m56.618889522s ago: executing program 2 (id=693):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r7, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
sendmsg$tipc(r6, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0}, 0x10)

8m54.689673079s ago: executing program 2 (id=694):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, 0x0, 0x0)

8m53.818877931s ago: executing program 2 (id=696):
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000940), 0xffffffffffffffff)
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000900006440000008001b00000000000500100004000000"], 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x4c, 0x10, 0x1, 0x70bd25, 0xfffffffc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0x12}, {0xe, 0x10}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)
syz_read_part_table(0x618, &(0x7f0000002200)="$eJzs3D+IFGcUAPC3dzc7dwqehUWwiWctBMXSK6LsbQwGZE0IHBb5iwhXXeBgQxY3eEVyheIWYplGApviXKvoFVY5FFIHsTAIW9gETBNiipsws3O3GzgOEjaE4O9XfN/bnTfvzQfTvgn+1yYiKaMsLbY3PtozP5sdxu14r1tbOJtlWfZuRCUuRhJzyYFeRExF9G6NVI2jEbF/pM7tb/ZtfP3rW0n3yYVktH470jiY51YjL1ma2e1R0r99WMZufX5z9urqcv1a/qPe6m+9H3HnRa1x79xapzeZnPkk//9KxMMyf6pYZya27/9wKv5yZQ9fDsPKaP/tl+Py43qrf6v77PjW4frk95dOvTyycf3BiYiVvPL5KF72oeo/P/Oo9fnNrFT0X5m7sdhpnT5299DNk837jxrPJ38vLw9aToynLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5L1fFmtxrXm/OXH9Vb/q59+fOfOi1rj3rm1Tu/t6pmnlUHewzJ/qtw/i2Z8HklELMVSfBrLu5d/bSc6sBMtVkb7z2/OXl1drg/6/7Ev4tnxrcP17sylUy8XNq4/OFFkVWI63ybGevRd+rf6K3M3Fjut08fuHrp5snn/UeP55CBvKY2Pi+NGRDr+xwAAAAAAAAAAAAAAAAAAAOAVV1s4e+T8m42DeXxxOiJ++aKYss/Sme+imLwfOFruT9PBKP/t6cG3ALpPLvxW/eCHtZ/Lofh2pNGOiP3fJhHx+k6fK8W6/fWASIaV+S/9GQAA///p7o1q")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0))
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)

8m48.806454873s ago: executing program 2 (id=703):
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r4)
mknodat(0xffffffffffffff9c, &(0x7f0000018300)='./file1\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000d80)={0x1, &(0x7f0000000000)=[{0x6, 0x2, 0x38, 0x7fff0000}]})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})

8m33.328215937s ago: executing program 37 (id=703):
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r4)
mknodat(0xffffffffffffff9c, &(0x7f0000018300)='./file1\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000d80)={0x1, &(0x7f0000000000)=[{0x6, 0x2, 0x38, 0x7fff0000}]})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})

2m22.160102512s ago: executing program 4 (id=1756):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, 0x0, 0x0)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)}, 0x4048043)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000005c0)={0x5, 0x0, 0x8, 0xfffffff8}, 0x10)
sendto$inet(r1, &(0x7f0000000400)='X', 0x1, 0x8884, 0x0, 0x0)

2m20.360901512s ago: executing program 4 (id=1761):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000140), 0x12)

2m19.142026116s ago: executing program 4 (id=1763):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket(0x10, 0x803, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {}, {0x9, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

2m13.421381459s ago: executing program 4 (id=1769):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000002080)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0, 0x4)
symlink(&(0x7f000000a900)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(&(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040)='./file1\x00')

2m11.026789278s ago: executing program 4 (id=1774):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x80000001, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x1, 'queue0\x00'})

2m5.931143765s ago: executing program 4 (id=1778):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fchmodat(0xffffffffffffff9c, 0x0, 0xffffffd3)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

1m50.378056489s ago: executing program 38 (id=1778):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fchmodat(0xffffffffffffff9c, 0x0, 0xffffffd3)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

8.290794563s ago: executing program 0 (id=1962):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
timer_create(0x2, &(0x7f00000001c0)={0x0, 0x40, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000240))
fchdir(0xffffffffffffffff)
fchdir(0xffffffffffffffff)
unshare(0x2040400)
setsockopt$SO_J1939_FILTER(0xffffffffffffffff, 0x6b, 0x1, &(0x7f0000000280), 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adffa87d2255f674412d020000000000005ab527ee3697f1ec4436dd1164aa93cc5800075557165397000a63f6b9b3f427f6ba6b34f98125f30e697fffffffffffffffa30b273683626e0003254d570dca6b78ad833488cfe4109eaf009edd3e69613d3cd6aaa300006eee8501000000520a0000151d010000000100bf00000000cc587424363dc6ad7f3bbd424c6e6cafbe9309aba218a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e470a000517ebc406e89dcbb7677e6528b0856e31ed9474ac24cf609068f645ce971fc0480737a55ebb0bd701f7ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bed759ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56d06c759da324a39f7f51b870b2851c3f0a1aab71587a21c8f1b3369ebfcba105a6ccdd01b0f04edb256c604f068773f6ff000000000000006ffbfe5ca32142b0195531458b7d1e341c6f864f983d745f5865aad41d2915aae7602a2d6cd415e8351ebc4223f54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121ad6eb372713255012e028cb2654d493a0b4b35faae176c89b745eda2967199cc936859a537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0cff28235a3cbb5d33b09bc30cf2880c586272c3f4d79bc36305745cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec66ea6c718bbd1aa59114000f0be4c6f8df084c5e9734ae30aa9afdc719bf01ab03a9b1074407136b4506000f0916a39d3057d50183612b39e73aeeb6eaf14652dda68e98ef938e6515a94a71836469e2051d9b7eb85f3f2d5ae2c51944da8d7391d6d6b97419a3b7660df4c5124ca425d374b371867a79b31c6617fc3327191fbf514573f0e30d1d60be2168fe6c2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257b84000000b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c786eeca22debc99335583b54c13c3130978fa069af8223b38ced735c2d905f51ca85ffa4add5647489b3960127696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c5341877386ec55d7dc958fd235d6071619a65d4b82d9c162f3556076b80550d961ca74f1ffdaccf0ea5f02e0fca8b27ff3983ab74fd3d560700a1fbb44e77e312b3b129e000302d613916c9bcf9f0000fac73adb6bfb27f88dba816020be760f7b45e001efada800000000000000fdaf4660402f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6542e597300eb82a184c96ffde5a30e5433d86666cb045bdd02c804c22ff2635c7bfbf5c0d586cda5e1e88a4d41dee7cc74f822278d124638fec58faeb48afe324369cc51204158bb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a635edb2dd163e863315e84498dfb52b7f54da6398cbedaa42cc17c4563c859656a357770289a61faa95a82bf1cfb7f2fd7252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b226900110635376413c29f7c6f7b7e29b9f4bddd5e328661f4046e01f7d7dc22174e5e627a6f608ad53a4168d4d8f7fbc71104512efe8e5d7d934aa289b4db2b870000000000000000000000000000000000000000009b777883a0f9cf4ad155110cd3ace2b322ac31bfa27847dc99c8a69a1ea5b98e525e6393ad7fd9795170e7b11e4fa990b9386910a6a1a66a70eaff01247603c2ff49d3979676bffb3049166ab84a0f061991bd57c2566c10c282352a5105b6164e3f2491e4793e590dcc71de10da96fdff40dd44a2c9882d3aa0f8a797b8fea6efcfb5046b7679f15559cdaa977504c40b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22ade17556abb722d9c085b189b5fd1f30e8dc813f60400fde1f88d830b11002135e8e7262f299ed7923bfbe00ad88be179e56b41ff3792cee2fc37eee739c3e3af923e8738d93d583a9cf00b946960fc38cf85aae7cf708f9a9d166f2e352a06d99b8be476d1cc2a53a859ae4fdab2a987925d12422474ac044ffe9fe2bf9bf9bbdf36c4ca89c516647542ac45545337829fa7039d155ebda42d4c14f4ca7f8b5d5842658c62d0a03092b94fa1b19f190000000000000000000000000000009e75a32b9fafeffd890f2759b0fe3add33fa43a4c3995458f86a926ad56b23571c46728c039cd3b4bb7d69dfa27782b953a7b81cc161912b3e5716360686e126311a7e21bfa2efd0f57b90c203528c8f620d3c7b31c7abcffae382f53500f7cd5d00159e5f741d3e2d2cbd1a04b3f39b50a4683daa7d117b7f4a149c954d69d8ab001339e464c8eb5f0c63899010757c9a3b69f4920531b83f71d5a34ef9405819afee15b77c015ea755c95127ff2274bb9a8463ce4b8c08ad70596ad2b2b044e660ed144b9dce372450ea69d25da2b6deed67fac26e765aa7d5532ba1044f62db049486acde2294127cb767c23da7d8f9844d3be5b6aa83ee4ce1876af5130efe1b64ccb6bbd349bcc0e8deec8ab3bd1b35bbc8ab8a152771744baa576b9223d26b5603a7f091be1264cabaf661fe2dbe7990a61f710f923f2337818a3983d06c11a6bee7fccb78a53c56db5c18f920d2194374db665dcadf53b8d0014e682ec721d67a7ab6c817fe53c86f8900000000000000000000000000000060b7b827c56e973a2ab5bc5c558ada68c4ec3762f5957b20b919af5d53c87de056a397bdcb614c34761e2c815698e1f9f5521a385c2910850929040a4eba573e91ca21fc855358120ecd79a5d7007693ef3ff9d2b993d114443d53c53094e516f675b2a7074584714e7a2015e05e507811b4ca89c39281c9ada5f58ceb55893cca783ab09c9a19836a3a2c715b10436a5731549e364679ecd8461a68433ab52b1108831edb9654dc602183c1170d6881647f6dca15d57fb76357d815c5f1000000000000000000f49e327c0b6e511494466cec78650f0a6267"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48)
r2 = socket$inet6(0xa, 0x803, 0x6)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000180)={r2, r1})

8.086924036s ago: executing program 6 (id=1964):
socket(0x2d, 0x2, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x480, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
r3 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

7.795421234s ago: executing program 9 (id=1966):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4602010103fcffffffffffffff03003e005666d37500010000000000004000000000000000df012000040000000000000003003800010007000200010003000000000000000300000000010100ff"], 0x509)
close(r2)
r3 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f00000000c0)=ANY=[], 0x40)
close(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x401, 0x0)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

7.425792565s ago: executing program 7 (id=1967):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x131, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004de5012300660000800890780a0101010a01010201831fa80a010101ac1414aaac1414227f000001ac1414bb00000000640101009407e494bd16b094040100830b8dffffffffac1414aa00865c00000001050c1df373db3448d383203f02095dffac0079c663000e4bf3dd12d268d79c79fae23101050383370510172ad23f070e0adbbef5a4daa53b6b8c542e06097d601e2038424800073be1a66d18440c18d300000000000010000040ab37d8eb38c8bd639319e1fd3c155220ea58cce11deac20327ad363ed946ff276fbff3d3ec815bdb5366966a6fb7964844f87a7a4718c8c2dd8d6cf00cf04a9ff41f5ec4da50e6969fd868cc7a1ad9841d81d6e6"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440), 0x0, 0x0)

6.626048553s ago: executing program 7 (id=1968):
open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYBLOB=',msize=0x000000000000100'])

6.578936757s ago: executing program 0 (id=1969):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x3, r2, 0x10000000, 0x80000005, 0xb, 0x1fd, 0x1})

6.578563059s ago: executing program 8 (id=1970):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc010000190001000000000000000000fc020000000000000000000000000001fc0200000000000000000000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000001000000a80c00000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044010500ac1414aa000000000000000000000000000004d53c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000fe8000000000000000000000000000bb000000003c00000000000000fe8000000000000000000000000000000000000000000000000800000000000001000000fc010000000000000000000000000001000000006c00000000000000ac1414aa0000000000000000000000000000000006"], 0x1fc}}, 0x0)

6.510749084s ago: executing program 6 (id=1971):
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x8004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mknod(&(0x7f0000000000)='./bus\x00', 0x10, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x301040, 0x0)
mount(&(0x7f00000000c0), &(0x7f0000000440)='./bus\x00', 0x0, 0x8c7c88, 0x0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x140, 0x0)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000602, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, 0x0, 0x20000000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0, 0x7}, 0x94)
open(0x0, 0x0, 0x0)

6.46209096s ago: executing program 9 (id=1972):
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @mcast1, 0x5}, 0x1c)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000008380), 0x400000000000174, 0x4008890)

5.948625026s ago: executing program 7 (id=1973):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000500)={'#! ', './file0'}, 0xb)

5.856662114s ago: executing program 9 (id=1974):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)

5.85013517s ago: executing program 0 (id=1975):
r0 = syz_open_dev$video4linux(&(0x7f0000000180), 0x2, 0x800)
ioctl$VIDIOC_ENUMSTD(r0, 0xc0485619, &(0x7f00000001c0)={0xa, 0x1, "158d651b5828d1ec10de8feb1638859f73317304bb3a55c3", {0x9, 0x7}, 0xc648})

5.817592394s ago: executing program 8 (id=1976):
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x4000)
sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f0000000340)=ANY=[], 0x2b08}}, 0x4004006)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000100)=@ccm_128={{0x304}, "2697312e4e898ca7", "35e23ca3a988def7dfbd438c536346cd", "11398f4a", "50cc97386065eda9"}, 0x28)
recvmmsg(r0, &(0x7f0000001040)=[{{0x0, 0x0, 0x0}, 0x2002}, {{0x0, 0x0, 0x0}, 0x4}], 0x2, 0x40000002, 0x0)

5.690915611s ago: executing program 6 (id=1977):
r0 = inotify_init()
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

5.260689306s ago: executing program 0 (id=1978):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x131, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004de5012300660000800890780a0101010a01010201831fa80a010101ac1414aaac1414227f000001ac1414bb00000000640101009407e494bd16b094040100830b8dffffffffac1414aa00865c00000001050c1df373db3448d383203f02095dffac0079c663000e4bf3dd12d268d79c79fae23101050383370510172ad23f070e0adbbef5a4daa53b6b8c542e06097d601e2038424800073be1a66d18440c18d300000000000010000040ab37d8eb38c8bd639319e1fd3c155220ea58cce11deac20327ad363ed946ff276fbff3d3ec815bdb5366966a6fb7964844f87a7a4718c8c2dd8d6cf00cf04a9ff41f5ec4da50e6969fd868cc7a1ad9841d81d6e6"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440), 0x0, 0x0)

5.240288919s ago: executing program 9 (id=1979):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
timer_create(0x2, &(0x7f00000001c0)={0x0, 0x40, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000240))
fchdir(0xffffffffffffffff)
fchdir(0xffffffffffffffff)
unshare(0x2040400)
setsockopt$SO_J1939_FILTER(0xffffffffffffffff, 0x6b, 0x1, &(0x7f0000000280)=[{0x3, 0x1, {0x1, 0x0, 0x2}, {0x1, 0x0, 0x4}, 0x1, 0x1}, {0x0, 0x2, {0x1, 0xff, 0x4}, {0x1, 0xf0, 0x2}, 0xfe}, {0x1, 0x2, {0x2, 0x1, 0x2}, {0x2, 0xf0}, 0xfd, 0x2}], 0x60)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adffa87d2255f674412d020000000000005ab527ee3697f1ec4436dd1164aa93cc5800075557165397000a63f6b9b3f427f6ba6b34f98125f30e697fffffffffffffffa30b273683626e0003254d570dca6b78ad833488cfe4109eaf009edd3e69613d3cd6aaa300006eee8501000000520a0000151d010000000100bf00000000cc587424363dc6ad7f3bbd424c6e6cafbe9309aba218a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e470a000517ebc406e89dcbb7677e6528b0856e31ed9474ac24cf609068f645ce971fc0480737a55ebb0bd701f7ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bed759ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56d06c759da324a39f7f51b870b2851c3f0a1aab71587a21c8f1b3369ebfcba105a6ccdd01b0f04edb256c604f068773f6ff000000000000006ffbfe5ca32142b0195531458b7d1e341c6f864f983d745f5865aad41d2915aae7602a2d6cd415e8351ebc4223f54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121ad6eb372713255012e028cb2654d493a0b4b35faae176c89b745eda2967199cc936859a537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0cff28235a3cbb5d33b09bc30cf2880c586272c3f4d79bc36305745cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec66ea6c718bbd1aa59114000f0be4c6f8df084c5e9734ae30aa9afdc719bf01ab03a9b1074407136b4506000f0916a39d3057d50183612b39e73aeeb6eaf14652dda68e98ef938e6515a94a71836469e2051d9b7eb85f3f2d5ae2c51944da8d7391d6d6b97419a3b7660df4c5124ca425d374b371867a79b31c6617fc3327191fbf514573f0e30d1d60be2168fe6c2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257b84000000b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c786eeca22debc99335583b54c13c3130978fa069af8223b38ced735c2d905f51ca85ffa4add5647489b3960127696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c5341877386ec55d7dc958fd235d6071619a65d4b82d9c162f3556076b80550d961ca74f1ffdaccf0ea5f02e0fca8b27ff3983ab74fd3d560700a1fbb44e77e312b3b129e000302d613916c9bcf9f0000fac73adb6bfb27f88dba816020be760f7b45e001efada800000000000000fdaf4660402f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6542e597300eb82a184c96ffde5a30e5433d86666cb045bdd02c804c22ff2635c7bfbf5c0d586cda5e1e88a4d41dee7cc74f822278d124638fec58faeb48afe324369cc51204158bb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a635edb2dd163e863315e84498dfb52b7f54da6398cbedaa42cc17c4563c859656a357770289a61faa95a82bf1cfb7f2fd7252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b226900110635376413c29f7c6f7b7e29b9f4bddd5e328661f4046e01f7d7dc22174e5e627a6f608ad53a4168d4d8f7fbc71104512efe8e5d7d934aa289b4db2b870000000000000000000000000000000000000000009b777883a0f9cf4ad155110cd3ace2b322ac31bfa27847dc99c8a69a1ea5b98e525e6393ad7fd9795170e7b11e4fa990b9386910a6a1a66a70eaff01247603c2ff49d3979676bffb3049166ab84a0f061991bd57c2566c10c282352a5105b6164e3f2491e4793e590dcc71de10da96fdff40dd44a2c9882d3aa0f8a797b8fea6efcfb5046b7679f15559cdaa977504c40b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22ade17556abb722d9c085b189b5fd1f30e8dc813f60400fde1f88d830b11002135e8e7262f299ed7923bfbe00ad88be179e56b41ff3792cee2fc37eee739c3e3af923e8738d93d583a9cf00b946960fc38cf85aae7cf708f9a9d166f2e352a06d99b8be476d1cc2a53a859ae4fdab2a987925d12422474ac044ffe9fe2bf9bf9bbdf36c4ca89c516647542ac45545337829fa7039d155ebda42d4c14f4ca7f8b5d5842658c62d0a03092b94fa1b19f190000000000000000000000000000009e75a32b9fafeffd890f2759b0fe3add33fa43a4c3995458f86a926ad56b23571c46728c039cd3b4bb7d69dfa27782b953a7b81cc161912b3e5716360686e126311a7e21bfa2efd0f57b90c203528c8f620d3c7b31c7abcffae382f53500f7cd5d00159e5f741d3e2d2cbd1a04b3f39b50a4683daa7d117b7f4a149c954d69d8ab001339e464c8eb5f0c63899010757c9a3b69f4920531b83f71d5a34ef9405819afee15b77c015ea755c95127ff2274bb9a8463ce4b8c08ad70596ad2b2b044e660ed144b9dce372450ea69d25da2b6deed67fac26e765aa7d5532ba1044f62db049486acde2294127cb767c23da7d8f9844d3be5b6aa83ee4ce1876af5130efe1b64ccb6bbd349bcc0e8deec8ab3bd1b35bbc8ab8a152771744baa576b9223d26b5603a7f091be1264cabaf661fe2dbe7990a61f710f923f2337818a3983d06c11a6bee7fccb78a53c56db5c18f920d2194374db665dcadf53b8d0014e682ec721d67a7ab6c817fe53c86f8900000000000000000000000000000060b7b827c56e973a2ab5bc5c558ada68c4ec3762f5957b20b919af5d53c87de056a397bdcb614c34761e2c815698e1f9f5521a385c2910850929040a4eba573e91ca21fc855358120ecd79a5d7007693ef3ff9d2b993d114443d53c53094e516f675b2a7074584714e7a2015e05e507811b4ca89c39281c9ada5f58ceb55893cca783ab09c9a19836a3a2c715b10436a5731549e364679ecd8461a68433ab52b1108831edb9654dc602183c1170d6881647f6dca15d57fb76357d815c5f1000000000000000000f49e327c0b6e511494466cec78650f0a6267"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48)
r2 = socket$inet6(0xa, 0x803, 0x6)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000180)={r2, r1})

5.090948264s ago: executing program 7 (id=1980):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xb, 0xff, 0x6, 0x7f, 0x1, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x3, 0xc, &(0x7f0000000040)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x58}}]}, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x8eb2e000f2c28467, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e29}, 0x94)

5.09074547s ago: executing program 6 (id=1981):
socket(0x2d, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r1=>0x0})
r2 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

4.539739359s ago: executing program 0 (id=1982):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)

4.506583911s ago: executing program 8 (id=1983):
open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYBLOB=',msize=0x000000000000100'])

4.192150962s ago: executing program 7 (id=1984):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x200000, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80800)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})

3.700200414s ago: executing program 8 (id=1985):
r0 = socket$inet6(0xa, 0x3, 0xff)
r1 = dup2(r0, r0)
sendmmsg$unix(r1, &(0x7f0000008380), 0x400000000000174, 0x4008890)

3.647566354s ago: executing program 6 (id=1986):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc010000190001000000000000000000fc020000000000000000000000000001fc0200000000000000000000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000001000000a80c00000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044010500ac1414aa000000000000000000000000000004d53c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000fe8000000000000000000000000000bb000000003c00000000000000fe8000000000000000000000000000000000000000000000000800000000000001000000fc010000000000000000000000000001000000006c00000000000000ac1414aa0000000000000000000000000000000006"], 0x1fc}}, 0x0)

3.462963069s ago: executing program 0 (id=1987):
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x6d0b01)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e22, @private=0xa010102}}, 0x9, 0x0, 0x3fb, 0x2004, 0x32, 0x0, 0xfc}, 0x9c)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x3, 0x8, 0x2, 0xb}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x0, 0x9, 0x466}, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_adj\x00')
write$cgroup_pid(r3, &(0x7f00000000c0)=0xffffffffffffffff, 0x3)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@initdev={0xac, 0x1e, 0x0, 0x0}, @dev}, 0x10)
fsopen(&(0x7f00000000c0)='ceph\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$sock(r5, &(0x7f0000000cc0)=[{{&(0x7f0000000700)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, 0x0}}], 0x1, 0x48094)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)

3.442002913s ago: executing program 7 (id=1988):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003075f37407104020695a401020301090224000242d8000a0904001001323ab4080905070210007fdc140904"], &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0})

3.144744366s ago: executing program 9 (id=1989):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)

2.927271148s ago: executing program 8 (id=1990):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000500)={'#! ', './file0'}, 0xb)

2.839867744s ago: executing program 6 (id=1991):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000380)=ANY=[@ANYBLOB="20110100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000180)={0x1, 0x9, 0x4, &(0x7f0000000040)={0x51, "c6c1f7b51030c4b7c54bf28facb1ed3ee2dfe17a04bc517b5452b3b94bce47509d"}})

1.015903587s ago: executing program 9 (id=1992):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x131, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004de5012300660000800890780a0101010a01010201831fa80a010101ac1414aaac1414227f000001ac1414bb00000000640101009407e494bd16b094040100830b8dffffffffac1414aa00865c00000001050c1df373db3448d383203f02095dffac0079c663000e4bf3dd12d268d79c79fae23101050383370510172ad23f070e0adbbef5a4daa53b6b8c542e06097d601e2038424800073be1a66d18440c18d300000000000010000040ab37d8eb38c8bd639319e1fd3c155220ea58cce11deac20327ad363ed946ff276fbff3d3ec815bdb5366966a6fb7964844f87a7a4718c8c2dd8d6cf00cf04a9ff41f5ec4da50e6969fd868cc7a1ad9841d81d6e6"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x0)

0s ago: executing program 8 (id=1993):
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x4000)
sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f0000000340)=ANY=[], 0x2b08}}, 0x4004006)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000100)=@ccm_128={{0x304}, "2697312e4e898ca7", "35e23ca3a988def7dfbd438c536346cd", "11398f4a", "50cc97386065eda9"}, 0x28)
recvmmsg(r0, &(0x7f0000001040)=[{{0x0, 0x0, 0x0}, 0x2002}, {{0x0, 0x0, 0x0}, 0x4}], 0x2, 0x40000002, 0x0)

kernel console output (not intermixed with test programs):

rror -22
[  533.845567][   T42] usb usb3-port1: attempt power cycle
[  533.889757][ T8100] team0: Port device team_slave_1 added
[  534.110006][ T5835] Bluetooth: hci6: command tx timeout
[  534.116241][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  534.140499][ T5835] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  534.154694][ T5835] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  534.180968][ T8100] batman_adv: batadv0: Adding interface: batadv_slave_0
[  534.188186][ T8100] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  534.215079][ T8100] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  534.241244][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  534.260853][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  534.290233][   T42] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  534.335671][   T42] usb 3-1: no configurations
[  534.341135][   T42] usb 3-1: can't read configurations, error -22
[  534.436683][ T8100] batman_adv: batadv0: Adding interface: batadv_slave_1
[  534.444035][ T8100] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  534.470980][ T8100] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  534.560746][   T42] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  534.619705][   T42] usb 3-1: no configurations
[  534.624612][   T42] usb 3-1: can't read configurations, error -22
[  534.673800][   T42] usb usb3-port1: unable to enumerate USB device
[  534.855178][ T8100] hsr_slave_0: entered promiscuous mode
[  534.864288][ T8100] hsr_slave_1: entered promiscuous mode
[  534.872283][ T8100] debugfs: 'hsr0' already exists in 'hsr'
[  534.878196][ T8100] Cannot create hsr debugfs directory
[  535.447281][ T7995] veth0_vlan: entered promiscuous mode
[  535.604508][ T7995] veth1_vlan: entered promiscuous mode
[  536.306591][ T7995] veth0_macvtap: entered promiscuous mode
[  536.413889][ T5823] Bluetooth: hci4: command tx timeout
[  536.641346][ T7995] veth1_macvtap: entered promiscuous mode
[  536.748662][ T8154] chnl_net:caif_netlink_parms(): no params data found
[  536.823846][ T8170] loop6: detected capacity change from 0 to 64
[  536.866369][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  536.874464][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  537.424815][ T7995] batman_adv: batadv0: Interface activated: batadv_slave_0
[  537.577362][ T7995] batman_adv: batadv0: Interface activated: batadv_slave_1
[  537.716685][ T7995] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  537.726039][ T7995] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  537.735305][ T7995] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  537.744506][ T7995] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  537.846201][ T8100] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  537.971729][ T8100] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  538.163379][ T8100] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  538.304603][ T8100] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  538.489409][ T5823] Bluetooth: hci4: command tx timeout
[  539.027414][ T4496] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.270423][ T4496] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.545060][ T4496] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.795224][ T4496] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.040906][ T8195] loop2: detected capacity change from 0 to 256
[  540.120911][ T8195] exfat: Deprecated parameter 'utf8'
[  540.126535][ T8195] exfat: Deprecated parameter 'utf8'
[  540.134080][ T8195] exfat: Bad value for 'gid'
[  540.138961][ T8195] exfat: Bad value for 'gid'
[  540.181239][ T8198] netlink: 'syz.6.678': attribute type 16 has an invalid length.
[  540.189468][ T8198] netlink: 28 bytes leftover after parsing attributes in process `syz.6.678'.
[  540.349339][ T8154] bridge0: port 1(bridge_slave_0) entered blocking state
[  540.357240][ T8154] bridge0: port 1(bridge_slave_0) entered disabled state
[  540.374728][ T8154] bridge_slave_0: entered allmulticast mode
[  540.384772][ T8154] bridge_slave_0: entered promiscuous mode
[  540.578194][ T5823] Bluetooth: hci4: command tx timeout
[  540.730649][ T8200] loop6: detected capacity change from 0 to 2048
[  540.799811][ T8200]  loop6: p1 < > p4
[  540.830682][ T8200] loop6: p4 size 8388608 extends beyond EOD, truncated
[  541.042164][ T8196] bridge0: port 1(bridge_slave_0) entered disabled state
[  541.073408][ T8196] bridge0: port 2(bridge_slave_1) entered disabled state
[  541.342455][ T8154] bridge0: port 2(bridge_slave_1) entered blocking state
[  541.350221][ T8154] bridge0: port 2(bridge_slave_1) entered disabled state
[  541.358105][ T8154] bridge_slave_1: entered allmulticast mode
[  541.368251][ T8154] bridge_slave_1: entered promiscuous mode
[  542.067121][ T8154] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  542.086353][ T4496] bridge_slave_1: left allmulticast mode
[  542.092507][ T4496] bridge_slave_1: left promiscuous mode
[  542.099411][ T4496] bridge0: port 2(bridge_slave_1) entered disabled state
[  542.290242][ T4496] bridge_slave_0: left allmulticast mode
[  542.296195][ T4496] bridge_slave_0: left promiscuous mode
[  542.303434][ T4496] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.698261][ T5823] Bluetooth: hci4: command tx timeout
[  542.992096][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  543.006463][ T7952] udevd[7952]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  543.572187][ T4496] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  543.721784][ T4496] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  543.770222][ T4496] bond0 (unregistering): Released all slaves
[  543.877081][ T8154] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  544.467314][ T8229] loop2: detected capacity change from 0 to 64
[  544.982529][ T8154] team0: Port device team_slave_0 added
[  545.083206][ T8154] team0: Port device team_slave_1 added
[  545.708382][ T4496] hsr_slave_0: left promiscuous mode
[  545.777207][ T4496] hsr_slave_1: left promiscuous mode
[  545.785033][ T4496] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  545.794280][ T4496] batman_adv: batadv0: Removing interface: batadv_slave_0
[  545.899834][ T4496] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  545.907620][ T4496] batman_adv: batadv0: Removing interface: batadv_slave_1
[  545.945062][ T4496] veth1_macvtap: left allmulticast mode
[  545.952712][ T4496] veth1_macvtap: left promiscuous mode
[  545.958382][ T4496] veth0_macvtap: left promiscuous mode
[  545.964363][ T4496] veth1_vlan: left promiscuous mode
[  545.969921][ T4496] veth0_vlan: left promiscuous mode
[  546.912099][ T8241] netlink: 'syz.6.685': attribute type 16 has an invalid length.
[  546.921478][ T8241] netlink: 28 bytes leftover after parsing attributes in process `syz.6.685'.
[  547.095744][ T8244] loop2: detected capacity change from 0 to 256
[  547.142039][ T8244] exfat: Deprecated parameter 'utf8'
[  547.147680][ T8244] exfat: Deprecated parameter 'utf8'
[  547.154121][ T8244] exfat: Bad value for 'gid'
[  547.158967][ T8244] exfat: Bad value for 'gid'
[  547.218025][ T8243] loop6: detected capacity change from 0 to 2048
[  547.282110][ T7952]  loop6: p1 < > p4
[  547.301225][ T7952] loop6: p4 size 8388608 extends beyond EOD, truncated
[  547.524593][ T8243]  loop6: p1 < > p4
[  547.574402][ T8243] loop6: p4 size 8388608 extends beyond EOD, truncated
[  547.611470][ T4496] team0 (unregistering): Port device team_slave_1 removed
[  547.781507][ T4496] team0 (unregistering): Port device team_slave_0 removed
[  548.072401][ T8249] netlink: 'syz.2.687': attribute type 16 has an invalid length.
[  548.080771][ T8249] netlink: 28 bytes leftover after parsing attributes in process `syz.2.687'.
[  548.298259][ T8250] loop2: detected capacity change from 0 to 2048
[  548.423096][ T8250]  loop2: p1 < > p4
[  548.463383][ T8250] loop2: p4 size 8388608 extends beyond EOD, truncated
[  548.479591][ T8154] batman_adv: batadv0: Adding interface: batadv_slave_0
[  548.486928][ T8154] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  548.513544][ T8154] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  548.601632][ T8100] 8021q: adding VLAN 0 to HW filter on device bond0
[  548.715045][ T5170]  loop2: p1 < > p4
[  548.901843][ T8154] batman_adv: batadv0: Adding interface: batadv_slave_1
[  548.902157][ T5170] loop2: p4 size 8388608 extends beyond EOD, 
[  548.908976][ T8154] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  548.915506][ T5170] truncated
[  548.945516][ T8154] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  549.254923][ T8100] 8021q: adding VLAN 0 to HW filter on device team0
[  549.409747][ T3786] bridge0: port 1(bridge_slave_0) entered blocking state
[  549.417353][ T3786] bridge0: port 1(bridge_slave_0) entered forwarding state
[  550.028403][ T8154] hsr_slave_0: entered promiscuous mode
[  550.039014][ T8154] hsr_slave_1: entered promiscuous mode
[  550.047848][ T8154] debugfs: 'hsr0' already exists in 'hsr'
[  550.053952][ T8154] Cannot create hsr debugfs directory
[  550.105223][ T4247] bridge0: port 2(bridge_slave_1) entered blocking state
[  550.112940][ T4247] bridge0: port 2(bridge_slave_1) entered forwarding state
[  550.973194][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  551.027652][ T7952] udevd[7952]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  551.385982][ T8273] loop2: detected capacity change from 0 to 64
[  551.480756][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  551.501759][ T7952] udevd[7952]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  552.252085][ T3786] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.452460][ T3786] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.745213][ T3786] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.054473][ T3786] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.310925][ T3854] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  553.319473][ T3854] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  554.002608][ T8154] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  554.050378][ T7858] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  554.115686][ T8154] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  554.117975][ T4121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  554.131231][ T4121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  554.180021][ T3786] bridge_slave_1: left allmulticast mode
[  554.185955][ T3786] bridge_slave_1: left promiscuous mode
[  554.195698][ T3786] bridge0: port 2(bridge_slave_1) entered disabled state
[  554.216042][ T3786] bridge_slave_0: left allmulticast mode
[  554.222748][ T3786] bridge_slave_0: left promiscuous mode
[  554.229667][ T3786] bridge0: port 1(bridge_slave_0) entered disabled state
[  554.661721][ T3786] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  554.741395][ T3786] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  554.791519][ T3786] bond0 (unregistering): Released all slaves
[  554.879695][ T8154] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  555.031936][ T8154] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  555.468899][ T8100] 8021q: adding VLAN 0 to HW filter on device batadv0
[  555.813417][ T8299] loop6: detected capacity change from 0 to 128
[  555.822967][ T8299] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  555.857707][ T8299] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  555.892542][ T8299] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  555.901413][ T8299] FAT-fs (loop6): Filesystem has been set read-only
[  557.216832][ T8311] netlink: 'syz.2.696': attribute type 16 has an invalid length.
[  557.225126][ T8311] netlink: 28 bytes leftover after parsing attributes in process `syz.2.696'.
[  557.424822][ T8312] loop2: detected capacity change from 0 to 2048
[  557.495585][ T3786] hsr_slave_0: left promiscuous mode
[  557.507450][ T3786] hsr_slave_1: left promiscuous mode
[  557.515985][ T3786] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  557.523923][ T3786] batman_adv: batadv0: Removing interface: batadv_slave_0
[  557.584847][ T8312]  loop2: p1 < > p4
[  557.601271][ T8312] loop2: p4 size 8388608 extends beyond EOD, truncated
[  557.703058][ T3786] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  557.711777][ T3786] batman_adv: batadv0: Removing interface: batadv_slave_1
[  557.870937][ T3786] veth1_macvtap: left promiscuous mode
[  557.881980][ T3786] veth0_macvtap: left promiscuous mode
[  557.887973][ T3786] veth1_vlan: left promiscuous mode
[  557.893719][ T3786] veth0_vlan: left promiscuous mode
[  558.251989][ T8316] loop6: detected capacity change from 0 to 1024
[  558.490766][ T8316] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  558.622147][   T30] audit: type=1800 audit(1753770807.618:12): pid=8316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.697" name="bus" dev="loop6" ino=18 res=0 errno=0
[  558.726905][ T8316] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.697: Allocating blocks 481-513 which overlap fs metadata
[  559.404259][ T7710] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.438255][ T3786] team0 (unregistering): Port device team_slave_1 removed
[  559.480630][ T3786] team0 (unregistering): Port device team_slave_0 removed
[  561.553695][ T8154] 8021q: adding VLAN 0 to HW filter on device bond0
[  561.775586][ T8154] 8021q: adding VLAN 0 to HW filter on device team0
[  561.838134][ T5100] bridge0: port 1(bridge_slave_0) entered blocking state
[  561.845685][ T5100] bridge0: port 1(bridge_slave_0) entered forwarding state
[  562.372451][ T5100] bridge0: port 2(bridge_slave_1) entered blocking state
[  562.380297][ T5100] bridge0: port 2(bridge_slave_1) entered forwarding state
[  563.735468][ T8351] capability: warning: `syz.6.705' uses 32-bit capabilities (legacy support in use)
[  563.952775][ T8100] veth0_vlan: entered promiscuous mode
[  564.146888][ T8100] veth1_vlan: entered promiscuous mode
[  564.795695][ T8100] veth0_macvtap: entered promiscuous mode
[  564.860545][ T8100] veth1_macvtap: entered promiscuous mode
[  565.118161][ T8100] batman_adv: batadv0: Interface activated: batadv_slave_0
[  565.237501][ T8100] batman_adv: batadv0: Interface activated: batadv_slave_1
[  565.321007][ T8100] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  565.330497][ T8100] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  565.339706][ T8100] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  565.348692][ T8100] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  566.124014][ T8154] 8021q: adding VLAN 0 to HW filter on device batadv0
[  568.276108][ T8393] bridge0: port 1(bridge_slave_0) entered disabled state
[  568.298110][ T8393] bridge0: port 2(bridge_slave_1) entered disabled state
[  568.471092][ T8394] netlink: 'syz.7.711': attribute type 16 has an invalid length.
[  568.479446][ T8394] netlink: 28 bytes leftover after parsing attributes in process `syz.7.711'.
[  570.019164][ T8154] veth0_vlan: entered promiscuous mode
[  570.175895][ T8154] veth1_vlan: entered promiscuous mode
[  570.535112][ T8154] veth0_macvtap: entered promiscuous mode
[  570.646170][ T8154] veth1_macvtap: entered promiscuous mode
[  570.894328][ T8154] batman_adv: batadv0: Interface activated: batadv_slave_0
[  571.073100][ T8154] batman_adv: batadv0: Interface activated: batadv_slave_1
[  571.156954][ T8154] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  571.157164][ T8154] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  571.157388][ T8154] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  571.157580][ T8154] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  573.655694][ T8439] loop7: detected capacity change from 0 to 128
[  577.916304][ T4168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  577.924651][ T4168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  578.124249][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  578.133821][ T5835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  578.143283][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  578.206382][ T4247] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  578.214691][ T4247] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  578.237242][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  578.266231][ T5835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  579.620360][ T8477] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  580.410173][ T5835] Bluetooth: hci1: command tx timeout
[  580.728873][ T8463] chnl_net:caif_netlink_parms(): no params data found
[  581.865317][ T4168] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.186215][ T4168] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.486762][ T4168] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.492675][ T5835] Bluetooth: hci1: command tx timeout
[  582.630389][ T4168] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.449761][ T8463] bridge0: port 1(bridge_slave_0) entered blocking state
[  583.457506][ T8463] bridge0: port 1(bridge_slave_0) entered disabled state
[  583.467860][ T8463] bridge_slave_0: entered allmulticast mode
[  583.487552][ T8463] bridge_slave_0: entered promiscuous mode
[  583.602612][ T8463] bridge0: port 2(bridge_slave_1) entered blocking state
[  583.610667][ T8463] bridge0: port 2(bridge_slave_1) entered disabled state
[  583.618589][ T8463] bridge_slave_1: entered allmulticast mode
[  583.628957][ T8463] bridge_slave_1: entered promiscuous mode
[  584.392189][ T4168] bridge_slave_1: left allmulticast mode
[  584.406796][ T4168] bridge_slave_1: left promiscuous mode
[  584.413834][ T4168] bridge0: port 2(bridge_slave_1) entered disabled state
[  584.508089][ T4168] bridge_slave_0: left allmulticast mode
[  584.514853][ T4168] bridge_slave_0: left promiscuous mode
[  584.521804][ T4168] bridge0: port 1(bridge_slave_0) entered disabled state
[  584.573005][ T5835] Bluetooth: hci1: command tx timeout
[  585.495310][ T4168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  585.590795][ T4168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  585.645385][ T4168] bond0 (unregistering): Released all slaves
[  585.758120][ T8463] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  585.846999][ T8530] syzkaller1: entered promiscuous mode
[  585.853006][ T8530] syzkaller1: entered allmulticast mode
[  585.895607][ T5100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  585.903834][ T5100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  585.962769][ T8463] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  586.413532][ T8544] loop8: detected capacity change from 0 to 1024
[  586.657833][ T5835] Bluetooth: hci1: command tx timeout
[  586.670387][ T8219] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  586.678636][ T8219] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  586.696039][ T8463] team0: Port device team_slave_0 added
[  586.827759][ T8463] team0: Port device team_slave_1 added
[  587.101864][ T4168] hsr_slave_0: left promiscuous mode
[  587.150513][ T4168] hsr_slave_1: left promiscuous mode
[  587.160381][ T4168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  587.170585][ T4168] batman_adv: batadv0: Removing interface: batadv_slave_0
[  587.269522][ T4168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  587.277362][ T4168] batman_adv: batadv0: Removing interface: batadv_slave_1
[  587.398804][ T4168] veth1_macvtap: left promiscuous mode
[  587.407611][ T4168] veth0_macvtap: left promiscuous mode
[  587.413851][ T4168] veth1_vlan: left promiscuous mode
[  587.419692][ T4168] veth0_vlan: left promiscuous mode
[  587.873856][ T8553] loop8: detected capacity change from 0 to 1024
[  588.055046][ T8553] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  588.224268][   T30] audit: type=1800 audit(1753770837.218:13): pid=8553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.743" name="bus" dev="loop8" ino=18 res=0 errno=0
[  588.486254][ T8553] EXT4-fs error (device loop8): mb_free_blocks:1948: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  588.726511][ T4168] team0 (unregistering): Port device team_slave_1 removed
[  588.803031][ T4168] team0 (unregistering): Port device team_slave_0 removed
[  588.932766][ T8100] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  589.616255][ T8463] batman_adv: batadv0: Adding interface: batadv_slave_0
[  589.625611][ T8463] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  589.653566][ T8463] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  589.923790][ T8463] batman_adv: batadv0: Adding interface: batadv_slave_1
[  589.933346][ T8463] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  589.960567][ T8463] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  590.090435][ T5823] Bluetooth: hci3: command 0x0406 tx timeout
[  590.576385][   T30] audit: type=1107 audit(1753770839.568:14): pid=8572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  590.730560][ T8463] hsr_slave_0: entered promiscuous mode
[  590.835553][ T8463] hsr_slave_1: entered promiscuous mode
[  590.844935][ T8463] debugfs: 'hsr0' already exists in 'hsr'
[  590.852494][ T8463] Cannot create hsr debugfs directory
[  591.542208][ T8586] loop9: detected capacity change from 0 to 1024
[  591.672206][ T8586] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  592.169832][   T30] audit: type=1800 audit(1753770841.168:15): pid=8586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.755" name="bus" dev="loop9" ino=18 res=0 errno=0
[  592.726451][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  594.633835][ T8619] loop6: detected capacity change from 0 to 2048
[  594.962449][ T8619] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  595.127349][   T30] audit: type=1800 audit(1753770844.088:16): pid=8619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.764" name="file2" dev="loop6" ino=16 res=0 errno=0
[  595.378838][ T8463] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  595.496154][ T8463] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  595.538308][ T7710] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  595.605281][ T8463] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  595.732983][ T8463] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  595.912871][ T8637] loop8: detected capacity change from 0 to 1024
[  596.156514][ T8637] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  596.385094][   T30] audit: type=1800 audit(1753770845.378:17): pid=8637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.768" name="bus" dev="loop8" ino=18 res=0 errno=0
[  597.013546][ T8100] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  597.358561][ T8652] loop7: detected capacity change from 0 to 1024
[  597.525264][ T8463] 8021q: adding VLAN 0 to HW filter on device bond0
[  597.868508][ T8463] 8021q: adding VLAN 0 to HW filter on device team0
[  598.027170][ T3854] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.034952][ T3854] bridge0: port 1(bridge_slave_0) entered forwarding state
[  598.181581][ T3854] bridge0: port 2(bridge_slave_1) entered blocking state
[  598.189426][ T3854] bridge0: port 2(bridge_slave_1) entered forwarding state
[  598.313845][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  598.321078][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  598.556268][ T8665] loop6: detected capacity change from 0 to 512
[  598.685028][ T8665] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  598.950647][ T8665] EXT4-fs (loop6): 1 orphan inode deleted
[  598.956766][ T8665] EXT4-fs (loop6): 1 truncate cleaned up
[  598.966014][ T8665] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  599.368557][ T8665] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  599.430296][ T8665] EXT4-fs (loop6): Remounting filesystem read-only
[  599.480960][ T8665] EXT4-fs (loop6): error restoring inline_data for inode -- potential data loss! (inode 12, error -30)
[  599.974605][ T7710] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  600.692411][   T30] audit: type=1326 audit(1753770849.688:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  600.715359][   T30] audit: type=1326 audit(1753770849.698:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  600.738390][   T30] audit: type=1326 audit(1753770849.698:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  600.761507][   T30] audit: type=1326 audit(1753770849.748:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  600.785207][   T30] audit: type=1326 audit(1753770849.768:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  601.202485][   T30] audit: type=1326 audit(1753770849.978:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  601.226148][   T30] audit: type=1326 audit(1753770849.978:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  601.248962][   T30] audit: type=1326 audit(1753770850.058:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  601.272813][   T30] audit: type=1326 audit(1753770850.058:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  601.298088][   T30] audit: type=1326 audit(1753770850.068:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.6.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f996678e9a9 code=0x7ffc0000
[  601.398486][ T8690] loop9: detected capacity change from 0 to 512
[  601.424310][ T8463] 8021q: adding VLAN 0 to HW filter on device batadv0
[  601.474224][ T8690] EXT4-fs: Ignoring removed nobh option
[  601.625841][ T8690] EXT4-fs error (device loop9): ext4_orphan_get:1393: inode #15: comm syz.9.784: iget: bad i_size value: 38620345925642
[  601.729819][ T8690] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.784: couldn't read orphan inode 15 (err -117)
[  601.833021][ T8690] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  602.375931][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  605.194945][ T8463] veth0_vlan: entered promiscuous mode
[  605.335980][ T8463] veth1_vlan: entered promiscuous mode
[  605.451246][ T8727] netlink: 12 bytes leftover after parsing attributes in process `syz.8.798'.
[  605.727730][ T8463] veth0_macvtap: entered promiscuous mode
[  605.859203][ T8463] veth1_macvtap: entered promiscuous mode
[  605.891332][ T8729] loop9: detected capacity change from 0 to 512
[  606.168002][ T8463] batman_adv: batadv0: Interface activated: batadv_slave_0
[  606.323363][ T8463] batman_adv: batadv0: Interface activated: batadv_slave_1
[  606.501466][ T8463] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  606.510835][ T8463] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  606.527850][ T8463] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  606.539650][ T8463] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  606.853746][ T8733] loop7: detected capacity change from 0 to 1024
[  609.572082][ T8767] netlink: 12 bytes leftover after parsing attributes in process `syz.9.810'.
[  613.358248][ T8816] netlink: 12 bytes leftover after parsing attributes in process `syz.9.823'.
[  616.927535][ T4168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  616.936035][ T4168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  617.543574][ T5100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  617.552408][ T5100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  618.651874][ T8874] loop7: detected capacity change from 0 to 512
[  618.724718][ T8874] EXT4-fs: Ignoring removed nobh option
[  618.970887][ T8874] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.837: iget: bad i_size value: 38620345925642
[  619.034991][ T8874] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.837: couldn't read orphan inode 15 (err -117)
[  619.138327][ T8874] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  619.861958][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  621.087232][ T8913] block device autoloading is deprecated and will be removed.
[  621.209362][ T8907] md2: using deprecated bitmap file support
[  621.215656][ T8907] md2: error: bitmap file must be a regular file
[  622.720703][ T8931] No control pipe specified
[  622.874234][ T8937] loop7: detected capacity change from 0 to 512
[  622.927627][ T8937] EXT4-fs: Ignoring removed nobh option
[  623.058795][ T8937] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.853: iget: bad i_size value: 38620345925642
[  623.073857][ T5870] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  623.126493][ T8937] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.853: couldn't read orphan inode 15 (err -117)
[  623.189561][ T8937] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  623.403597][ T5870] usb 10-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[  623.421388][ T5870] usb 10-1: New USB device strings: Mfr=24, Product=2, SerialNumber=3
[  623.433266][ T5870] usb 10-1: Product: syz
[  623.437807][ T5870] usb 10-1: Manufacturer: syz
[  623.442979][ T5870] usb 10-1: SerialNumber: syz
[  623.563624][ T5870] usb 10-1: config 0 descriptor??
[  623.752733][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  623.917199][ T5870] asix 10-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  623.942105][ T5870] asix 10-1:0.0: probe with driver asix failed with error -32
[  624.864729][ T8959] md2: using deprecated bitmap file support
[  624.871420][ T8959] md2: error: bitmap file must be a regular file
[  624.917971][   T24] ------------[ cut here ]------------
[  624.924262][   T24] refcount_t: underflow; use-after-free.
[  624.933319][   T24] WARNING: CPU: 1 PID: 24 at lib/refcount.c:28 refcount_warn_saturate+0x241/0x390
[  624.943375][   T24] Modules linked in:
[  624.949411][   T24] CPU: 1 UID: 0 PID: 24 Comm: kworker/1:0 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(none) 
[  624.961815][   T24] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  624.972500][   T24] Workqueue: md_misc mddev_delayed_delete
[  624.978624][   T24] RIP: 0010:refcount_warn_saturate+0x241/0x390
[  624.985464][   T24] Code: a8 92 e8 32 a2 e0 fb c6 00 00 c6 05 ff bb f3 0b 01 90 48 c7 83 80 0c 00 00 00 00 00 00 48 c7 c7 79 bf 0a 92 e8 60 e6 6b fa 90 <0f> 0b 90 90 e9 5b ff ff ff 8b 3a e8 af ae e0 fb 41 f6 c6 01 0f 85
[  625.005829][   T24] RSP: 0018:ffff8881034e7b70 EFLAGS: 00010293
[  625.012600][   T24] RAX: ffffffff81207e2e RBX: ffff8881034d0b58 RCX: ffff8881034d0000
[  625.021050][   T24] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  625.029501][   T24] RBP: ffff8881034e7b88 R08: ffffea000000000f R09: 0000000000000000
[  625.037777][   T24] R10: ffff888237bae028 R11: ffff88823f272490 R12: ffff8881034d0b58
[  625.046254][   T24] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888051a888c0
[  625.056255][   T24] FS:  0000000000000000(0000) GS:ffff8881aa95d000(0000) knlGS:0000000000000000
[  625.066261][   T24] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  625.073382][   T24] CR2: 000000110c345a52 CR3: 000000005b554000 CR4: 00000000003526f0
[  625.081899][   T24] DR0: 0000000000000004 DR1: 0004000000000002 DR2: 0000000000000408
[  625.090347][   T24] DR3: 1000000100000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  625.098604][   T24] Call Trace:
[  625.102279][   T24]  <TASK>
[  625.105466][   T24]  kobject_put+0x2d0/0x3b0
[  625.110416][   T24]  ? kmsan_get_metadata+0xfb/0x160
[  625.115866][   T24]  mddev_delayed_delete+0x25/0x30
[  625.121490][   T24]  ? __pfx_mddev_delayed_delete+0x10/0x10
[  625.127560][   T24]  process_scheduled_works+0xb8e/0x1d80
[  625.134552][   T24]  worker_thread+0xedf/0x1590
[  625.140298][   T24]  kthread+0xd5c/0xf00
[  625.144684][   T24]  ? __pfx_worker_thread+0x10/0x10
[  625.150412][   T24]  ? __pfx_kthread+0x10/0x10
[  625.156888][   T24]  ret_from_fork+0x1e3/0x310
[  625.162471][   T24]  ? __pfx_kthread+0x10/0x10
[  625.167394][   T24]  ret_from_fork_asm+0x1a/0x30
[  625.172717][   T24]  </TASK>
[  625.175949][   T24] ---[ end trace 0000000000000000 ]---
[  626.140233][   T24] usb 10-1: USB disconnect, device number 2
[  626.497152][ T8977] No control pipe specified
[  628.659776][ T5870] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  628.949241][ T5870] usb 10-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[  628.958754][ T5870] usb 10-1: New USB device strings: Mfr=24, Product=2, SerialNumber=3
[  628.967420][ T5870] usb 10-1: Product: syz
[  628.978649][ T5870] usb 10-1: Manufacturer: syz
[  628.990119][ T5870] usb 10-1: SerialNumber: syz
[  629.306842][ T5870] usb 10-1: config 0 descriptor??
[  629.619827][ T5870] asix 10-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  629.631899][ T5870] asix 10-1:0.0: probe with driver asix failed with error -32
[  630.508042][ T9033] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(7)
[  630.514832][ T9033] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  630.526216][ T9033] vhci_hcd vhci_hcd.0: Device attached
[  630.540506][ T9035] vhci_hcd: connection closed
[  630.555083][ T1027] vhci_hcd: stop threads
[  630.564591][ T1027] vhci_hcd: release socket
[  630.570092][ T1027] vhci_hcd: disconnect device
[  631.050255][ T5823] Bluetooth: hci0: command 0x0406 tx timeout
[  631.660137][   T24] usb 10-1: USB disconnect, device number 3
[  632.643484][ T9052] md2: using deprecated bitmap file support
[  632.650415][ T9052] md2: error: bitmap file must be a regular file
[  638.287873][ T9084] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(7)
[  638.294665][ T9084] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  638.303140][ T9084] vhci_hcd vhci_hcd.0: Device attached
[  638.331505][ T9092] loop4: detected capacity change from 0 to 128
[  638.341211][ T9092] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  638.394332][ T9093] vhci_hcd: connection closed
[  638.412898][ T9092] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  638.442245][ T9092] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  638.451200][ T9092] FAT-fs (loop4): Filesystem has been set read-only
[  638.482374][ T1027] vhci_hcd: stop threads
[  638.486971][ T1027] vhci_hcd: release socket
[  638.492064][ T1027] vhci_hcd: disconnect device
[  638.530611][   T24] vhci_hcd: vhci_device speed not set
[  640.066893][ T9108] binder: BINDER_SET_CONTEXT_MGR already set
[  640.073843][ T9108] binder: 9106:9108 ioctl 4018620d 200000004a80 returned -16
[  640.519579][ T9112] md2: using deprecated bitmap file support
[  640.525789][ T9112] md2: error: bitmap file must be a regular file
[  641.112215][ T9123] netlink: 4 bytes leftover after parsing attributes in process `syz.4.911'.
[  641.169998][ T9122] loop7: detected capacity change from 0 to 512
[  641.181384][ T9122] EXT4-fs: Ignoring removed nobh option
[  641.288645][ T9122] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.910: iget: bad i_size value: 38620345925642
[  641.324681][ T9122] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.910: couldn't read orphan inode 15 (err -117)
[  641.421207][ T9122] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  642.497083][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  646.321687][ T9150] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(8)
[  646.328572][ T9150] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  646.337180][ T9150] vhci_hcd vhci_hcd.0: Device attached
[  646.396631][ T9149] loop4: detected capacity change from 0 to 128
[  646.406296][ T9149] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  646.424031][ T9149] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  646.436607][ T9149] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  646.447355][ T9149] FAT-fs (loop4): Filesystem has been set read-only
[  646.547129][ T9152] vhci_hcd: connection closed
[  646.692268][ T4496] vhci_hcd: stop threads
[  646.701889][ T4496] vhci_hcd: release socket
[  646.706614][ T4496] vhci_hcd: disconnect device
[  646.782777][ T5870] vhci_hcd: vhci_device speed not set
[  648.130630][ T9168] binder: 9167:9168 ioctl c0306201 0 returned -14
[  648.173744][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802842be00: rx timeout, send abort
[  648.188026][ T9161] kvm: kvm [9160]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xa80000000
[  648.674718][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802842a400: rx timeout, send abort
[  648.683871][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802842be00: abort rx timeout. Force session deactivation
[  648.744357][ T9173] md2: using deprecated bitmap file support
[  648.750990][ T9173] md2: error: bitmap file must be a regular file
[  649.183616][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802842a400: abort rx timeout. Force session deactivation
[  650.160454][ T9193] fuse: Bad value for 'fd'
[  651.612265][ T5823] Bluetooth: hci6: command 0x0406 tx timeout
[  652.075577][ T9203] loop7: detected capacity change from 0 to 128
[  652.088206][ T9203] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  652.126733][ T9203] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  652.137472][ T9203] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  652.146473][ T9203] FAT-fs (loop7): Filesystem has been set read-only
[  652.461209][ T9204] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(8)
[  652.468094][ T9204] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  652.476492][ T9204] vhci_hcd vhci_hcd.0: Device attached
[  653.160008][ T5870] usb 51-1: new high-speed USB device number 2 using vhci_hcd
[  653.179250][ T9205] vhci_hcd: connection reset by peer
[  653.227859][ T7774] vhci_hcd: stop threads
[  653.233398][ T7774] vhci_hcd: release socket
[  653.238329][ T7774] vhci_hcd: disconnect device
[  653.521132][ T9212] binder: 9211:9212 ioctl c0306201 0 returned -14
[  654.174523][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802842a600: rx timeout, send abort
[  654.210546][ T9218] md2: using deprecated bitmap file support
[  654.216820][ T9218] md2: error: bitmap file must be a regular file
[  654.675365][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802842a400: rx timeout, send abort
[  654.684621][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802842a600: abort rx timeout. Force session deactivation
[  655.184169][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802842a400: abort rx timeout. Force session deactivation
[  656.670657][ T5823] Bluetooth: hci4: command 0x0406 tx timeout
[  657.935498][ T9253] loop6: detected capacity change from 0 to 128
[  657.945005][ T9253] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  658.127428][ T9253] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  658.143638][ T9253] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  658.152707][ T9253] FAT-fs (loop6): Filesystem has been set read-only
[  658.250356][ T5870] vhci_hcd: vhci_device speed not set
[  659.370007][ T9257] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(8)
[  659.376811][ T9257] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  659.384835][ T9257] vhci_hcd vhci_hcd.0: Device attached
[  659.630236][ T9265] binder: 9262:9265 ioctl c0306201 0 returned -14
[  659.724335][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  659.731633][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  659.849906][   T11] usb 47-1: new high-speed USB device number 3 using vhci_hcd
[  659.860127][ T9261] vhci_hcd: connection reset by peer
[  659.888807][ T9272] binfmt_misc: register: failed to install interpreter file ./file2
[  659.911753][ T5100] vhci_hcd: stop threads
[  659.916405][ T5100] vhci_hcd: release socket
[  659.921864][ T5100] vhci_hcd: disconnect device
[  659.961673][ T9270] fuse: Bad value for 'fd'
[  660.982379][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880284bf400: rx timeout, send abort
[  661.483160][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880284be600: rx timeout, send abort
[  661.499184][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880284bf400: abort rx timeout. Force session deactivation
[  661.991832][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880284be600: abort rx timeout. Force session deactivation
[  664.005322][ T9287] netlink: 16 bytes leftover after parsing attributes in process `mÞ£'.
[  665.485102][   T11] vhci_hcd: vhci_device speed not set
[  665.933858][ T9302] loop6: detected capacity change from 0 to 128
[  665.944435][ T9302] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  665.963521][ T9302] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  665.974357][ T9302] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  665.983393][ T9302] FAT-fs (loop6): Filesystem has been set read-only
[  669.490136][ T3786] bridge_slave_1: left allmulticast mode
[  669.507657][ T3786] bridge_slave_1: left promiscuous mode
[  669.515951][ T3786] bridge0: port 2(bridge_slave_1) entered disabled state
[  669.756074][ T9322] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  669.762935][ T9322] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  669.773107][ T9322] vhci_hcd vhci_hcd.0: Device attached
[  670.020421][ T1925] usb 41-1: new high-speed USB device number 2 using vhci_hcd
[  674.881091][ T3786] bridge_slave_0: left allmulticast mode
[  674.887029][ T3786] bridge_slave_0: left promiscuous mode
[  674.894002][ T3786] bridge0: port 1(bridge_slave_0) entered disabled state
[  674.930582][ T9323] vhci_hcd: connection reset by peer
[  675.079729][ T9324] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  675.151842][ T7774] vhci_hcd: stop threads
[  675.156379][ T7774] vhci_hcd: release socket
[  675.163191][ T7774] vhci_hcd: disconnect device
[  675.239605][ T1925] vhci_hcd: vhci_device speed not set
[  676.442493][ T9333] netlink: 4 bytes leftover after parsing attributes in process `syz.9.968'.
[  676.918410][ T3786] bond1 (unregistering): (slave ip6erspan0): Releasing active interface
[  677.833607][ T3786] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  677.912497][ T3786] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  678.650596][ T3786] bond0 (unregistering): Released all slaves
[  678.975227][ T3786] bond1 (unregistering): Released all slaves
[  681.045475][ T9354] loop8: detected capacity change from 0 to 128
[  681.055114][ T9354] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  681.146852][ T9354] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  681.158461][ T9354] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  681.169419][ T9354] FAT-fs (loop8): Filesystem has been set read-only
[  682.708916][ T3786] hsr_slave_0: left promiscuous mode
[  682.738032][ T3786] hsr_slave_1: left promiscuous mode
[  682.746694][ T3786] batman_adv: batadv0: Removing interface: batadv_slave_0
[  683.374514][ T3786] batman_adv: batadv0: Removing interface: batadv_slave_1
[  686.722194][ T3786] team0 (unregistering): Port device team_slave_1 removed
[  686.884113][ T3786] team0 (unregistering): Port device team_slave_0 removed
[  687.917942][ T9394] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  688.586577][ T9416] loop7: detected capacity change from 0 to 128
[  688.805646][ T9416] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  689.190884][ T9416] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  689.294699][ T9416] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  689.305245][ T9416] FAT-fs (loop7): Filesystem has been set read-only
[  690.120265][ T9426] binder: BINDER_SET_CONTEXT_MGR already set
[  690.126672][ T9426] binder: 9423:9426 ioctl 4018620d 200000004a80 returned -16
[  690.287929][ T9426] binder: 9423:9426 ioctl c0306201 2000000004c0 returned -22
[  693.770809][ T9469] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  702.912818][ T5823] Bluetooth: hci1: command 0x0406 tx timeout
[  703.486446][   T24] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  703.665998][   T24] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  705.304556][ T9578] tipc: Started in network mode
[  705.310623][ T9578] tipc: Node identity ac14140f, cluster identity 4711
[  705.318280][ T9578] tipc: New replicast peer: 255.255.255.255
[  705.329353][ T9578] tipc: Enabled bearer <udp:syz2>, priority 10
[  705.413695][ T9579] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1032'.
[  705.423462][ T9579] tipc: Disabling bearer <udp:syz2>
[  709.444413][ T9615] fuse: Unknown parameter 'use00000000000000000000'
[  712.183496][ T9633] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1052'.
[  712.335761][ T9637] team0: No ports can be present during mode change
[  712.385990][ T9637] vlan0: entered promiscuous mode
[  712.421023][ T9637] team0: Port device vlan0 added
[  712.643241][ T9637] tipc: Started in network mode
[  712.648625][ T9637] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  712.656949][ T9637] tipc: Enabled bearer <eth:team0>, priority 0
[  713.615156][ T9647] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  713.769751][   T24] tipc: Node number set to 11578026
[  714.191055][ T9655] fuse: Unknown parameter 'use00000000000000000000'
[  717.493494][ T9691] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  717.892092][ T9697] loop7: detected capacity change from 0 to 2048
[  718.096974][ T9697] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  718.783301][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  719.019887][ T9714] binder: 9713:9714 ioctl 4018620d 0 returned -22
[  720.349312][ T9735] loop4: detected capacity change from 0 to 512
[  720.418965][ T9735] EXT4-fs: Ignoring removed nobh option
[  720.580618][ T9735] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1084: iget: bad i_size value: 38620345925642
[  720.637276][ T9735] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1084: couldn't read orphan inode 15 (err -117)
[  720.660913][ T9735] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  721.163476][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  721.170605][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  721.235319][ T8463] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.520205][ T9745] md2: using deprecated bitmap file support
[  721.526395][ T9745] md2: error: bitmap file must be a regular file
[  722.093201][ T9751] loop6: detected capacity change from 0 to 2048
[  722.348452][ T9751] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  722.487586][ T9761] binder: 9758:9761 ioctl 4018620d 0 returned -22
[  723.035831][ T7710] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  724.287592][ T9778] loop4: detected capacity change from 0 to 512
[  724.361693][ T9778] EXT4-fs: Ignoring removed nobh option
[  724.482710][ T9778] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1098: iget: bad i_size value: 38620345925642
[  724.607965][ T9778] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1098: couldn't read orphan inode 15 (err -117)
[  724.662409][ T9778] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  725.141023][ T8463] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  725.861389][ T9793] fuse: Bad value for 'fd'
[  725.996560][ T9788] loop7: detected capacity change from 0 to 2048
[  726.185291][ T9788]  loop7: p1 < > p4
[  726.316652][ T9788] loop7: p4 size 8388608 extends beyond EOD, truncated
[  726.817517][ T9804] binder: 9800:9804 ioctl 4018620d 0 returned -22
[  727.095364][ T9806] loop6: detected capacity change from 0 to 2048
[  727.345228][ T9806] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  727.829833][ T9818] loop9: detected capacity change from 0 to 512
[  727.881931][ T9818] EXT4-fs: Ignoring removed nobh option
[  728.051237][ T9818] EXT4-fs error (device loop9): ext4_orphan_get:1393: inode #15: comm syz.9.1110: iget: bad i_size value: 38620345925642
[  728.177246][ T9818] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.1110: couldn't read orphan inode 15 (err -117)
[  728.192976][ T8090] udevd[8090]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[  728.282860][ T9818] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  728.305184][ T7952] udevd[7952]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory
[  728.341413][ T9823] loop8: detected capacity change from 0 to 512
[  728.411510][ T7710] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  728.493043][ T9823] EXT4-fs (loop8): orphan cleanup on readonly fs
[  728.569451][ T9782] EXT4-fs error (device loop9): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  728.732764][ T9823] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.1111: bg 0: block 248: padding at end of block bitmap is not set
[  728.766489][ T9823] __quota_error: 13 callbacks suppressed
[  728.766573][ T9823] Quota error (device loop8): write_blk: dquota write failed
[  728.794302][ T9823] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  728.807487][ T9823] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.1111: Failed to acquire dquot type 1
[  728.927814][ T9823] EXT4-fs (loop8): 1 truncate cleaned up
[  728.972793][ T9823] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  729.144010][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  729.203089][ T9823] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended
[  729.562396][ T9834] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1111'.
[  729.572825][ T9834] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1111'.
[  729.979257][ T9823] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  730.047383][ T9833] Quota error (device loop8): do_check_range: Getting block 1536 out of range 0-5
[  731.376649][ T8100] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  732.148223][ T9862] binder: 9859:9862 ioctl c0306201 0 returned -14
[  732.445352][ T9867] loop9: detected capacity change from 0 to 512
[  732.588784][ T9867] EXT4-fs: Ignoring removed nobh option
[  732.810091][ T9867] EXT4-fs error (device loop9): ext4_orphan_get:1393: inode #15: comm syz.9.1125: iget: bad i_size value: 38620345925642
[  732.929447][ T9867] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.1125: couldn't read orphan inode 15 (err -117)
[  732.955225][ T9869] loop7: detected capacity change from 0 to 2048
[  733.031576][ T9867] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  733.170425][ T9869] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  733.623821][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  734.231558][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  735.705915][ T9912] binder: 9911:9912 ioctl c0306201 0 returned -14
[  736.816488][ T9927] loop4: detected capacity change from 0 to 164
[  737.839721][ T9936] loop8: detected capacity change from 0 to 256
[  739.728720][ T9953] loop7: detected capacity change from 0 to 128
[  739.741215][ T9953] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  739.820028][ T9953] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  739.832448][ T9953] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  739.843711][ T9953] FAT-fs (loop7): Filesystem has been set read-only
[  741.325910][ T9974] loop7: detected capacity change from 0 to 256
[  741.500977][ T9974] FAT-fs (loop7): IO charset ŽZ¸f?xðAÜp�F†…(Y0Öó+c‹æ_ÞîeF9Ò­Nh‡‹ØÛ— �ã×0³”¬^Ã_ãù”ÙÜë&a½ÿbvzRX:a•
[  741.500977][ T9974] Bœ5ñ	ê›Nt?P
Hì¨ not found
[  745.952268][T10018] loop6: detected capacity change from 0 to 256
[  746.104969][T10021] loop8: detected capacity change from 0 to 512
[  746.139792][T10018] FAT-fs (loop6): IO charset ŽZ¸f?xðAÜp�F†…(Y0Öó+c‹æ_ÞîeF9Ò­Nh‡‹ØÛ— �ã×0³”¬^Ã_ãù”ÙÜë&a½ÿbvzRX:a•
[  746.139792][T10018] Bœ5ñ	ê›Nt?P
Hì¨ not found
[  746.173363][T10021] EXT4-fs: Ignoring removed orlov option
[  746.219641][T10021] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  746.333189][T10021] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  746.476854][T10021] EXT4-fs error (device loop8): ext4_iget_extra_inode:5030: inode #15: comm syz.8.1175: corrupted in-inode xattr: e_value size too large
[  746.600232][T10021] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.1175: couldn't read orphan inode 15 (err -117)
[  746.631813][T10021] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  747.685811][ T8100] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  751.813135][T10069] loop9: detected capacity change from 0 to 256
[  751.859671][T10065] loop4: detected capacity change from 0 to 1024
[  752.003879][T10069] FAT-fs (loop9): IO charset ŽZ¸f?xðAÜp�F†…(Y0Öó+c‹æ_ÞîeF9Ò­Nh‡‹ØÛ— �ã×0³”¬^Ã_ãù”ÙÜë&a½ÿbvzRX:a•
[  752.003879][T10069] Bœ5ñ	ê›Nt?P
Hì¨ not found
[  752.078074][T10068] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  752.182827][T10065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  752.932094][ T8463] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  753.293414][T10085] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1193'.
[  753.726427][T10091] loop4: detected capacity change from 0 to 256
[  757.807858][T10122] loop7: detected capacity change from 0 to 1024
[  758.111480][T10122] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  758.903640][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  759.460278][T10143] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1211'.
[  759.490848][T10146] loop7: detected capacity change from 0 to 256
[  760.922230][T10162] tipc: Started in network mode
[  760.927483][T10162] tipc: Node identity c214bb134303, cluster identity 4711
[  760.947295][T10162] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  761.147345][T10160] tipc: Disabling bearer <eth:syzkaller0>
[  762.603841][T10184] loop4: detected capacity change from 0 to 256
[  763.211494][T10190] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1228'.
[  763.221262][T10190] netlink: 212 bytes leftover after parsing attributes in process `syz.8.1228'.
[  763.381304][T10193] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1229'.
[  763.517529][T10195] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1228'.
[  763.560739][T10194] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.845317][T10194] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.138576][T10194] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.362656][T10194] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.732246][T10205] loop6: detected capacity change from 0 to 1024
[  764.793351][T10194] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  764.824136][T10194] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  764.857412][T10194] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  764.888165][T10194] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  765.193457][T10214] tipc: Started in network mode
[  765.198709][T10214] tipc: Node identity 1205e9fadeec, cluster identity 4711
[  765.207363][T10214] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  765.255766][T10205] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  765.269228][T10205] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  765.375898][T10213] tipc: Disabling bearer <eth:syzkaller0>
[  765.480691][T10202] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  765.562522][T10202] EXT4-fs (loop6): Remounting filesystem read-only
[  765.591205][ T4496] EXT4-fs warning (device loop6): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 3: ext4_ext_map_blocks returned -30
[  765.922557][T10224] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1237'.
[  765.932346][T10224] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  766.065631][T10224] batman_adv: batadv0: Removing interface: batadv_slave_1
[  766.250314][ T7710] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  767.808444][T10248] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1244'.
[  768.982802][T10261] netlink: 100 bytes leftover after parsing attributes in process `syz.6.1248'.
[  769.261529][T10264] tipc: Started in network mode
[  769.266761][T10264] tipc: Node identity 0e5462289a27, cluster identity 4711
[  769.275229][T10264] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  769.430614][T10263] tipc: Disabling bearer <eth:syzkaller0>
[  771.691137][T10295] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1260'.
[  776.686280][T10327] loop6: detected capacity change from 0 to 512
[  776.857336][T10327] EXT4-fs warning (device loop6): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop6.
[  778.801292][T10342] loop6: detected capacity change from 0 to 512
[  778.846407][T10342] EXT4-fs: Ignoring removed nobh option
[  779.120156][T10342] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.1273: iget: bad i_size value: 38620345925642
[  779.180038][T10342] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.1273: couldn't read orphan inode 15 (err -117)
[  779.244482][T10342] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  779.415564][T10353] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1276'.
[  779.926492][ T7710] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  780.003129][T10358] fuse: Unknown parameter '0x0000000000000003'
[  780.718326][T10364] netlink: 'syz.6.1280': attribute type 16 has an invalid length.
[  780.726709][T10364] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1280'.
[  781.236507][T10364] loop6: detected capacity change from 0 to 2048
[  781.433460][T10364]  loop6: p1 < > p4
[  781.438618][T10364]  loop6: p1 could not be added: -ENOMEM
[  781.444923][T10364] loop6: p4 size 8388608 extends beyond EOD, truncated
[  781.528850][T10364]  loop6: p4 could not be added: -ENOMEM
[  782.657018][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  782.663935][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  782.688805][T10381] loop8: detected capacity change from 0 to 1024
[  783.224135][T10381] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  783.556545][   T30] audit: type=1800 audit(1753771032.558:41): pid=10381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1284" name="bus" dev="loop8" ino=18 res=0 errno=0
[  783.593811][T10381] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4113: comm syz.8.1284: Allocating blocks 481-513 which overlap fs metadata
[  784.297184][ T8100] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  784.587695][T10399] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1291'.
[  787.841529][T10439] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1305'.
[  790.196712][T10461] netlink: 'syz.6.1311': attribute type 16 has an invalid length.
[  790.205991][T10461] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1311'.
[  790.478350][T10465] loop7: detected capacity change from 0 to 512
[  790.575474][T10465] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  790.740481][T10464] loop6: detected capacity change from 0 to 2048
[  790.821317][T10465] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  790.844607][T10465] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  790.950940][T10473] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  791.043356][T10464]  loop6: p1 < > p4
[  791.102337][T10464] loop6: p4 size 8388608 extends beyond EOD, truncated
[  791.533708][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  792.142669][ T8090] udevd[8090]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  792.211348][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  797.308554][T10550] loop6: detected capacity change from 0 to 1024
[  797.447110][T10550] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  797.460163][T10550] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  797.541717][T10554] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  797.582430][T10554] EXT4-fs (loop6): Remounting filesystem read-only
[  798.134695][ T7710] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  798.790876][T10571] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1345'.
[  799.196772][T10573] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1346'.
[  800.643519][T10583] loop7: detected capacity change from 0 to 512
[  800.911703][T10583] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  800.924914][T10583] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  802.717263][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  803.471527][T10605] loop4: detected capacity change from 0 to 1024
[  803.805681][T10605] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  803.818753][T10605] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  804.024999][T10605] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  804.104836][T10605] EXT4-fs (loop4): Remounting filesystem read-only
[  804.178397][ T4168] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 3: ext4_ext_map_blocks returned -30
[  804.578423][ T8463] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  812.298739][   T30] audit: type=1326 audit(1753771061.288:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10702 comm="syz.9.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb878e9a9 code=0x7ffc0000
[  812.322625][   T30] audit: type=1326 audit(1753771061.288:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10702 comm="syz.9.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb878e9a9 code=0x7ffc0000
[  814.679685][T10732] loop9: detected capacity change from 0 to 1024
[  814.845007][T10732] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  815.626596][T10742] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  815.692116][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  818.398766][T10775] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1411'.
[  818.408488][T10775] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1411'.
[  822.002951][T10811] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(7)
[  822.009839][T10811] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  822.021438][T10811] vhci_hcd vhci_hcd.0: Device attached
[  822.152542][T10812] vhci_hcd: connection closed
[  822.153586][ T4247] vhci_hcd: stop threads
[  822.163235][ T4247] vhci_hcd: release socket
[  822.167881][ T4247] vhci_hcd: disconnect device
[  824.023902][T10822] loop7: detected capacity change from 0 to 4096
[  824.258544][T10822] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  825.186454][T10822] EXT4-fs (loop7): Online defrag not supported with bigalloc
[  826.112627][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  826.461597][T10854] netlink: 'syz.4.1433': attribute type 16 has an invalid length.
[  826.472068][T10854] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1433'.
[  827.222856][T10856] loop4: detected capacity change from 0 to 2048
[  827.454541][T10856]  loop4: p1 < > p4
[  827.601307][T10856] loop4: p4 size 8388608 extends beyond EOD, truncated
[  828.048884][T10869] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(7)
[  828.055843][T10869] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  828.064709][T10869] vhci_hcd vhci_hcd.0: Device attached
[  828.069401][T10871] vhci_hcd: connection closed
[  828.170025][ T4247] vhci_hcd: stop threads
[  828.179548][ T4247] vhci_hcd: release socket
[  828.184205][ T4247] vhci_hcd: disconnect device
[  828.316870][ T7952] udevd[7952]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  828.336672][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  831.190906][T10909] netlink: 'syz.9.1452': attribute type 16 has an invalid length.
[  831.199390][T10909] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1452'.
[  831.460103][T10908] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(7)
[  831.466984][T10908] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  831.476347][T10908] vhci_hcd vhci_hcd.0: Device attached
[  831.568884][T10916] vhci_hcd: connection closed
[  831.611150][ T4247] vhci_hcd: stop threads
[  831.620934][ T4247] vhci_hcd: release socket
[  831.625714][ T4247] vhci_hcd: disconnect device
[  831.744756][T10909] loop9: detected capacity change from 0 to 2048
[  832.042071][T10909]  loop9: p1 < > p4
[  832.118580][T10909] loop9: p4 size 8388608 extends beyond EOD, truncated
[  832.387653][T10925] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  833.052912][T10934] fuse: Unknown parameter 'group_i00000000000000000000'
[  834.263653][ T7952] udevd[7952]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory
[  834.276381][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  834.575197][T10956] autofs: Unknown parameter 'fd0x0000000000000000'
[  835.752667][T10969] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  837.360080][T11000] netlink: 324 bytes leftover after parsing attributes in process `syz.4.1482'.
[  838.063092][T11004] autofs: Unknown parameter 'fd0x0000000000000000'
[  840.662494][T11041] netlink: 324 bytes leftover after parsing attributes in process `syz.8.1497'.
[  844.073911][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  844.080856][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  844.096123][T11086] netlink: 324 bytes leftover after parsing attributes in process `syz.4.1514'.
[  844.984645][T11094] binder: BINDER_SET_CONTEXT_MGR already set
[  844.991247][T11094] binder: 11090:11094 ioctl 4018620d 200000004a80 returned -16
[  845.843589][T11103] sctp: [Deprecated]: syz.7.1520 (pid 11103) Use of struct sctp_assoc_value in delayed_ack socket option.
[  845.843589][T11103] Use struct sctp_sack_info instead
[  847.288245][T11125] netlink: 324 bytes leftover after parsing attributes in process `syz.4.1528'.
[  849.201245][T11150] loop8: detected capacity change from 0 to 1024
[  849.592361][T11150] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  849.606802][T11150] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  850.131870][ T8100] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  850.411628][T11170] netlink: 324 bytes leftover after parsing attributes in process `syz.6.1543'.
[  850.777365][T11172] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1545'.
[  851.344781][T11181] loop7: detected capacity change from 0 to 764
[  851.602656][T11181] Symlink component flag not implemented
[  851.608568][T11181] Symlink component flag not implemented
[  851.615111][T11181] Symlink component flag not implemented (129)
[  851.621682][T11181] Symlink component flag not implemented (6)
[  851.751067][T11181] rock: directory entry would overflow storage
[  851.757641][T11181] rock: sig=0x4f50, size=4, remaining=3
[  851.771665][T11181] iso9660: Corrupted directory entry in block 6 of inode 1792
[  853.998208][T11214] netlink: 324 bytes leftover after parsing attributes in process `syz.8.1558'.
[  854.477649][T11220] loop9: detected capacity change from 0 to 128
[  854.780840][T11220] syz.9.1560: attempt to access beyond end of device
[  854.780840][T11220] loop9: rw=0, sector=2072, nr_sectors = 1 limit=128
[  854.795275][   T30] audit: type=1800 audit(1753771103.768:44): pid=11220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1560" name="file2" dev="loop9" ino=1048640 res=0 errno=0
[  855.520490][T11233] usb usb1: usbfs: process 11233 (syz.7.1565) did not claim interface 0 before use
[  856.560867][T11243] fuse: Bad value for 'fd'
[  857.626609][    C1] vcan0: j1939_tp_rxtimer: 0xffff888028497e00: rx timeout, send abort
[  858.127457][    C1] vcan0: j1939_tp_rxtimer: 0xffff888028496200: rx timeout, send abort
[  858.136285][    C1] vcan0: j1939_tp_rxtimer: 0xffff888028497e00: abort rx timeout. Force session deactivation
[  858.458156][T11265] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1577'.
[  858.636161][    C1] vcan0: j1939_tp_rxtimer: 0xffff888028496200: abort rx timeout. Force session deactivation
[  858.851445][T11270] loop9: detected capacity change from 0 to 512
[  858.912730][T11270] ext4: Unknown parameter 'subj_user'
[  858.929444][T11275] netlink: 'syz.8.1581': attribute type 13 has an invalid length.
[  859.382325][T11275] bridge0: port 2(bridge_slave_1) entered disabled state
[  859.390967][T11275] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.152678][T11275] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  860.202428][T11275] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  860.526547][T11291] fuse: Bad value for 'fd'
[  860.914145][T11275] netdevsim netdevsim8 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  860.924982][T11275] netdevsim netdevsim8 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  860.933926][T11275] netdevsim netdevsim8 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  860.942798][T11275] netdevsim netdevsim8 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  861.980645][T11307] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1587'.
[  861.990382][T11307] netlink: 2 bytes leftover after parsing attributes in process `syz.9.1587'.
[  862.117146][T11307] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  862.126520][T11307] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  862.135783][T11307] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  862.145056][T11307] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  862.277901][T11307] netdevsim netdevsim9 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  862.288146][T11307] netdevsim netdevsim9 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  862.297806][T11307] netdevsim netdevsim9 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  862.307369][T11307] netdevsim netdevsim9 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  862.528699][T11313] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1589'.
[  862.553014][T11315] No control pipe specified
[  863.302763][T11319] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  863.361258][T11319] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1592'.
[  863.722271][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880284aa600: rx timeout, send abort
[  864.223108][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880284abe00: rx timeout, send abort
[  864.232368][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880284aa600: abort rx timeout. Force session deactivation
[  864.290628][T11332] fuse: Bad value for 'fd'
[  864.735784][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880284abe00: abort rx timeout. Force session deactivation
[  865.458453][ T8219] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  865.942966][T11359] No control pipe specified
[  866.661033][T11365] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  866.754154][T11365] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1606'.
[  866.957157][T11369] binfmt_misc: register: failed to install interpreter file ./file2
[  867.082834][T11373] Cannot find del_set index 1 as target
[  868.682989][T11389] loop9: detected capacity change from 0 to 512
[  871.459684][T11388] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  871.505265][T11389] EXT4-fs warning (device loop9): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop9.
[  873.708158][T11401] loop7: detected capacity change from 0 to 2048
[  873.892259][T11401] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  874.224035][T11401] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  874.420259][T11401] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  874.423609][T11410] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  874.433304][T11401] EXT4-fs (loop7): This should not happen!! Data will be lost
[  874.433304][T11401] 
[  874.445952][T11410] EXT4-fs (loop7): This should not happen!! Data will be lost
[  874.445952][T11410] 
[  874.446058][T11410] EXT4-fs (loop7): Total free blocks count 0
[  874.446154][T11410] EXT4-fs (loop7): Free/Dirty block details
[  874.446242][T11410] EXT4-fs (loop7): free_blocks=2415919104
[  874.456026][T11401] EXT4-fs (loop7): Total free blocks count 0
[  874.456125][T11401] EXT4-fs (loop7): Free/Dirty block details
[  875.639680][T11428] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  875.734358][T11428] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1621'.
[  875.937248][T11427] No control pipe specified
[  876.429345][T11423] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  876.659585][T11423] usb 7-1: Using ep0 maxpacket: 8
[  876.899780][T11423] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  876.908322][T11423] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  876.918552][T11423] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  876.928726][T11423] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  876.939464][T11423] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  877.186835][T11423] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  877.196369][T11423] usb 7-1: New USB device strings: Mfr=0, Product=128, SerialNumber=0
[  877.205085][T11423] usb 7-1: Product: syz
[  878.015031][T11433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  878.025256][T11433] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  878.229500][T11423] usb 7-1: GET_CAPABILITIES returned 0
[  878.235614][T11423] usbtmc 7-1:16.0: can't read capabilities
[  878.328841][T11423] usb 7-1: USB disconnect, device number 2
[  878.719195][T11456] loop9: detected capacity change from 0 to 512
[  878.997079][T11456] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  879.015834][T11456] ext4 filesystem being mounted at /173/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  879.609872][T11449] loop4: detected capacity change from 0 to 1024
[  880.784917][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  880.901135][T11449] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  881.692985][ T8463] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  881.792031][T11475] loop9: detected capacity change from 0 to 1024
[  882.054907][T11475] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  882.103956][T11479] loop6: detected capacity change from 0 to 764
[  882.477201][T11479] Symlink component flag not implemented
[  882.488833][T11479] Symlink component flag not implemented
[  882.497334][T11479] Symlink component flag not implemented (129)
[  882.503940][T11479] Symlink component flag not implemented (6)
[  882.608061][T11479] rock: directory entry would overflow storage
[  882.615573][T11479] rock: sig=0x4f50, size=4, remaining=3
[  882.621707][T11479] iso9660: Corrupted directory entry in block 6 of inode 1792
[  882.752688][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  882.927451][T11487] tipc: New replicast peer: 255.255.255.255
[  882.939513][T11487] tipc: Enabled bearer <udp:syz2>, priority 10
[  884.049320][ T5875] tipc: Node number set to 2165816083
[  885.711188][T11512] loop6: detected capacity change from 0 to 512
[  888.824664][T11511] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  888.824808][T11512] EXT4-fs warning (device loop6): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop6.
[  890.917872][T11532] loop9: detected capacity change from 0 to 1024
[  891.168782][T11532] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  891.929562][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  893.321390][T11562] loop7: detected capacity change from 0 to 764
[  893.466153][T11562] Symlink component flag not implemented
[  893.473031][T11562] Symlink component flag not implemented
[  893.479406][T11562] Symlink component flag not implemented (129)
[  893.485934][T11562] Symlink component flag not implemented (6)
[  894.244063][T11562] rock: directory entry would overflow storage
[  894.250980][T11562] rock: sig=0x4f50, size=4, remaining=3
[  894.256757][T11562] iso9660: Corrupted directory entry in block 6 of inode 1792
[  894.276455][T11572] loop6: detected capacity change from 0 to 524287999
[  897.876447][T11586] loop9: detected capacity change from 0 to 1024
[  898.132166][T11586] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  898.983401][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  899.979546][T11423] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  900.249233][T11423] usb 5-1: Using ep0 maxpacket: 32
[  900.379591][T11423] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  900.389230][T11423] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  900.483431][T11423] usb 5-1: config 0 descriptor??
[  900.947016][T11423] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  901.053226][T11423] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  901.113070][T11423] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  901.129673][T11423] usb 5-1: media controller created
[  901.203582][T11623] loop6: detected capacity change from 0 to 164
[  901.295706][T11423] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  901.923514][T11423] az6027: usb out operation failed. (-71)
[  901.970597][T11423] az6027: usb out operation failed. (-71)
[  901.976662][T11423] stb0899_attach: Driver disabled by Kconfig
[  901.983188][T11423] az6027: no front-end attached
[  901.983188][T11423] 
[  902.111156][T11423] az6027: usb out operation failed. (-71)
[  902.117322][T11423] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  902.128655][T11423] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input5
[  902.335726][T11423] dvb-usb: schedule remote query interval to 400 msecs.
[  902.344060][T11423] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  902.487897][T11423] usb 5-1: USB disconnect, device number 6
[  903.140636][T11423] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  903.331069][T11637] loop7: detected capacity change from 0 to 512
[  903.428037][T11637] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  903.819647][T11637] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  903.874127][T11637] EXT4-fs error (device loop7): ext4_iget_extra_inode:5030: inode #15: comm syz.7.1673: corrupted in-inode xattr: e_value size too large
[  903.978321][T11637] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.1673: couldn't read orphan inode 15 (err -117)
[  904.108442][T11637] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  904.129399][T11640] loop4: detected capacity change from 0 to 1024
[  904.904224][T11640] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  905.496480][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  905.503419][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  907.051252][ T7995] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  908.959727][ T8463] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  914.284453][T11701] loop9: detected capacity change from 0 to 1024
[  914.513758][T11701] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  914.527200][T11701] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  915.245752][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  915.909523][T11696] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  916.202015][T11696] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  916.212374][T11696] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  916.226267][T11696] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  916.235875][T11696] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  916.929750][T11696] usb 7-1: usb_control_msg returned -32
[  916.935881][T11696] usbtmc 7-1:16.0: can't read capabilities
[  917.572426][T11737] usbtmc 7-1:16.0: send_request_dev_dep_msg_in returned -90
[  919.500572][T11423] usb 7-1: USB disconnect, device number 3
[  919.911942][T11756] loop9: detected capacity change from 0 to 1024
[  920.161952][T11756] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  920.180666][T11756] ext4 filesystem being mounted at /194/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  920.343558][T11762] loop6: detected capacity change from 0 to 8
[  920.945274][ T8154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  926.080627][T11804] net veth1_virt_wifi virt_wifi0: default FDB implementation only supports local addresses
[  928.339422][T11696] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  928.561155][T11696] usb 10-1: Using ep0 maxpacket: 32
[  928.627671][T11696] usb 10-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  928.637347][T11696] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  928.763050][T11696] usb 10-1: config 0 descriptor??
[  929.058011][T11696] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  929.144683][T11696] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  929.216421][T11696] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  929.224148][T11696] usb 10-1: media controller created
[  929.369487][T11696] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  929.880562][T11696] az6027: usb out operation failed. (-71)
[  929.930403][T11696] az6027: usb out operation failed. (-71)
[  929.936428][T11696] stb0899_attach: Driver disabled by Kconfig
[  929.942910][T11696] az6027: no front-end attached
[  929.942910][T11696] 
[  930.046239][T11696] az6027: usb out operation failed. (-71)
[  930.053471][T11696] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  930.064834][T11696] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.9/usb10/10-1/input/input6
[  930.204509][T11696] dvb-usb: schedule remote query interval to 400 msecs.
[  930.214494][T11696] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  930.381032][T11696] usb 10-1: USB disconnect, device number 4
[  931.127848][T11696] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  931.579465][T11847] loop6: detected capacity change from 0 to 164
[  935.551353][T11867] tipc: Resetting bearer <eth:team0>
[  935.579602][T11867] bridge_slave_0: left allmulticast mode
[  935.585617][T11867] bridge_slave_0: left promiscuous mode
[  935.592874][T11867] bridge0: port 1(bridge_slave_0) entered disabled state
[  935.738654][T11867] bridge_slave_1: left allmulticast mode
[  935.746607][T11867] bridge_slave_1: left promiscuous mode
[  935.753774][T11867] bridge0: port 2(bridge_slave_1) entered disabled state
[  935.791860][T11696] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  935.918450][T11861] loop8: detected capacity change from 0 to 2048
[  936.009441][T11696] usb 5-1: Using ep0 maxpacket: 8
[  936.061058][T11867] bond0: (slave bond_slave_0): Releasing backup interface
[  936.264455][T11696] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  936.273407][T11696] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  936.283752][T11696] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  936.294058][T11696] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  936.304450][T11696] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  936.318084][T11696] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  936.327794][T11696] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  936.533557][T11867] bond0: (slave bond_slave_1): Releasing backup interface
[  936.618379][T11878] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  936.808135][T11867] team0: Port device team_slave_0 removed
[  937.061966][T11867] team0: Port device team_slave_1 removed
[  937.078497][T11867] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  937.086851][T11867] batman_adv: batadv0: Removing interface: batadv_slave_0
[  937.190626][T11696] usb 5-1: GET_CAPABILITIES returned 2f
[  937.196768][T11696] usbtmc 5-1:16.0: can't read capabilities
[  937.261122][T11878] NILFS (loop8): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  937.274332][T11878] NILFS error (device loop8): nilfs_bmap_propagate: broken bmap (inode number=4)
[  937.337959][T11867] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  937.346454][T11867] batman_adv: batadv0: Removing interface: batadv_slave_1
[  937.482116][T11696] usb 5-1: USB disconnect, device number 7
[  937.529337][T11878] Remounting filesystem read-only
[  937.538212][T11867] team0: Port device vlan0 removed
[  937.971200][T11874] team0: Mode changed to "activebackup"
[  937.980429][T11882] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  946.291150][T11914] cgroup: fork rejected by pids controller in /syz6
[  950.164632][T10331] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  950.362865][T10331] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  950.568742][T10331] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  950.867058][T10331] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  952.931452][T11970] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1765'.
[  953.975250][T10331] bond0 (unregistering): Released all slaves
[  954.413135][T10331] tipc: Disabling bearer <eth:team0>
[  954.478340][T10331] tipc: Left network mode
[  955.278124][T10331] hsr_slave_0: left promiscuous mode
[  955.354553][T10331] hsr_slave_1: left promiscuous mode
[  955.430512][T10331] veth1_macvtap: left promiscuous mode
[  955.436485][T10331] veth0_macvtap: left promiscuous mode
[  955.442572][T10331] veth1_vlan: left promiscuous mode
[  960.172818][ T5897] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  960.471620][ T5897] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  960.481837][ T5897] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  960.495505][ T5897] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  960.505073][ T5897] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  960.948589][ T5897] usb 8-1: usb_control_msg returned -32
[  960.955236][ T5897] usbtmc 8-1:16.0: can't read capabilities
[  963.232936][ T5897] usb 8-1: USB disconnect, device number 2
[  964.413519][T12034] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1777'.
[  965.843405][T11395] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  965.862417][T11395] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  965.880318][T11395] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  965.900515][T11395] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  965.965389][T11395] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  966.938830][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  966.945648][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  967.352896][T12050] chnl_net:caif_netlink_parms(): no params data found
[  968.018444][T11395] Bluetooth: hci2: command tx timeout
[  969.442971][T12050] bridge0: port 1(bridge_slave_0) entered blocking state
[  969.451432][T12050] bridge0: port 1(bridge_slave_0) entered disabled state
[  969.459481][T12050] bridge_slave_0: entered allmulticast mode
[  969.469163][T12050] bridge_slave_0: entered promiscuous mode
[  969.623081][T12050] bridge0: port 2(bridge_slave_1) entered blocking state
[  969.642826][T12050] bridge0: port 2(bridge_slave_1) entered disabled state
[  969.650824][T12050] bridge_slave_1: entered allmulticast mode
[  969.660878][T12050] bridge_slave_1: entered promiscuous mode
[  969.930230][T12085] netlink: 324 bytes leftover after parsing attributes in process `syz.8.1785'.
[  970.109302][T11395] Bluetooth: hci2: command tx timeout
[  970.179561][T12050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  970.202846][T12050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  970.657447][T12050] team0: Port device team_slave_0 added
[  970.735673][T12050] team0: Port device team_slave_1 added
[  971.297298][T12050] batman_adv: batadv0: Adding interface: batadv_slave_0
[  971.306511][T12050] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  971.334214][T12050] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  971.565215][T12050] batman_adv: batadv0: Adding interface: batadv_slave_1
[  971.576908][T12050] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  971.605101][T12050] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  971.960361][ T5897] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[  972.181551][T11395] Bluetooth: hci2: command tx timeout
[  972.253850][ T5897] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  972.264199][ T5897] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  972.277834][ T5897] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  972.287340][ T5897] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  972.432831][T12101] tmpfs: Bad value for 'mpol'
[  972.592293][T12050] hsr_slave_0: entered promiscuous mode
[  972.606047][T12050] hsr_slave_1: entered promiscuous mode
[  972.615805][ T5897] usb 8-1: usb_control_msg returned -32
[  972.621895][ T5897] usbtmc 8-1:16.0: can't read capabilities
[  974.263378][T11395] Bluetooth: hci2: command tx timeout
[  975.262759][T12050] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  975.315201][T12050] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  975.345642][T12050] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  975.380713][T12050] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  975.402088][   T24] usb 8-1: USB disconnect, device number 3
[  977.080359][T12050] 8021q: adding VLAN 0 to HW filter on device bond0
[  977.276592][T12050] 8021q: adding VLAN 0 to HW filter on device team0
[  977.417502][ T1027] bridge0: port 1(bridge_slave_0) entered blocking state
[  977.425224][ T1027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  977.598485][ T1027] bridge0: port 2(bridge_slave_1) entered blocking state
[  977.606203][ T1027] bridge0: port 2(bridge_slave_1) entered forwarding state
[  980.977512][T12050] 8021q: adding VLAN 0 to HW filter on device batadv0
[  981.060551][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  981.071130][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  981.080943][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  981.099501][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  981.111398][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  981.570615][T12155] netlink: 324 bytes leftover after parsing attributes in process `syz.9.1798'.
[  983.249587][T11395] Bluetooth: hci3: command tx timeout
[  985.299285][T11395] Bluetooth: hci3: command tx timeout
[  985.471613][T12152] chnl_net:caif_netlink_parms(): no params data found
[  987.179854][ T1925] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  987.367429][T12050] veth0_vlan: entered promiscuous mode
[  987.378515][T11395] Bluetooth: hci3: command tx timeout
[  987.478309][T12050] veth1_vlan: entered promiscuous mode
[  987.636931][ T1925] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  987.647263][ T1925] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  987.664456][ T1925] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  987.675362][ T1925] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  988.269236][ T1925] usb 9-1: usb_control_msg returned -32
[  988.275238][ T1925] usbtmc 9-1:16.0: can't read capabilities
[  988.313218][T12152] bridge0: port 1(bridge_slave_0) entered blocking state
[  988.320986][T12152] bridge0: port 1(bridge_slave_0) entered disabled state
[  988.329921][T12152] bridge_slave_0: entered allmulticast mode
[  988.340061][T12152] bridge_slave_0: entered promiscuous mode
[  988.500943][T12050] veth0_macvtap: entered promiscuous mode
[  988.576473][T12152] bridge0: port 2(bridge_slave_1) entered blocking state
[  988.584427][T12152] bridge0: port 2(bridge_slave_1) entered disabled state
[  988.592526][T12152] bridge_slave_1: entered allmulticast mode
[  988.785354][T12152] bridge_slave_1: entered promiscuous mode
[  988.858267][T12050] veth1_macvtap: entered promiscuous mode
[  989.335326][T12152] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  989.459513][T11395] Bluetooth: hci3: command tx timeout
[  989.463031][T12152] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  989.497738][T12050] batman_adv: batadv0: Interface activated: batadv_slave_0
[  989.549549][T12050] batman_adv: batadv0: Interface activated: batadv_slave_1
[  989.627308][T12050] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  989.636697][T12050] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  989.646187][T12050] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  989.655404][T12050] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  989.914369][T12152] team0: Port device team_slave_0 added
[  989.992744][T12152] team0: Port device team_slave_1 added
[  990.527140][T12152] batman_adv: batadv0: Adding interface: batadv_slave_0
[  990.534718][T12152] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  990.561551][T12152] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  990.848578][T12152] batman_adv: batadv0: Adding interface: batadv_slave_1
[  990.856666][T12152] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  990.883900][T12152] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  991.229717][   T24] usb 9-1: USB disconnect, device number 2
[  991.933233][T12152] hsr_slave_0: entered promiscuous mode
[  991.943985][T12152] hsr_slave_1: entered promiscuous mode
[  991.956093][T12152] debugfs: 'hsr0' already exists in 'hsr'
[  991.962375][T12152] Cannot create hsr debugfs directory
[  993.041843][T12213] netlink: 324 bytes leftover after parsing attributes in process `syz.7.1810'.
[  994.881219][T12223] tmpfs: Bad value for 'mpol'
[  995.669879][T11696] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  996.129823][T11696] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  996.141407][T11696] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  996.153118][T11696] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  996.167453][T11696] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  996.177072][T11696] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  997.089703][T12152] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  997.426579][T11696] usb 9-1: config 0 descriptor??
[  997.781633][T12152] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  998.150435][T11696] usbhid 9-1:0.0: can't add hid device: -71
[  998.157292][T11696] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  998.191902][T12152] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  998.384664][T11696] usb 9-1: USB disconnect, device number 3
[  998.522211][T12152] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1001.838810][T12152] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1002.126862][T12152] 8021q: adding VLAN 0 to HW filter on device team0
[ 1002.249003][ T1027] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.256617][ T1027] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1002.425242][ T1027] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.432968][ T1027] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1004.875473][ T4168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1004.883675][ T4168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1005.314009][ T3786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1005.322626][ T3786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1006.172809][T12152] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1007.025644][T12152] veth0_vlan: entered promiscuous mode
[ 1007.097962][T12287] tmpfs: Bad value for 'mpol'
[ 1007.262381][T12152] veth1_vlan: entered promiscuous mode
[ 1007.781807][T12152] veth0_macvtap: entered promiscuous mode
[ 1007.917030][T12152] veth1_macvtap: entered promiscuous mode
[ 1008.321527][T12152] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1008.480277][T12152] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1008.689283][T12152] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1008.698623][T12152] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1008.708046][T12152] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1008.717318][T12152] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1015.040821][T12347] tmpfs: Bad value for 'mpol'
[ 1016.005850][ T4168] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1016.233414][T12354] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1840'.
[ 1016.534068][ T4168] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1016.905544][ T4168] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1017.282944][ T4168] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1018.684359][ T4168] bridge_slave_1: left allmulticast mode
[ 1018.690588][ T4168] bridge_slave_1: left promiscuous mode
[ 1018.697534][ T4168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1018.831010][ T4168] bridge_slave_0: left allmulticast mode
[ 1018.837028][ T4168] bridge_slave_0: left promiscuous mode
[ 1018.844150][ T4168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1021.111034][ T4168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1021.271515][ T4168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1021.341709][ T4168] bond0 (unregistering): Released all slaves
[ 1021.499225][T12399] tmpfs: Bad value for 'mpol'
[ 1022.143980][ T4168] tipc: Left network mode
[ 1022.888357][T12410] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1854'.
[ 1023.263218][ T4168] hsr_slave_0: left promiscuous mode
[ 1023.329461][ T4168] hsr_slave_1: left promiscuous mode
[ 1023.340529][ T4168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1023.348345][ T4168] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1023.484419][ T4168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1023.498484][ T4168] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1023.729685][ T4168] veth1_vlan: left promiscuous mode
[ 1023.735479][ T4168] veth0_vlan: left promiscuous mode
[ 1024.563888][T12425] loop6: detected capacity change from 0 to 1024
[ 1024.842120][T12425] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1024.913463][   T24] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1025.449712][T12425] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[ 1025.469995][   T24] usb 9-1: too many configurations: 9, using maximum allowed: 8
[ 1025.582676][   T24] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1025.592146][   T24] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1025.603870][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1025.715389][   T24] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1025.724982][   T24] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1025.736587][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1025.906292][   T24] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1025.919911][   T24] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1025.932272][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1025.944624][ T4168] team0 (unregistering): Port device team_slave_1 removed
[ 1026.114443][ T4168] team0 (unregistering): Port device team_slave_0 removed
[ 1026.211156][T12050] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1026.373843][   T24] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1026.383534][   T24] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1026.394984][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1026.719316][   T24] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1026.728628][   T24] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1026.740334][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1026.842295][   T24] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1026.853601][   T24] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1026.865090][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1026.975494][   T24] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1026.985867][   T24] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1026.998172][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1027.396915][   T24] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1027.406529][   T24] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1027.418077][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1027.538054][ T4247] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1027.547304][ T4247] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1027.924930][ T3786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1027.933182][ T3786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1028.139559][   T24] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1028.149181][   T24] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1028.157820][   T24] usb 9-1: Product: syz
[ 1028.166787][   T24] usb 9-1: Manufacturer: syz
[ 1028.372094][   T24] usb 9-1: config 0 descriptor??
[ 1028.373728][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1028.384109][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1028.480836][   T24] usb 9-1: can't set config #0, error -71
[ 1028.578689][   T24] usb 9-1: USB disconnect, device number 4
[ 1030.736098][T12469] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7
[ 1031.223848][T12469] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1866'.
[ 1031.233303][T12469] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1866'.
[ 1032.225804][T12484] loop6: detected capacity change from 0 to 1024
[ 1032.573184][T12484] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1033.120481][T12484] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[ 1033.651049][T12050] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1035.547869][T12524] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input8
[ 1035.578048][   T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1035.830181][   T24] usb 7-1: Using ep0 maxpacket: 32
[ 1035.943029][   T24] usb 7-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1035.952842][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1035.961360][   T24] usb 7-1: Product: syz
[ 1035.965801][   T24] usb 7-1: Manufacturer: syz
[ 1035.970934][   T24] usb 7-1: SerialNumber: syz
[ 1036.090086][   T24] usb 7-1: config 0 descriptor??
[ 1036.184637][   T24] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1037.903469][   T24] gspca_ov534_9: reg_r err -71
[ 1038.159432][   T24] gspca_ov534_9: Unknown sensor 0000
[ 1038.159917][   T24] ov534_9 7-1:0.0: probe with driver ov534_9 failed with error -22
[ 1038.314848][   T24] usb 7-1: USB disconnect, device number 4
[ 1040.196034][T12551] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1040.229302][T12551] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1041.330157][T12548] netlink: 'syz.8.1888': attribute type 10 has an invalid length.
[ 1041.345967][T12548] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1041.360634][T12548] team0: Port device bond0 added
[ 1041.965641][T12557] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1888'.
[ 1042.457254][T12557] team0 (unregistering): Port device team_slave_0 removed
[ 1042.630937][T12563] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1890'.
[ 1042.745291][T12557] team0 (unregistering): Port device team_slave_1 removed
[ 1042.782015][T12557] team0 (unregistering): Port device bond0 removed
[ 1045.051663][T12574] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input9
[ 1046.291314][T12587] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1896'.
[ 1047.699656][   T24] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1047.864744][T12605] loop7: detected capacity change from 0 to 2048
[ 1047.899850][   T24] usb 10-1: Using ep0 maxpacket: 32
[ 1048.046828][T12605]  loop7: p1 < > p4
[ 1048.084989][T12605] loop7: p4 size 8388608 extends beyond EOD, truncated
[ 1048.143953][   T24] usb 10-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1048.153994][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1048.162582][   T24] usb 10-1: Product: syz
[ 1048.167092][   T24] usb 10-1: Manufacturer: syz
[ 1048.173523][   T24] usb 10-1: SerialNumber: syz
[ 1048.373618][   T24] usb 10-1: config 0 descriptor??
[ 1048.452488][   T24] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1049.015061][ T8090] udevd[8090]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[ 1049.064673][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory
[ 1049.424861][ T5897] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1050.822462][   T24] gspca_ov534_9: reg_w failed -110
[ 1051.141624][   T24] gspca_ov534_9: Unknown sensor 0000
[ 1051.142102][   T24] ov534_9 10-1:0.0: probe with driver ov534_9 failed with error -22
[ 1051.252408][ T5897] usb 7-1: Using ep0 maxpacket: 8
[ 1051.268242][ T5897] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1051.286088][ T5897] usb 7-1: config 4 interface 0 has no altsetting 0
[ 1053.313101][ T5897] usb 7-1: string descriptor 0 read error: -71
[ 1053.320164][ T5897] usb 7-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[ 1053.329691][ T5897] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[ 1053.368244][ T5897] usb 7-1: can't set config #4, error -71
[ 1053.785720][   T24] usb 10-1: USB disconnect, device number 5
[ 1054.139320][T12642] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1911'.
[ 1054.342689][ T5897] usb 7-1: USB disconnect, device number 5
[ 1056.568333][T12651] loop0: detected capacity change from 0 to 2048
[ 1056.781761][T12651]  loop0: p1 < > p4
[ 1056.829470][T12651] loop0: p4 size 8388608 extends beyond EOD, truncated
[ 1056.971226][ T5170]  loop0: p1 < > p4
[ 1057.004067][ T5170] loop0: p4 size 8388608 extends beyond EOD, truncated
[ 1057.993480][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[ 1058.105555][ T7952] udevd[7952]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[ 1058.290943][   T24] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1058.536422][   T24] usb 9-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a
[ 1058.546228][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1058.691519][   T24] usb 9-1: config 0 descriptor??
[ 1058.755390][   T24] gspca_main: sn9c2028-2.14.0 probing 0c45:8001
[ 1058.979798][ T7952] udevd[7952]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[ 1059.056558][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[ 1059.216261][   T24] gspca_sn9c2028: read1 error -71
[ 1059.235849][   T24] gspca_sn9c2028: read1 error -71
[ 1059.243530][   T24] sn9c2028 9-1:0.0: probe with driver sn9c2028 failed with error -71
[ 1059.328671][   T24] usb 9-1: USB disconnect, device number 5
[ 1061.356133][T12702] vlan2: entered promiscuous mode
[ 1061.361843][T12702] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[ 1061.371621][T12702] vlan2: entered allmulticast mode
[ 1061.379661][T12702] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[ 1062.460910][T12711] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1062.490656][T12711] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1067.597686][   T30] audit: type=1804 audit(1753771316.498:45): pid=12741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1939" name="/newroot/19/file0" dev="tmpfs" ino=115 res=1 errno=0
[ 1070.869312][ T5897] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1071.069304][ T5897] usb 8-1: Using ep0 maxpacket: 8
[ 1071.127205][ T5897] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1071.138998][ T5897] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1071.149232][ T5897] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1071.159375][ T5897] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[ 1071.171020][ T5897] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1071.181575][ T5897] usb 8-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1071.194543][ T5897] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1071.538715][ T5897] usb 8-1: config 0 descriptor??
[ 1071.549973][T12740] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1071.635564][ T5897] usb 8-1: can't set config #0, error -71
[ 1071.670924][ T5897] usb 8-1: USB disconnect, device number 4
[ 1072.865814][T12765] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1072.883471][T12765] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1074.463266][T12770] loop6: detected capacity change from 0 to 2048
[ 1074.703786][T12770]  loop6: p1 < > p4
[ 1074.903744][T12770] loop6: p4 size 8388608 extends beyond EOD, truncated
[ 1076.846651][T12782] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1076.854886][T12782] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1077.096057][T12782] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1077.104212][T12782] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1077.455874][ T5170]  loop6: p1 < > p4
[ 1077.523260][ T5170] loop6: p4 size 8388608 extends beyond EOD, truncated
[ 1077.662226][T12784] netlink: 'syz.7.1951': attribute type 1 has an invalid length.
[ 1077.994550][T12784] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1079.469332][ T7952] udevd[7952]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[ 1079.521030][ T7948] udevd[7948]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[ 1080.090727][T12793] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1953'.
[ 1080.262887][T12798] netlink: 324 bytes leftover after parsing attributes in process `syz.7.1956'.
[ 1082.146018][T12823] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1082.154172][T12823] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1082.184921][T12823] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1082.194859][T12823] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1083.326716][T12841] netlink: 324 bytes leftover after parsing attributes in process `syz.8.1970'.
[ 1086.250032][T12883] netlink: 324 bytes leftover after parsing attributes in process `syz.6.1986'.
[ 1086.561113][T12889] syz.0.1987 (12889): /proc/12886/oom_adj is deprecated, please use /proc/12886/oom_score_adj instead.
[ 1086.741616][ T8597] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1087.194508][ T8597] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1087.268680][ T8597] usb 8-1: config 66 has 1 interface, different from the descriptor's value: 2
[ 1087.278389][ T8597] usb 8-1: config 66 interface 0 altsetting 16 bulk endpoint 0x7 has invalid maxpacket 16
[ 1087.289046][ T8597] usb 8-1: config 66 interface 0 has no altsetting 1
[ 1087.387228][ T8597] usb 8-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=a4.95
[ 1087.396830][ T8597] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1087.405421][ T8597] usb 8-1: Product: syz
[ 1087.410001][ T8597] usb 8-1: Manufacturer: syz
[ 1087.414937][ T8597] usb 8-1: SerialNumber: syz
[ 1087.485277][T12890] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1088.092887][ T8597] ati_remote2 8-1:66.0: ati_remote2_probe(): interface 0 must have an endpoint
[ 1088.206450][ T8597] usb 8-1: USB disconnect, device number 5
[ 1088.239396][ T5897] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1088.544626][ T5897] usb 7-1: Using ep0 maxpacket: 32
[ 1088.630270][ T5897] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1088.640088][ T5897] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1088.869495][ T5897] usb 7-1: config 0 descriptor??
[ 1089.428957][ T5897] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1089.580561][ T5897] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1089.650499][T12898] =====================================================
[ 1089.657907][T12898] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120
[ 1089.665827][T12898]  _copy_to_user+0xcc/0x120
[ 1089.670834][T12898]  i2cdev_ioctl_smbus+0x586/0x660
[ 1089.676312][T12898]  i2cdev_ioctl+0xa14/0xf40
[ 1089.681266][T12898]  __se_sys_ioctl+0x23c/0x400
[ 1089.686421][T12898]  __x64_sys_ioctl+0x97/0xe0
[ 1089.691523][T12898]  x64_sys_call+0x1cbc/0x3e20
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1089.696705][T12898]  do_syscall_64+0xd9/0x210
[ 1089.701916][T12898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1089.708717][T12898] 
[ 1089.711345][T12898] Uninit was stored to memory at:
[ 1089.716726][T12898]  __i2c_smbus_xfer+0x254d/0x2f60
[ 1089.722311][T12898]  i2c_smbus_xfer+0x31d/0x4d0
[ 1089.727253][T12898]  i2cdev_ioctl_smbus+0x4a1/0x660
[ 1089.732757][T12898]  i2cdev_ioctl+0xa14/0xf40
[ 1089.737566][T12898]  __se_sys_ioctl+0x23c/0x400
[ 1089.745360][T12898]  __x64_sys_ioctl+0x97/0xe0
[ 1089.753879][T12898]  x64_sys_call+0x1cbc/0x3e20
[ 1089.759325][T12898]  do_syscall_64+0xd9/0x210
[ 1089.764103][T12898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1089.814576][T12898] 
[ 1089.817294][T12898] Local variable msgbuf1.i created at:
[ 1089.823070][T12898]  __i2c_smbus_xfer+0x86a/0x2f60
[ 1089.828288][T12898]  i2c_smbus_xfer+0x31d/0x4d0
[ 1089.833486][T12898] 
[ 1089.835994][T12898] Bytes 0-1 of 2 are uninitialized
[ 1089.841749][T12898] Memory access of size 2 starts at ffff8881193e3d06
[ 1089.848894][T12898] Data copied to user address 0000200000000040
[ 1089.855258][T12898] 
[ 1089.857806][T12898] CPU: 0 UID: 0 PID: 12898 Comm: syz.6.1991 Tainted: G        W           6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(none) 
[ 1089.871699][T12898] Tainted: [W]=WARN
[ 1089.875702][T12898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1089.886247][T12898] =====================================================
[ 1089.893928][T12898] Disabling lock debugging due to kernel taint
[ 1089.901464][T12898] Kernel panic - not syncing: kmsan.panic set ...
[ 1089.908095][T12898] CPU: 0 UID: 0 PID: 12898 Comm: syz.6.1991 Tainted: G    B   W           6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(none) 
[ 1089.921679][T12898] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 1089.926930][T12898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1089.937195][T12898] Call Trace:
[ 1089.940619][T12898]  <TASK>
[ 1089.943698][T12898]  __dump_stack+0x26/0x30
[ 1089.948302][T12898]  dump_stack_lvl+0x53/0x270
[ 1089.953152][T12898]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1089.959212][T12898]  dump_stack+0x1e/0x25
[ 1089.963608][T12898]  panic+0x4bd/0xd50
[ 1089.967833][T12898]  kmsan_report+0x31c/0x320
[ 1089.972586][T12898]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1089.979234][T12898]  ? kmsan_internal_check_memory+0x1e1/0x230
[ 1089.985495][T12898]  ? kmsan_copy_to_user+0xf1/0x190
[ 1089.990815][T12898]  ? _copy_to_user+0xcc/0x120
[ 1089.995705][T12898]  ? i2cdev_ioctl_smbus+0x586/0x660
[ 1090.001131][T12898]  ? i2cdev_ioctl+0xa14/0xf40
[ 1090.006034][T12898]  ? __se_sys_ioctl+0x23c/0x400
[ 1090.011144][T12898]  ? __x64_sys_ioctl+0x97/0xe0
[ 1090.016146][T12898]  ? x64_sys_call+0x1cbc/0x3e20
[ 1090.021226][T12898]  ? do_syscall_64+0xd9/0x210
[ 1090.026105][T12898]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1090.032401][T12898]  ? __pfx_az6027_i2c_xfer+0x10/0x10
[ 1090.037950][T12898]  ? __i2c_transfer+0x11cd/0x3110
[ 1090.043211][T12898]  ? kmsan_get_metadata+0xfb/0x160
[ 1090.048552][T12898]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1090.055188][T12898]  ? kmsan_get_metadata+0xfb/0x160
[ 1090.060503][T12898]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1090.066514][T12898]  ? __i2c_smbus_xfer+0x1e93/0x2f60
[ 1090.071921][T12898]  ? kmsan_get_metadata+0xfb/0x160
[ 1090.077235][T12898]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1090.083253][T12898]  kmsan_internal_check_memory+0x1e1/0x230
[ 1090.089336][T12898]  kmsan_copy_to_user+0xf1/0x190
[ 1090.094471][T12898]  _copy_to_user+0xcc/0x120
[ 1090.099217][T12898]  i2cdev_ioctl_smbus+0x586/0x660
[ 1090.104498][T12898]  i2cdev_ioctl+0xa14/0xf40
[ 1090.109257][T12898]  ? kmsan_report+0x2a9/0x320
[ 1090.114119][T12898]  ? __pfx_i2cdev_ioctl+0x10/0x10
[ 1090.119408][T12898]  __se_sys_ioctl+0x23c/0x400
[ 1090.124355][T12898]  __x64_sys_ioctl+0x97/0xe0
[ 1090.129232][T12898]  x64_sys_call+0x1cbc/0x3e20
[ 1090.134146][T12898]  do_syscall_64+0xd9/0x210
[ 1090.138899][T12898]  ? clear_bhb_loop+0x40/0x90
[ 1090.143791][T12898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1090.149969][T12898] RIP: 0033:0x7f4683b8e9a9
[ 1090.154550][T12898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1090.174400][T12898] RSP: 002b:00007f468491e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1090.183033][T12898] RAX: ffffffffffffffda RBX: 00007f4683db5fa0 RCX: 00007f4683b8e9a9
[ 1090.191180][T12898] RDX: 0000200000000180 RSI: 0000000000000720 RDI: 0000000000000004
[ 1090.199315][T12898] RBP: 00007f4683c10d69 R08: 0000000000000000 R09: 0000000000000000
[ 1090.207443][T12898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1090.215580][T12898] R13: 0000000000000000 R14: 00007f4683db5fa0 R15: 00007ffe66f751a8
[ 1090.223789][T12898]  </TASK>
[ 1090.227357][T12898] Kernel Offset: disabled
[ 1090.231792][T12898] Rebooting in 86400 seconds..