last executing test programs:

19m3.282637025s ago: executing program 2 (id=3):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x400)
ioctl$SG_IO(r3, 0x2285, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r4, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

18m47.563565437s ago: executing program 32 (id=3):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x400)
ioctl$SG_IO(r3, 0x2285, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r4, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

16m22.035699723s ago: executing program 3 (id=323):
r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
sysinfo(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x20001, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000980)={0x1, @pix_mp={0x8d2, 0x0, 0x34343452, 0x0, 0x4, [{0x0, 0xfffffffd}, {0x0, 0x7}, {0x0, 0x80000}, {0xffff8002}, {0x7}, {}, {0x0, 0x1}]}})

16m19.375091357s ago: executing program 3 (id=328):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
r4 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x891c, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f00000001c0)={0x2})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

16m14.659528103s ago: executing program 3 (id=342):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x2)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0xfffffffffffffff5, 0xffffffffffffffff, {0x0, 0x0, 0x0, 0x8, 0x80002, 0x5, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x4, 0x0, 0x6000, 0xd, 0x0, 0x0, 0x800000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x3, {0x5, 0x0, 0xd04, 0xfffffffffffffffc, 0x0, 0x100000, {0x0, 0x8, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x4, 0x4, 0x4, 0x2000, 0x101, r2, r3, 0xf0ee, 0xffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
open(&(0x7f00000001c0)='./file0/file0\x00', 0x1802, 0x40)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x92, 0x5, 0x6, 0x4}, 0x3a, [0x8000, 0x2c95a, 0xf, 0x8, 0x80, 0x1, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x8, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x5, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x0, 0x40, 0x4, 0x4, 0x7, 0x3, 0x8, 0x4c75, 0x80000000, 0x2, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x40017, 0x0, 0x7, 0x5, 0x3e, 0x3, 0x9, 0xffff, 0x0, 0x6, 0x1ff, 0x8008, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e6, 0x40c8, 0xf9, 0xe, 0x82c0, 0x6c7, 0x8, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x5, 0xea4, 0x0, 0xb94, 0x7, 0x7fff, 0x1c000, 0x3fe, 0x403, 0x200006, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0x2d, 0x4e2, 0x5, 0x4, 0xb, 0x2000004, 0x9, 0x80000001, 0x9, 0x6, 0x47, 0x8200, 0x1, 0xfe000000, 0x8, 0xffffffff, 0x4, 0x4, 0x3, 0x50, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x407, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0xa2, 0x8000, 0x0, 0x5, 0xb, 0x5, 0x5, 0x5, 0x4000000, 0x1eb, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0xfffffffe, 0x3, 0x20000008, 0x4, 0x6d01, 0x2, 0x38, 0x800083, 0x200, 0x80, 0x3, 0x8000004, 0x10001, 0x1000, 0xa2, 0x7, 0xa9, 0x4005, 0x6, 0x8, 0xca, 0x1ff, 0x3, 0x7ff, 0xbe, 0x4, 0x7, 0xe, 0x0, 0x5, 0x1c, 0x8, 0x4, 0x8, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x2, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x9, 0x1, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x6, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xffffffd9, 0xfffff000, 0x10010000, 0x0, 0x7e, 0x9, 0x9602, 0x40047, 0xaf, 0x5, 0x6, 0x227, 0x2, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf3c, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x1, 0xb1e, 0xd7, 0x201, 0xffff3441, 0x4]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

16m14.228178317s ago: executing program 3 (id=343):
socket$nl_netfilter(0x10, 0x3, 0xc)
inotify_init()
openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
timerfd_create(0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x6, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x5, 0x0, 0x7fffffff, 0x3fb}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

16m13.228117512s ago: executing program 3 (id=346):
semop(0x0, &(0x7f0000000080)=[{0x1, 0x5b7a, 0x800}], 0x1)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08006, &(0x7f0000000100)=ANY=[@ANYRES32=0x0], 0x1, 0x687, &(0x7f0000000fc0)="$eJzs3c1vHGcdB/DvrNeOHaTUfUlaUCWsRioIi8QvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVAvN+5dA/oBx8QOICEvdIReKAgFvFzeKAKiFx6cm3oJmdtdfxS9Ybv8Tw+Viz+8w8r/PbmWd3dmVNgP9bc+NpPkiRufE31sr1zY3p1ubG9IU6u5WkTDeSZvspxVJSfJzcSHvJ58uNdfnioH4+XJy9+clnm5+215r1UpVvHFavN+v1krEkA/XzXoN9tXfrwPYON7+dKrb3sAzY1U7g4Kw93GP9KNWf8LwFngZF+31zj9HkYpLh+nNA6tmhcbqjO35HmuUAAADgnHpmK1tZy6WzHgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJ/X9/4t6aXTSYyk69/8fqrelTt9snPGYn8SDsx4AAAAAAAAAAByDL25lK2u5lPrH/YftX/ZfqR5fqB4/l/eykoUs51rWMp/VrGY5k0lGuxoaWptfXV2e7KHm1L41p/ob/+/7qwYAAAAAAAAA/2t+mrn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1vNBJj6bRTDKcZKgst578vZM+J4r9Nj44/XEAAADAExnuo84zW9nKWi511h8W1TX/lep6eTjvZSmrWcxqWlnI7foaurzqb2xuTLc2N6bvb25MVx1//2Fbu51v/udIw6haTPu7h/17fqkqMZI7Way2XMutajC306hqll6qx7O97O7kJ+WYRl6v9Tiy2/Vz2dmvD/oW4Tg0jlphtKo0uB2RiXpsZUPPHh6Jx746zUN7mkxj+5ufFw7pqbNLxRFjfrFTL8kvH4n56//67fd6bOYEbEeikSoSU11H35XDY5586Y+/e+tua+ne3Tsr4yd2GJ2WR4+J6a5IvHiuI9E8YvmJKhKXt9fn8u18N+MZy5tZzmJ+kPmsZiH1zJj5+nguH0e7opTsidSNXWtvPm4kQ/Xr0p5FexnTWC5Uqfm8UtW9lMUUeSe3s5DXqr+pTOZrmclMZrte4csHvsLVvlUzbeNoZ/3VL2fnVP9VOVP3Vi/5c68Fj679llrG9dmuuHbPuaNVXveWnSg918P70RHnxuYX6kTZx8/6eds4MY9GYrIrEs8fHonfVOfGSmvp3vLd+XcPaH/9kfVXB3fSv+jrnfmkpp7yeHkuw/VMsvvoKPOe355ldsdrqP7FpZ3X2JN3ucoris6Z+p19ztQy4rNV6Sv7tjRV5b24N2+gHvk//tmVt+vzVt756wkFDIDjdfErF4dG/j3yt5GPRn4+cnfkjeFvXfj6hZeHMvinwW80JwZebbxc/CEf5Uc71/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/Vt7/4N58q7WwvH+icXDW8SaK+rY8B5VpZiSnMIzTTBTJ+rG3nLPfrx4SnZsIPmk7b914KnbnXCcGktRbfpzsHD/1S9TPzUWBc+H66v13r6+8/8FXF+/Pv73w9sLS4MzM7MTszGvT1+8sthYm2o9nPUrgJOx8HuixwuAJDwgAAAAAAAAAAAB4rP3+MeAvx/yfBl3djZ3hrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1Nx4moMpMjlxbaJc39yYbpVLJ71Tspmk0UiKHybFx8mNtJeMdjVXHNTPh4uzNz/5bPPTnbaanfKNw+r1Zr1eMpZkoH7eY6i/9m4d1F7Piu09LAN2tRM4OGv/DQAA//+iHAcm")
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x2810)
syz_open_dev$video4linux(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmsg$can_j1939(r3, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x81)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)

16m11.481839335s ago: executing program 3 (id=351):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r3 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2)
ftruncate(r3, 0x1000006)
fcntl$addseals(r3, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000000)={r3, 0x0, 0x0, 0x1000000})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

15m56.274269483s ago: executing program 33 (id=351):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r3 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2)
ftruncate(r3, 0x1000006)
fcntl$addseals(r3, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000000)={r3, 0x0, 0x0, 0x1000000})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

12m37.510896828s ago: executing program 5 (id=787):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, 0x0, 0x5, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000100)={0x28, 0x7, r4, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r4, 0x0, <r5=>0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r3, 0x3ba0, &(0x7f0000000540)={0x48, 0x8, r5, 0x0, 0x7a6, 0xffe7, &(0x7f0000000500)="0ec67ba17264d20f00000000000000", 0x4})

12m35.754824084s ago: executing program 5 (id=791):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x80}}, 0x0)
sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0x0)

12m34.208062859s ago: executing program 5 (id=793):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000083c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000100)={0x50, 0x0, r5, {0x7, 0x1f, 0x0, 0x8000}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dedb505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d5e02bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdc9e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705079f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff759fc677a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e402b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10fd534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb75bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eec747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0xfffffffffffffffc, {0x0, 0xe}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
ioctl$BLKBSZSET(r6, 0x40081271, 0x0)

12m32.452967712s ago: executing program 5 (id=796):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

12m30.47227594s ago: executing program 5 (id=798):
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0x20000014})
close_range(r2, r3, 0x0)

12m28.224467923s ago: executing program 5 (id=803):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0xa, 0x0)
read$msr(r0, &(0x7f0000002240)=""/102400, 0x19000)
open(0x0, 0x8800, 0x0)
syz_clone(0x52a1d600, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

12m12.558438213s ago: executing program 34 (id=803):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0xa, 0x0)
read$msr(r0, &(0x7f0000002240)=""/102400, 0x19000)
open(0x0, 0x8800, 0x0)
syz_clone(0x52a1d600, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

10m37.460222624s ago: executing program 0 (id=977):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
write$usbip_server(0xffffffffffffffff, 0x0, 0xea)
r1 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r1, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)

10m36.902210318s ago: executing program 0 (id=980):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000002c0)={0x2, 0x1, 0x4, 0x0, 0xfd})
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000011c0)={0x0, 0x1c, 0x2, {0x1, @pix_mp={0x10, 0x5, 0x43564548, 0x1, 0x4, [{0x5, 0x5}, {0xffff, 0x929}, {0xffffffff, 0x81}, {0x6, 0x5}, {0x1ff, 0x5}, {0x1ff, 0x800}, {0x6, 0x2}, {0xf4d, 0x400}], 0x5d, 0x2, 0x0, 0x1, 0x3}}, 0x6})

10m35.576118528s ago: executing program 0 (id=982):
r0 = semget$private(0x0, 0x6, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000))
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x530, &(0x7f0000001e00)="$eJzs3cFvW0kZAPDvOXGSZtNNF/YACNiyLBRU1Unc3Wi1F7oXEFqthFhx4tANiTeKYtdR7IpN6CE9cq9EJQ4I+A+4cUDqiQM3bnDjUg5IBSpQg8TB6D2/pG5iJ6Z14ib+/aQXv5l59TcTd2b8JrIngJF1OSJ2ImIiIj6OiNk8P8mPuNE+0uuePL6zvPv4znISrdZH/0iy8jQvOv5N6pX8Oaci4vvfifhRcjhuY2t7falarWzm6blmbWOusbV9ba2Q55QXFxbn373+TnlgbX2j9ptH31774Ae/++2XHv5x55s/Sas189OLWVlnOwap3fRizHTkjUfEBycRbEjG8/8/nD1pb/tMRLyZ9f/ZGMteTQDgPGu1ZqM125kGAM679P5/JpJCKV8LmIlCoVRqr+G9HtOFar3RvDpbv31rJbI1rEtRLHyyVq3M52uFl6KYpOmF7PxpuvxM+l7lekS8FhH3Ji9k5aXlenVlmG98AGCEvXJg/v/3ZHv+71QcVuUAgJMzNewKAACnzvwPAKPH/A8Ao+f/mP99OhAAzgn3/wAwesz/ADB6jp3/755OPQCAU/G9Dz9Mj9Zu+/uv976p+9pKpbFeqt1eLi3XNzdKq/X6arVSWm61jnu+ar2+sfD2frKxtX2zVr99q3lzrba0WrlZ8V0CADB8r73x4M/ppL/z3oXsiI69HMzVcL4Vhl0BYGjGhl0BYGh8ngdGVx/3+JYB4JzrskVvW75AkPS64L7NX+GsuvJ56/8wql5k/d/aAZxtz7f+/62B1wM4fX3P4ZMnWw/g9LVaiT3/AWDEWOMHev79P9fzK0LuD74uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFbMZEdSKGV7ge+kPwulUsTFiLgUxeSTtWplPiJejYg/TRYn0/TCsCsNALygwt+SfP+vK7NvzRwsnUj+k+38PRERP/75Rz/7dKnZ3FxI8/+5n9+8n+ZfaG6WJ4bRAACg043DWdn8Xc4fO27knzy+s7x3nGYVH73f3lw0jbubH+2S8RjPHqeiGBHT/0rydFv6fmVsAPF37kbE5/baPxWfdkSYydZA2jufHoyfxr448Pidv/+D8QvPtLeQlaWPxex38dk4UDngWA/eb4+Ted9Lu3je/wpxOXvs3v+nshHqxaXjX9pddw+Nf4X98W/sUPwk6/OX99NH1+TR27//7qHM1my77G7EF8a7xU/24yfdx9/iW3228S9f/PKbvcpav4y40rX9eztS17Jhdq5Z25hrbG1fW6strVZWK7fK5cWFxfl3r79TnsvWqNs//9Atxt/fu/pqr/hp+6d7xJ86uv3xtT7b/6v/fvzDrxwR/xtf7f76v35E/HRO/Hqf8Zemb/TcvjuNv9Kj/ce8/nG1z/gP/7q90uelAMApaGxtry9Vq5XNY07S95rHXeOk/5P03v4lqEZ2EjsRg3rCbFEiIrpek76jfjmafFInydCi/3rQTzjskQk4aU87/bBrAgAAAAAAAAAAAAAA9NLY2l6f7P5prWdPfvH8HxEbdhsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4v/4XAAD//+1nxAQ=")
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000002240)=""/237, 0xed, 0x4eb)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x8004587d, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x3, 0x40, 0x0, 0x7ff})
semtimedop(r0, &(0x7f0000001140)=[{0x1, 0xfffd, 0x1000}], 0x1, 0x0)
semop(r0, &(0x7f0000000000)=[{0x0, 0xe2a, 0x800}], 0x1)

10m34.271432503s ago: executing program 0 (id=985):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
listen(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000100)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r2, 0x3b88, &(0x7f0000000000)={0xc, r3})
ioctl$IOMMU_VFIO_SET_IOMMU(r2, 0x3b66, 0x1)

10m31.132572109s ago: executing program 0 (id=990):
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_mount_image$hfsplus(&(0x7f0000001cc0), &(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x44, &(0x7f0000000200)=ANY=[@ANYBLOB='umask=00000000000000000000000,decompose,nls=cp932,uid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f626172726965722c0000000000000b9c00000030303030303030c8f71132e94930303030342c00"], 0x20, 0x6e3, &(0x7f00000003c0)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsZ3EibM47rrPR3p+v+f3+/N9X//es/3SygF8ai28EROtSGLh4uub6fajrUbz0VZjpShHxGRElCIqnVUkqxHJRxHXorPEZ9Mn8+6S/cZ57fGH7114+EGjs1XJl6x+aVC7He0BI7TyJWYiopyvh1TZr78be/T3YKiuk+2404SdLxIH49bepTVM80Oct8DT7kFEeWKP5+sRpyJiKv8cEPnVoXTC4R27oa5yAAAA8HQqH1Th+SfxJDZj+mTCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGdD0vnNwCRfSkV5JpL89/+/n1fLVKvjDfcAXz5g/7u3TigQAAAAAAAAADh+EzvFc0/iSWzGdLHdTrK/+b+SbZzOHp+Lt2M9lmItLsVmLMZGbMRazEVMTHf1Wd1c3NhYm9vd8jeRtmy32w/ylvMRUd/Vcn7ExwwAAAAAAAAAz7afxkJMjzsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADolkSUO6tsOV2U61GqRMRURFTTeq2IvxTlT7K/jjsAAAAAGL1avp5O/tcptJPsO/9L2ff+qXg7VmMjlmMjmrEUN7N7AZ1v/aV/thrNR1uNlXTZ3fG3/j1UHFmPEVGOd/YZeTarcWa7xUJ8N34QF2MmrsdaLMePYjE2YilmopYeRCxGEvVa5+5FvYizN95y3tW1nlCu98d2rm/7bBZJLW7FchbbpbhRLXorZTWSONs12p+qEX0ZeifNTvLN3CFzdLPr9fp1fl8m137+kH2MRj078ontjMymuc+z8cLeuS8MOU/6R5qL0vY9qNM7o6Sb/SMVOf/hMDk/la/TXP+iN+fHbchbaf2ZmI9SPvsiXurN+d0vPHyxt/GX/vW367dLq3du31q/OMJDGqmJotCfiUZXJl4ePPvyTDTTTLQOn4mJ/iemPsZxHKNqno3Ohe1wV8vvZKXFeKVrCr4VN2MprsRszMXVmI2vx3w0embYmZ68VhorvTnJzrXS7utbbUDw57/YVemXB1Q+WWleXujKayG90tWzffnsu/armO3K0ouDZ99R3gUqn8sL6Rg/64lm3HoykV+bi+iKN6h9MvHbdvq43ly9s3Z78e7204Pf1S7k6/S0fbf32vy7YzmgI0vnS3rFrWRbWU5qxTtjuu8z29H25qua/8Wl0660a9+Z7X31mI7l+N6+Z2o1/wy3u6fOvpf33NfI9p3t2tfzKSfeimb2KaTPzMlkFYBDO/XqqWrtce0ftfdrP6/drr0+9e3Jq5Ofr8bE3yt/Lv+h9PvSN5JX4/34SUyPO1IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgWrN+7f2ex2VxaG2GhesSxonRgna3nDtdh1CMGj5Xkheqos/EUFP4zNTAbtRjR6H+MiAF1qh97iGT08zmdyMfSYfHDadkz7fIQzStFq73rVGJ9ar9XcHLndY/6ncXmf9s9dWrRdcoAz7jLGyt3L6/fu/+V5ZXFN5feXFqdv3rl6pXG1+a+evnWcnNptvM47iiBUVi/d7887hgAAAAAAAAAAACA4eT/+n/jyP+ZoXJAnera+t4jnzvpQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+oRbeiIlWJDE3e2k23X601WimS1HeqVmJiFJEJD+OSD6KuBadJepd3SX7jfPa4w/fu/Dwg8ZOX5WifmlQu8Np5UvMREQ5Xx9sco9uYq2/vxtd/bWOFF6yfYRpws4XiYNx+38AAAD//6IW9NQ=")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x1b0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x90}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

10m29.005875281s ago: executing program 0 (id=995):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000001280)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000001340)='net/ip6_flowlabel\x00')
read$char_usb(r2, &(0x7f0000000040)=""/4109, 0x100d)

10m12.786993148s ago: executing program 35 (id=995):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000001280)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000001340)='net/ip6_flowlabel\x00')
read$char_usb(r2, &(0x7f0000000040)=""/4109, 0x100d)

8m50.9914366s ago: executing program 4 (id=1136):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000000))
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = memfd_create(&(0x7f00000000c0)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
fcntl$addseals(r7, 0x409, 0x6)
socket$kcm(0x2a, 0x2, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r6, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, 0x0, 0x0)
r8 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r8, 0x4020565a, &(0x7f00000001c0)={0x2})
close_range(r5, 0xffffffffffffffff, 0x0)

8m49.610925072s ago: executing program 4 (id=1137):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_setup(0x1b7b, 0x0)

8m48.311973386s ago: executing program 4 (id=1138):
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x2000002, &(0x7f0000001000)=ANY=[@ANYBLOB="766f6c756d653d3030303030303030303036332c696f636861727365743d6d6163677265656b2c696f636861727365743d6b6f69382d72752c7569643d666f726765742c756d61736b3d30303030303030303030303030303030303030303030322c6e6f7672732c6e6f7672732c66696c657365743d30303030303030303030303030303030303030342c646d6f64653d30303030303030303030303030303030303030303131362c007732be3442cd163f564b8a695afa1b16eefc0b9d590fbf9ab8391b97ea4c0cf06c797f1a493380ce6975738b912f61be3a342f9b9ee8b8bee4aa2b525fd11b2212573ec6e7f3235ad950c58d6bf8d5318071bd000000004c67990370b984f0b3bf4b8ee680536ebf6c9386b8e46872d639e0de679325aa384473cb1be572c7320000000000000000"], 0xfe, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x141420, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f0000000380)='./bus\x00')

8m45.226884212s ago: executing program 4 (id=1142):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000045, 0x0, 0x0)
readv(r0, &(0x7f0000001480), 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000280), 0x101800, 0x0)
ioctl$PTP_PIN_SETFUNC(r5, 0x40603d07, &(0x7f00000002c0)={'\x00', 0x8, 0x0, 0x10})
shutdown(r0, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r6 = fanotify_init(0x20, 0x2)
pipe2(&(0x7f0000000000)={<r7=>0x0, 0x0}, 0x0)
fanotify_mark(r6, 0x1, 0x8000008, r7, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000140), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
r8 = userfaultfd(0x0)
ioctl$UFFDIO_API(r8, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
close(0x3)

8m43.434670555s ago: executing program 4 (id=1146):
userfaultfd(0x801)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x27, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180), 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x19)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r4, 0xf501, 0x0)
stat(&(0x7f0000000000)='./file1\x00', 0x0)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000001940))
geteuid()
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
statx(r1, &(0x7f00000019c0)='./file0\x00', 0x800, 0x7ff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000001c00)=[{{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000a80)="aa8ef65089fc15366241df7235cd17fd0373df1795503b89f55b14c46f4f05598228edb644a1db016a99ce3c25778539755078ccfc", 0x35}, {&(0x7f0000000b00)}, {0x0}], 0x3, 0x0, 0x0, 0x20000001}}, {{0x0, 0x0, &(0x7f00000013c0), 0x0, &(0x7f0000001580), 0x0, 0x40885}}], 0x2, 0x4084)
openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)

8m41.44485642s ago: executing program 4 (id=1147):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="08000500060000000c0017"], 0x30}}, 0x0)

8m26.080718659s ago: executing program 36 (id=1147):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="08000500060000000c0017"], 0x30}}, 0x0)

32.827436899s ago: executing program 1 (id=1903):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x6, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10)

31.551311489s ago: executing program 1 (id=1904):
futex(0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x0, 0x0)

31.280192962s ago: executing program 1 (id=1905):
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
listen(r0, 0x3)
accept4(r0, 0x0, 0x0, 0x0)

30.23909289s ago: executing program 1 (id=1909):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f00000012c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800010, &(0x7f0000000f00)={[{@uid_forget}, {@unhide}, {@volume={'volume', 0x3d, 0x4}}, {@session}, {@gid}, {@rootdir={'rootdir', 0x3d, 0x5}}, {@adinicb}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@session={'session', 0x3d, 0x10001}}, {@longad}, {@uid_ignore}]}, 0x1, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x10, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b732673618000000fffff2ff0000000000edcce000", [0x1]})
sched_setscheduler(0x0, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
socket$alg(0x26, 0x5, 0x0)

27.658551177s ago: executing program 1 (id=1913):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000009c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x4, {{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x6e6bb6}, [@migrate={0x50, 0x11, [{@in6=@mcast2, @in=@private=0xa010100, @in=@private=0xa010100, @in=@rand_addr=0x6, 0x3c, 0x0, 0x0, 0x0, 0xa, 0xa}]}]}, 0xa0}}, 0x0)

26.068126085s ago: executing program 1 (id=1917):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000002000/0x3000)=nil)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000000c0), 0x80002, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44801}, 0x48000)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

24.491964836s ago: executing program 37 (id=1917):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000002000/0x3000)=nil)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000000c0), 0x80002, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44801}, 0x48000)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

10.779019516s ago: executing program 7 (id=1942):
close(0x3)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$netlink(0x10, 0x3, 0xa)
sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)

8.768724991s ago: executing program 7 (id=1944):
r0 = syz_usb_connect(0x1, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000340)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000008c0)={0x44, &(0x7f0000000080)={0x40, 0x12, 0x2, "c8ad"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)

5.943257535s ago: executing program 6 (id=1947):
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x3, {0x4, 0x21}, 0x14, 0x1})
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
r1 = syz_open_procfs(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r3, &(0x7f0000000000)=@in4={0x21, 0x6, 0x2, 0x10, {0x2, 0x4e24, @remote}}, 0x24)

5.199508684s ago: executing program 7 (id=1948):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
recvmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000140)=""/9, 0x9}, {&(0x7f0000000300)=""/225, 0xe1}], 0x2, 0x0, 0x0, 0x2000000}}], 0x1, 0xcb, 0x0)

5.180695955s ago: executing program 6 (id=1949):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00464b4, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000003c0)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x80000)
recvmsg$can_raw(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x40010022)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r4, &(0x7f0000000000)="3f000000010040", 0x7)

5.052226039s ago: executing program 7 (id=1950):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r1, 0xfffffffc)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r3, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r4, @ANYBLOB="b400028038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400"], 0xd0}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880)

2.940300056s ago: executing program 6 (id=1951):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000006a80)=ANY=[@ANYBLOB='umask=00000000000000000000000,decompose,nls=iso8859-2,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e6f626172726965722c706172743d3078300a00000030343030303030303030c35e501b91e8ecd85be54ee1ada3362c00f7aa0495612dabd0d852407ec625575e09bd4e32b58c64b6da68471a92799745eca61272cd0909be46ea3973f716141066b64d0a825eb64c513a0958a6aa78a90f"], 0x20, 0x6de, &(0x7f0000000840)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsZ3Esds4abvPR3p+v+f3+/N9X//es/3SygF8ai28FROtSGLh/Jub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJJxFXorPEZ9Mn8+6S/cZ54+HHH5y7/1Gjs1XJl6x+aVC7He0BI7TyJWYiopyvR1TZr79re/R3b6Suk+2404SdLRIHx629S2uU5kOct8DT7l5EeWKP5+sRJyJiKv8cEPnVoXTE4R26ka5yAAAA8HQqH1ThxUfxKDZj+mjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdD0vnNwCRfSkV5JpL89/+/n1fLVKvHG+4BvnzA/vdvHFEgAAAAAAAAAHD4JnaKZx7Fo9iM6WK7nWR/838t2ziZPb4Q78Z6LMVaXIjNWIyN2Ii1mIuYmO7qs7q5uLGxNre75W8ibdlut+/lLecjor6r5fyYjxkAAAAAAAAAnm8/jYWYPu4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgWxJR7qyy5WRRrkepEhFTEVFN67Ui/lKUn2V/Pe4AAAAAYPxq+Xo6+V+n0E6y7/yvZN/7p+LdWI2NWI6NaMZSXM/uBXS+9Zf+2Wo0H2w1VtJld8ff+vdIcWQ9RkQ53ttn5NmsxqntFgvx3fhBnI+ZuBprsRw/isXYiKWYiVp6ELEYSdRrnbsX9SLO3njLeVdXekK52h/bmb7t01kktbgRy1lsF+JateitlNVI4nTXaH+qRvRl6L00O8k3c0Pm6HrX6/Xr/L5Mrv3ikH2MRz078ontjMymuc+z8dLeuS+MOE/6R5qL0vY9qJM7o6Sb/SMVOf/hKDk/ka/TXP+iN+eHbcRbaf2ZmI9SPvsiXunN+e0v3H+5t/GX/vW3qzdLq7du3lg/P8ZDGquJotCfiUZXJl4dPPvyTDTTTLSGz8RE/xNTT3Ach6iaZ6NzYRvuavmdrLQYr3VNwXfieizFpZiNubgcs/H1mI9Gzww71ZPXSmOlNyfZuVbafX2rDQj+7Be7Kv3ygMpHK83LS1157b7S1bN9+TNXfhWzXVl6efDse5x3gcrn8kI6xs+233GeBj2ZyK/NRXTFG9Q+mfhtO31cb67eWru5eHvI8c7l6/S0fb/32vy7Jz6YJ5LOl/SKW8m2spzUivmS7vvMdrS9+armf3HptCvt2ndqe189pmM5vrfvmVrNP8Pt7qmz79U99zWyfae79vV8yol3opl9CukzczRZBWBoJ14/Ua09rP2j9mHt57WbtTenvj15efLz1Zj4e+XP5T+Ufl/6RvJ6fBg/ienjjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4H63fu3lpsNpfWxlioPuZYUTqwztYLw3UY9YjBYyV5oTrubDwFhf9MDcxGLcY0+h8jYkCd6hMPkYx/PqcT+VA6LH44LXumXR6heaVotXedSqxP7fcKTu687lG/tdj8b7unTi26ThngOXdxY+X2xfU7d7+yvLL49tLbS6vzly9dvtT42txXL95Ybi7Ndh6PO0pgHNbv3C0fdwwAAAAAAAAAAADAaPJ//b/x2P+ZoXJAnera+t4jnznqQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeUQtvxUQrkpibvTCbbj/YajTTpSjv1KxERCkikh9HJJ9EXInOEvWu7pL9xnnj4ccfnLv/UWOnr0pRvzSo3XBa+RIzEVHO1web3KOb3f1d6+qv9VjhJdtHmCbsbJE4OG7/DwAA//9tSfWT")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2b1245d, 0x0, 0xfc, 0x0, &(0x7f00000000c0))

2.940002986s ago: executing program 7 (id=1952):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/185)

2.540895784s ago: executing program 6 (id=1953):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000280)={0x73622a85, 0x110b, 0x8000000000002})
openat$autofs(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0xd0}}, './file0\x00'})
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000080))
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000040)=0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000380)={0xa00, 0x18, 0xfa00, {0x100000000000000, 0x0}}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000040)=0x2, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0xfffffffffffffffa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002000)=""/102400, 0x19000)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0x28, r3, 0x100, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x101}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x24040000)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
dup3(0xffffffffffffffff, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f00000000c0)=[@request_death], 0x46, 0x0, &(0x7f00000002c0)="51e9e17d1a6efcbf34565cf0795760882831543e04720fba8cda4cac14d25bd6c060e9a65fe8e8fd471fbdd3125c9be2a30c190501765e7e05e312bdf7bc9c13bb9c8233badb"})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0xc, 0x0, &(0x7f0000000000)=[@dead_binder_done], 0x0, 0x0, 0x0})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x101801, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x6}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x80000001}, @NFTA_LIMIT_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x8}]}}}]}]}], {0x14}}, 0xe8}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000a40)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb8100000086dd62a341"], 0x0)
ioctl$TUNSETDEBUG(r7, 0x400454c9, 0xffffffffffffffff)

1.003062362s ago: executing program 6 (id=1954):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x2a000, 0x1000}, 0x20)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x200000, 0x40)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r3 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r2, r3, r3}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})

814.294229ms ago: executing program 6 (id=1955):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001000)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$AUTOFS_IOC_READY(r2, 0x9360, 0xffffffffffffffff)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000300)={@ifindex, 0xffffffffffffffff, 0x2f}, 0x20)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000040)=0x3, 0x12)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000100)={0xf000000, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
timer_create(0x0, 0x0, 0x0)
gettid()
timer_create(0x0, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000040), 0x4)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000540)={0x41c, 0x7d, 0x0, {{0x500, 0x2db, 0x0, 0x5000000, {0xcdb74b01717932d9, 0x400}, 0x10000000, 0x0, 0x0, 0x8000fe, 0x1f, '\x04nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\xff\xff\xff0\xff\xce\xbc\x92\x00\x00\x00', 0x120, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05>\x00\x1e\x00\x00\x18{\x82O^\x97\xe5p\xbeg\xb0^\xb0V\xca|=9\x00\xb5\x00\x00;Y_\xcb\x14\x03\x03\x00\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x1a\xb4\x94\xcc\xe37A\x95\xcc\x90U\xd1\xc8~x\xcdY\x96\xd9\x967\x87\xe7\xb6\x98\"l5\xf0\x17K\r\xf3\xf8\x91\xcf\x99lI\b\xe889d\x01,\xe2\x15]\xd6\xb3\xf4kb\xcay$\xeba\x13\x90\x98\xb2\"\xbc\xf4/\xeah1Z\x81ju\x16i\xd6%\xe5\xe4\xe4_\x96?\x1e\xe2\x1e\xb7N\xf3\xcd\xf9\x8f7\xb2?\r\xac\xc9\xd9\xe5\xd4\xbe\xbf\x91J\x8d,\x9f\x19fxu\xd1\r\xeb\xddkT\x03\xf6j\xe8}\x8a/\x067\xcdH\x82\x8f,W\xc3,\x19\xc3#9(O\xa5\x14\xa9#l\x1b\x17\xe7R\x93^J\xf4v\x86\xa6\xcfHC\x10\xec\xd1\xe8\x98l\x12_\xb7B\xfd2\xfc]\x87\xe0\x8aj\x8e\r\x94X\x02\xd7\x7f\x15\xb4G\t\x8b\xd5c\x9c\x0e\xba\\o\xd2\x132\xf6\xddX\x8b\x17\"=\xa7l-\xf5\x91\v_\xf9\xfc\x01\x9f\xd9&', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x157, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85+\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00\xd0\x02\xaf\x02k\x9en\r\xca\x00\x89\xfdL\xd0\x9c\xf8\r\xbb\xe9Q\xb2\x1f5y\x8b\n\xb6hx\xc0\x9d\"\x8b7\x88\\\x10\x8a\xcb\xee\xcd\xbe\x06Kz\xd8\xd79\x9f\xd5\x18j\'t\x8f$\x88\'\x06\x8f\x89\x0fOPZ\x04\xc4$\xd7%\xc8\x1exa\xe1 --\xc4\xc94\x1dWH\xff\x9eS\x9e\rIT\x8fz\x1c\xcf^\xac\x9a\xa0\x92L\a\x00\x00\x00\xf3|c\xccjn1\xa7}\x1f\xad\x05\x83h\xae\xd5\xe3\xc1M\x89\x96\x87\n\v\t\xd0l\x97\x04\x98\v\xb4GxB\xb1\xed.\x8f%\x01\xb2_\xbc\\^\xe6}\x8bnN\xc7G\xe9]\x03\xf6x\xd7\x1a-\xa34\x92\xf8\xd4\x87\xeeB|Y\xf6\xe7\ni\xa9J}\x987\xd6\x02c\xd68\aM\xfa\x04\xa4V\x04\tD\xb7\x02\"gFh\xc7D\xb7\xba\xda\xad4uXO 5|\x84 \xc1IO\x8d\r4 *\xfb5\xccVp\xe2@\xbe\xba\x96SS\xaf\xe9F\xc0\xc1\xb5\t\x1d9U\xc8\xc8_\xf1\xc7q|\n'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcf\x01.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb49\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0xffffffffffffffff, 0xee00}}, 0x41c)

0s ago: executing program 7 (id=1956):
r0 = syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
ioctl$BTRFS_IOC_SEND(r0, 0x40489426, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
unlink(0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x1400e, &(0x7f0000000100)={[{@quota}]}, 0x1, 0x441, &(0x7f00000009c0)="$eJzs28tvG8UfAPDvrp3219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgpC5YgqcUcckfgLOMEFASckrnBHlSrUSwsno7V3E8exncQ4ccGfj7TJzO5EM1/vjD2zEwcwtMayH0nE7oj4NSJGG9mVBcYav+7cujLz560rM0nUam/8kdTL3b51ZaYoWvzdriJTjkg/SeJgm3oXLl0+N12tzl3M8xOL59+dWLh0+Zmz56fPzJ2ZuzB18uTxY5PPnZh6ti9xZnHdPvDB/KH9r7x1/bWZU9ff/vHrpIi/JY4+Get28fFarc/VDdaepnRSHmBD2JBSY5jGSH38j0Yplm/eaLz88UAbB2yqWq1Wu6/z5as14D8siUG3ABiM4oM+W/8WxxZNPe4KN19oLICyuO/kR+NKOdK8zEjL+rafxiLi1NW/vsiO2JznEAAAK3ybzX+ebjf/S6P5udD/8z2USkTcExF7I+JEROyLiHsj6mXvj4gHNlh/6ybJ6vlPeqOnwNYpm/89n+9trZz/FbO/qJTy3J56/CPJ6bPVuaP5a3IkRrZn+ckudXz30i+fdbrWPP/Ljqz+Yi6Yt+NGeXufgm3j5kcRB8rt4k+WdgKSiNgfEQd6rOPsk18d6nRt7fi76MM+U+3LiCca9/9qtMRfSLrvT078L6pzRyeKXrHaTz9fe71T/euKP/nncXaS3f+dEVF0sdXx76kkzfu1Cxuv49pvn3Zc0/TS/2enF6e3JW+uOPf+9OLixcmIbcmr9Xyl+fxUS7mp5fJZ/EcOtx//e2P5lTgYEVknfjAiHoqIh/O2PxIRj0bE4S7x//DiY+/0Hv/myuKfbfv+t9TpWu7/cmJbtJ5pnyid+/6bFZVWNhJ/dv+P11NH8jPZ/V8rrvW0q7feDAAAAP8+aUTsjiQdX0qn6fh443/498XOtDq/sPjU6fn3Lsw2viNQiZG0eNI12vQ8dDJf1hf5sZb8sfy58eelHfX8+Mx8dXbQwcOQ29Vh/Gd+Lw26dcCm830tGF7GPwwv4x+Gl/EPw6vN+N8xiHYAW6/d5/+HA2gHsPVaxr9tPxgi1v8wvMrW+zC0fP7DUFrYEWt/SV5CYlUi0ruiGRI9JtKI6FZm0O9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/fF3AAAA//+edt38")
creat(0x0, 0x182)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181642, 0x148)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x480c0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2000040, &(0x7f00000079c0)=ANY=[], 0xfe, 0xc2d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x101442, 0x0)
pwrite64(r4, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

kernel console output (not intermixed with test programs):

3 length: 249 > 4
[ 1022.119152][ T5880] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1022.169854][   T30] audit: type=1800 audit(1757823786.723:497): pid=13229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1564" name="file1" dev="loop1" ino=20 res=0 errno=0
[ 1022.244261][ T5880] Bluetooth: hci2: command tx timeout
[ 1022.311268][T13054] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.347962][T13054] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1022.358019][T13054] bridge_slave_0: entered allmulticast mode
[ 1022.527855][T13054] bridge_slave_0: entered promiscuous mode
[ 1022.551173][T13054] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.560360][T13054] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1022.637027][T13054] bridge_slave_1: entered allmulticast mode
[ 1022.904936][T13054] bridge_slave_1: entered promiscuous mode
[ 1024.163361][ T5880] Bluetooth: hci0: command tx timeout
[ 1024.333352][ T5880] Bluetooth: hci2: command tx timeout
[ 1024.428440][T13054] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1024.448466][T13054] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1024.541567][T13252] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1024.737909][T13256] loop7: detected capacity change from 0 to 1024
[ 1024.821279][T13260] loop1: detected capacity change from 0 to 1024
[ 1024.931320][ T6111] hfsplus: b-tree write err: -5, ino 4
[ 1025.024206][T13260] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1025.199068][T13054] team0: Port device team_slave_0 added
[ 1025.422642][   T30] audit: type=1800 audit(1757823789.763:498): pid=13260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1573" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1026.214646][T13054] team0: Port device team_slave_1 added
[ 1026.269613][ T5880] Bluetooth: hci0: command tx timeout
[ 1026.948454][   T30] audit: type=1804 audit(1757823791.503:499): pid=13260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1573" name="/newroot/367/file1/file1" dev="loop1" ino=15 res=1 errno=0
[ 1027.100700][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1027.101504][T13258] loop6: detected capacity change from 0 to 32768
[ 1027.203139][T13163] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1027.254999][T13163] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1027.264116][T13282] loop1: detected capacity change from 0 to 1024
[ 1027.296741][T13163] bridge_slave_0: entered allmulticast mode
[ 1027.322681][T13163] bridge_slave_0: entered promiscuous mode
[ 1027.331024][T13282] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1027.389017][T13054] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1027.397016][T13054] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1027.422999][   T30] audit: type=1800 audit(1757823791.953:500): pid=13282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1575" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1027.458896][T13054] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1027.506423][T13163] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1027.517773][T13258] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1027.517823][T13258]   allowing incompatible features above 0.0: (unknown version)
[ 1027.517845][T13258]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1027.552547][T13163] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1027.552817][T13163] bridge_slave_1: entered allmulticast mode
[ 1027.555201][T13163] bridge_slave_1: entered promiscuous mode
[ 1027.601974][T13054] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1027.602002][T13054] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1027.602046][T13054] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1027.697726][T13163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1027.724761][T13163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1028.086559][T13258] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[ 1028.160789][T13258] bcachefs (loop6): initializing new filesystem
[ 1028.194892][T13054] hsr_slave_0: entered promiscuous mode
[ 1028.365278][ T5880] Bluetooth: hci0: command tx timeout
[ 1028.406013][T13054] hsr_slave_1: entered promiscuous mode
[ 1028.507777][T13054] debugfs: 'hsr0' already exists in 'hsr'
[ 1028.611876][T13258] syz.6.1572: vmalloc error: size 8388608, failed to allocated page array size 16384, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1028.623474][T13054] Cannot create hsr debugfs directory
[ 1028.673711][T13258] CPU: 0 UID: 0 PID: 13258 Comm: syz.6.1572 Not tainted syzkaller #0 PREEMPT(full) 
[ 1028.673761][T13258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1028.673799][T13258] Call Trace:
[ 1028.673812][T13258]  <TASK>
[ 1028.673827][T13258]  dump_stack_lvl+0x16c/0x1f0
[ 1028.673897][T13258]  warn_alloc+0x248/0x3a0
[ 1028.673964][T13258]  ? __pfx_warn_alloc+0x10/0x10
[ 1028.674049][T13258]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1028.674094][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.674145][T13258]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1028.674208][T13258]  __vmalloc_node_range_noprof+0x101b/0x14b0
[ 1028.674264][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.674329][T13258]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1028.674406][T13258]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1028.674460][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.674512][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.674557][T13258]  ? ___kmalloc_large_node+0xed/0x160
[ 1028.674602][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.674655][T13258]  __kvmalloc_node_noprof+0x30a/0x620
[ 1028.674712][T13258]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1028.674751][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.674804][T13258]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1028.674856][T13258]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1028.674896][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.674940][T13258]  bch2_fs_journal_start+0x2ce/0x1390
[ 1028.674984][T13258]  ? bch2_trans_put+0x86c/0x10d0
[ 1028.675050][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.675100][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.675145][T13258]  ? find_held_lock+0x2b/0x80
[ 1028.675192][T13258]  ? __pfx_bch2_fs_journal_start+0x10/0x10
[ 1028.675236][T13258]  ? enumerated_ref_put+0xc3/0x270
[ 1028.675281][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.675326][T13258]  ? bch2_fs_journal_alloc+0x3f6/0x5e0
[ 1028.675378][T13258]  bch2_fs_initialize+0x966/0x1bc0
[ 1028.675452][T13258]  ? __entry_text_end+0x1020b6/0x1020b9
[ 1028.675499][T13258]  ? __pfx_bch2_fs_initialize+0x10/0x10
[ 1028.675588][T13258]  ? mark_held_locks+0x49/0x80
[ 1028.675648][T13258]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1028.675696][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.675741][T13258]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1028.675803][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.675950][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.675997][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.676045][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.676092][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.676147][T13258]  ? bch2_fs_start+0xdd0/0x1450
[ 1028.676185][T13258]  bch2_fs_start+0xdd0/0x1450
[ 1028.676242][T13258]  bch2_fs_get_tree+0xd9b/0x1b70
[ 1028.676307][T13258]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 1028.676390][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.676435][T13258]  ? vfs_parse_fs_param_source+0x103/0x1e0
[ 1028.676484][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.676531][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.676576][T13258]  ? aa_get_newest_label+0xd2/0x250
[ 1028.676618][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.676663][T13258]  ? apparmor_capable+0x114/0x1d0
[ 1028.676706][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.676750][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.676809][T13258]  vfs_get_tree+0x8e/0x340
[ 1028.676862][T13258]  path_mount+0x1513/0x2000
[ 1028.676913][T13258]  ? __pfx_path_mount+0x10/0x10
[ 1028.676957][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.677001][T13258]  ? kmem_cache_free+0x2d1/0x4d0
[ 1028.677056][T13258]  ? putname+0x154/0x1a0
[ 1028.677105][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.677150][T13258]  ? putname+0x154/0x1a0
[ 1028.677198][T13258]  ? __x64_sys_mount+0x28d/0x310
[ 1028.677237][T13258]  __x64_sys_mount+0x28d/0x310
[ 1028.677280][T13258]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1028.677321][T13258]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1028.677382][T13258]  do_syscall_64+0xcd/0x4e0
[ 1028.677447][T13258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1028.677485][T13258] RIP: 0033:0x7f348899034a
[ 1028.677513][T13258] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1028.677549][T13258] RSP: 002b:00007f34898dce68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1028.677584][T13258] RAX: ffffffffffffffda RBX: 00007f34898dcef0 RCX: 00007f348899034a
[ 1028.677609][T13258] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 00007f34898dceb0
[ 1028.677633][T13258] RBP: 0000200000000140 R08: 00007f34898dcef0 R09: 0000000002800000
[ 1028.677657][T13258] R10: 0000000002800000 R11: 0000000000000246 R12: 0000200000000100
[ 1028.677681][T13258] R13: 00007f34898dceb0 R14: 0000000000005aa4 R15: 0000200000000040
[ 1028.677729][T13258]  </TASK>
[ 1028.677741][T13258] Mem-Info:
[ 1029.152691][T13258] active_anon:12185 inactive_anon:0 isolated_anon:0
[ 1029.152691][T13258]  active_file:18951 inactive_file:40440 isolated_file:0
[ 1029.152691][T13258]  unevictable:768 dirty:126 writeback:0
[ 1029.152691][T13258]  slab_reclaimable:8439 slab_unreclaimable:103088
[ 1029.152691][T13258]  mapped:35885 shmem:5627 pagetables:1479
[ 1029.152691][T13258]  sec_pagetables:0 bounce:0
[ 1029.152691][T13258]  kernel_misc_reclaimable:0
[ 1029.152691][T13258]  free:1281491 free_pcp:15612 free_cma:0
[ 1029.201320][T13258] Node 0 active_anon:48740kB inactive_anon:0kB active_file:75804kB inactive_file:161552kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:143540kB dirty:504kB writeback:0kB shmem:20972kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13016kB pagetables:5776kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1029.236014][T13258] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1029.276320][   T30] audit: type=1804 audit(1757823793.823:501): pid=13282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1575" name="/newroot/368/file1/file1" dev="loop1" ino=15 res=1 errno=0
[ 1029.337573][T13163] team0: Port device team_slave_0 added
[ 1029.344741][T13258] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1029.444134][T13258] lowmem_reserve[]: 0 2479 2481 2481 2481
[ 1029.454132][T13258] Node 0 DMA32 free:1222264kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48440kB inactive_anon:0kB active_file:75804kB inactive_file:160200kB unevictable:1536kB writepending:500kB present:3129332kB managed:2539448kB mlocked:0kB bounce:0kB free_pcp:43092kB local_pcp:30252kB free_cma:0kB
[ 1029.604856][T13258] lowmem_reserve[]: 0 0 1 1 1
[ 1029.639325][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1029.647270][T13258] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:4kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[ 1029.753879][T13258] lowmem_reserve[]: 0 0 0 0 0
[ 1029.892483][T13258] Node 1 Normal free:3891788kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17488kB local_pcp:6064kB free_cma:0kB
[ 1030.088014][T13258] lowmem_reserve[]: 0 0 0 0 0
[ 1030.158331][T13258] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1030.190591][T13258] Node 0 DMA32: 808*4kB (UM) 845*8kB (UME) 723*16kB (UME) 878*32kB (UME) 683*64kB (UME) 334*128kB (UME) 180*256kB (UME) 73*512kB (UM) 30*1024kB (UM) 2*2048kB (M) 236*4096kB (M) = 1221048kB
[ 1030.244909][T13258] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[ 1030.258465][T13258] Node 1 Normal: 209*4kB (UE) 59*8kB (UME) 53*16kB (UME) 101*32kB (UME) 31*64kB (UME) 11*128kB (UME) 4*256kB (UM) 6*512kB (UME) 2*1024kB (UM) 1*2048kB (E) 946*4096kB (M) = 3891788kB
[ 1030.296068][T13163] team0: Port device team_slave_1 added
[ 1030.316138][T13258] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1030.343562][T13258] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1030.391050][T13258] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1030.404996][ T5880] Bluetooth: hci0: command tx timeout
[ 1030.410875][T13258] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1030.429429][T13258] 64772 total pagecache pages
[ 1030.441939][T13258] 0 pages in swap cache
[ 1030.446775][T13258] Free swap  = 124996kB
[ 1030.450935][T13258] Total swap = 124996kB
[ 1030.479467][T13258] 2097051 pages RAM
[ 1030.490835][T13258] 0 pages HighMem/MovableOnly
[ 1030.495887][T13258] 430227 pages reserved
[ 1030.500046][T13258] 0 pages cma reserved
[ 1030.551596][T13258] bcachefs (loop6): error reallocating journal fifo (32768 open entries)
[ 1030.610983][T13258] bcachefs (loop6): bch2_fs_initialize(): error ENOMEM_journal_pin_fifo
[ 1030.645981][T13258] bcachefs (loop6): bch2_fs_start(): error starting filesystem ENOMEM_journal_pin_fifo
[ 1030.736654][T13305] loop1: detected capacity change from 0 to 16
[ 1030.756917][T13258] bcachefs (loop6): shutting down
[ 1030.793754][T13305] erofs (device loop1): mounted with root inode @ nid 36.
[ 1030.804886][T13163] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1030.811877][T13163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1030.858766][T13305] erofs (device loop1): readahead error at folio 12 @ nid 36
[ 1030.866396][T13305] erofs (device loop1): readahead error at folio 9 @ nid 36
[ 1030.873964][T13305] erofs (device loop1): readahead error at folio 6 @ nid 36
[ 1030.881281][T13305] erofs (device loop1): readahead error at folio 4 @ nid 36
[ 1030.889206][T13305] syz.1.1580: attempt to access beyond end of device
[ 1030.889206][T13305] loop1: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[ 1030.903466][T13305] syz.1.1580: attempt to access beyond end of device
[ 1030.903466][T13305] loop1: rw=524288, sector=376, nr_sectors = 16 limit=16
[ 1030.917402][T13305] syz.1.1580: attempt to access beyond end of device
[ 1030.917402][T13305] loop1: rw=524288, sector=0, nr_sectors = 24 limit=16
[ 1030.931029][T13305] syz.1.1580: attempt to access beyond end of device
[ 1030.931029][T13305] loop1: rw=524288, sector=720, nr_sectors = 16 limit=16
[ 1030.945647][T13305] syz.1.1580: attempt to access beyond end of device
[ 1030.945647][T13305] loop1: rw=524288, sector=525144, nr_sectors = 16 limit=16
[ 1030.988296][T13163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1031.001585][T13163] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1031.009157][T13163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1031.082181][T13258] bcachefs (loop6): shutdown complete
[ 1031.120020][T13163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1031.286881][T13310] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1031.490393][ T6307] bridge_slave_1: left allmulticast mode
[ 1031.498647][ T6307] bridge_slave_1: left promiscuous mode
[ 1031.530727][ T6307] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1031.621765][ T6307] bridge_slave_0: left allmulticast mode
[ 1031.639765][ T6307] bridge_slave_0: left promiscuous mode
[ 1031.679266][ T6307] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1031.735595][ T6307] bridge_slave_1: left allmulticast mode
[ 1031.746835][ T6307] bridge_slave_1: left promiscuous mode
[ 1031.760603][ T6307] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1031.787486][ T6307] bridge_slave_0: left allmulticast mode
[ 1031.800166][ T6307] bridge_slave_0: left promiscuous mode
[ 1031.816269][ T6307] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1031.877608][ T6307] bridge_slave_1: left allmulticast mode
[ 1031.901846][ T6307] bridge_slave_1: left promiscuous mode
[ 1031.968049][ T6307] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1032.000875][ T6307] bridge_slave_0: left allmulticast mode
[ 1032.023494][ T6307] bridge_slave_0: left promiscuous mode
[ 1032.029291][ T6307] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1032.770784][ T6307] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1032.793784][ T6307] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1032.804985][ T6307] bond0 (unregistering): Released all slaves
[ 1033.598721][ T6307] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1033.620856][ T6307] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1033.694290][ T6307] bond0 (unregistering): Released all slaves
[ 1033.831434][T13258] bcachefs: bch2_fs_get_tree() error: ENOMEM_journal_pin_fifo
[ 1033.898376][T13323] loop1: detected capacity change from 0 to 1024
[ 1034.076346][T13323] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1034.194416][   T30] audit: type=1800 audit(1757823798.753:502): pid=13323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1587" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1034.244677][ T6307] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1034.319380][ T6307] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1034.934541][ T6307] bond0 (unregistering): Released all slaves
[ 1035.434038][   T30] audit: type=1804 audit(1757823799.943:503): pid=13333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1587" name="/newroot/373/file1/file1" dev="loop1" ino=15 res=1 errno=0
[ 1035.647082][T13163] hsr_slave_0: entered promiscuous mode
[ 1035.721130][T13163] hsr_slave_1: entered promiscuous mode
[ 1035.751297][T13163] debugfs: 'hsr0' already exists in 'hsr'
[ 1035.762902][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1035.790444][T13163] Cannot create hsr debugfs directory
[ 1036.114452][T13348] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1036.465959][T13354] overlayfs: missing 'workdir'
[ 1037.808171][ T6307] hsr_slave_0: left promiscuous mode
[ 1037.876483][ T6307] hsr_slave_1: left promiscuous mode
[ 1037.882777][ T6307] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1037.941403][ T6307] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1038.038932][ T6307] hsr_slave_0: left promiscuous mode
[ 1038.068549][ T6307] hsr_slave_1: left promiscuous mode
[ 1038.104235][ T6307] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1038.145204][ T6307] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1038.228475][ T6307] hsr_slave_0: left promiscuous mode
[ 1038.263524][ T6307] hsr_slave_1: left promiscuous mode
[ 1038.274079][ T6307] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1038.534012][ T6307] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1038.758445][T13361] loop7: detected capacity change from 0 to 32768
[ 1038.941232][T13381] loop1: detected capacity change from 0 to 1024
[ 1039.088017][T13392] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1039.115163][T13381] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1039.169445][T13361] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1039.169498][T13361]   allowing incompatible features above 0.0: (unknown version)
[ 1039.169520][T13361]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1039.263078][T13361] bcachefs (loop7): Using encoding defined by superblock: utf8-12.1.0
[ 1039.270515][   T30] audit: type=1800 audit(1757823803.813:504): pid=13381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1603" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1039.292252][T13361] bcachefs (loop7): initializing new filesystem
[ 1039.301816][T13361] bcachefs (loop7): going read-write
[ 1039.636572][T13361] bcachefs (loop7): marking superblocks
[ 1039.757349][T13403] overlayfs: missing 'workdir'
[ 1040.240744][ T6307] team0 (unregistering): Port device team_slave_1 removed
[ 1040.448822][T13361] bcachefs (loop7): initializing freespace
[ 1040.515132][T13361] bcachefs (loop7): done initializing freespace
[ 1040.530481][ T6307] team0 (unregistering): Port device team_slave_0 removed
[ 1040.539123][   T30] audit: type=1804 audit(1757823805.083:505): pid=13398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1603" name="/newroot/379/file1/file1" dev="loop1" ino=15 res=1 errno=0
[ 1040.550149][T13406] loop6: detected capacity change from 0 to 1024
[ 1040.566050][T13361] bcachefs (loop7): reading snapshots table
[ 1040.598442][T13361] bcachefs (loop7): reading snapshots done
[ 1040.649588][T13361] bcachefs (loop7): done starting filesystem
[ 1040.665992][   T30] audit: type=1800 audit(1757823805.223:506): pid=13406 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1607" name="file1" dev="loop6" ino=20 res=0 errno=0
[ 1041.074025][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1041.199736][ T8032] bcachefs (loop7): shutting down
[ 1041.236365][ T8032] bcachefs (loop7): going read-only
[ 1041.242885][ T8032] bcachefs (loop7): finished waiting for writes to stop
[ 1041.291224][ T8032] bcachefs (loop7): flushing journal and stopping allocators, journal seq 4
[ 1041.536902][ T8032] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 4
[ 1041.579531][ T8032] bcachefs (loop7): clean shutdown complete, journal seq 5
[ 1041.596709][ T8032] bcachefs (loop7): marking filesystem clean
[ 1041.848139][ T8032] bcachefs (loop7): shutdown complete
[ 1042.057477][T13411] loop1: detected capacity change from 0 to 32768
[ 1042.122038][T13411] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1042.130382][T13411] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1042.215969][T13411] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1042.237965][ T6006] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1042.253231][ T6006] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1042.646341][ T6006] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 393ms
[ 1042.670475][ T6006] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1042.682137][T13411] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1042.932216][ T6307] team0 (unregistering): Port device team_slave_1 removed
[ 1043.024835][ T6307] team0 (unregistering): Port device team_slave_0 removed
[ 1043.490523][T13426] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1044.018267][T13433] overlayfs: missing 'workdir'
[ 1045.463444][T13438] loop1: detected capacity change from 0 to 1024
[ 1045.654902][T13438] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1045.723448][   T30] audit: type=1800 audit(1757823810.263:507): pid=13438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1618" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1045.896453][ T6307] team0 (unregistering): Port device team_slave_1 removed
[ 1046.008200][ T6307] team0 (unregistering): Port device team_slave_0 removed
[ 1046.480755][   T30] audit: type=1804 audit(1757823811.033:508): pid=13446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1618" name="/newroot/383/file1/file1" dev="loop1" ino=15 res=1 errno=0
[ 1046.933574][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1048.069039][T13453] syz.1.1620 (13453): drop_caches: 2
[ 1048.445159][T13465] loop1: detected capacity change from 0 to 1024
[ 1048.596910][   T30] audit: type=1800 audit(1757823813.153:509): pid=13465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1621" name="file1" dev="loop1" ino=20 res=0 errno=0
[ 1049.070972][T13470] loop7: detected capacity change from 0 to 32768
[ 1049.157669][T13470] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1049.167099][T13470] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1049.205814][T13470] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1049.215887][ T6006] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1049.222650][ T6006] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1049.346137][T13228] chnl_net:caif_netlink_parms(): no params data found
[ 1049.577904][ T6006] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 355ms
[ 1049.625796][ T6006] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1049.631091][T13470] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1051.062158][T13228] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1051.107135][T13228] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1051.131750][T13228] bridge_slave_0: entered allmulticast mode
[ 1051.153377][T13228] bridge_slave_0: entered promiscuous mode
[ 1051.483489][T13228] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1051.523482][T13228] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1051.571595][T13228] bridge_slave_1: entered allmulticast mode
[ 1051.652645][T13228] bridge_slave_1: entered promiscuous mode
[ 1052.960486][T13228] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1053.017841][T13228] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1053.795430][T13228] team0: Port device team_slave_0 added
[ 1053.822708][T13228] team0: Port device team_slave_1 added
[ 1053.986306][T13228] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1054.014840][T13228] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1054.112843][T13228] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1054.172904][T13228] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1054.180172][T13228] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1054.214111][T13228] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1055.620161][T13228] hsr_slave_0: entered promiscuous mode
[ 1055.651032][T13228] hsr_slave_1: entered promiscuous mode
[ 1055.680861][T13524] loop1: detected capacity change from 0 to 32768
[ 1055.962092][T13524] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1055.972753][T13524] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1056.023582][T13524] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1056.041582][ T9863] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1056.054178][ T9863] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1056.394313][ T9863] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 340ms
[ 1056.440020][ T9863] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1056.464286][T13524] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1056.683446][T13054] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1056.739542][T13054] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1056.916651][T13054] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1057.008374][T13054] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1057.803844][T13549] loop7: detected capacity change from 0 to 32768
[ 1057.851750][T13549] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1057.860007][T13549] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1058.021287][T13549] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1058.318179][ T9863] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1058.340310][T13163] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1058.347135][ T9863] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1058.393346][T13163] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1058.684635][T13163] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1058.720054][ T9863] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 372ms
[ 1058.736521][ T9863] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1058.742430][T13549] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1058.946902][T13163] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1060.117785][T13054] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1060.354446][T13054] 8021q: adding VLAN 0 to HW filter on device team0
[ 1060.436418][ T6111] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1060.443674][ T6111] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1060.506149][ T6103] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1060.513399][ T6103] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1060.896453][T13163] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1061.596291][T13228] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1061.799179][T13163] 8021q: adding VLAN 0 to HW filter on device team0
[ 1061.852935][T13228] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1061.931883][ T6072] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1061.939069][ T6072] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1061.998969][T13228] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1062.108030][ T6072] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1062.115240][ T6072] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1062.248696][T13228] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1062.556041][T13587] loop1: detected capacity change from 0 to 32768
[ 1062.608685][T13587] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1062.617052][T13587] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1062.715955][T13587] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1062.726937][   T49] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1062.751577][   T49] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1062.987941][T13228] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1063.141099][   T49] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 389ms
[ 1063.168686][T13228] 8021q: adding VLAN 0 to HW filter on device team0
[ 1063.205057][   T49] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1063.210323][T13587] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1063.301540][ T6074] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1063.308776][ T6074] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1063.489986][ T6307] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1063.497208][ T6307] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1064.087688][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1064.094090][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1064.107789][ T5880] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1064.125957][ T5880] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1064.128965][T13163] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1064.160887][ T5880] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1064.195670][ T5880] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1064.213795][ T5880] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1065.600470][T13623] loop6: detected capacity change from 0 to 1024
[ 1066.160994][   T30] audit: type=1800 audit(1757823830.713:510): pid=13632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1655" name="file1" dev="loop6" ino=20 res=0 errno=0
[ 1066.181571][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1066.325566][ T5179] Bluetooth: hci3: command tx timeout
[ 1067.862475][T13228] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1068.403903][ T5179] Bluetooth: hci3: command tx timeout
[ 1069.452109][T13163] veth0_vlan: entered promiscuous mode
[ 1069.697977][T13609] chnl_net:caif_netlink_parms(): no params data found
[ 1069.748461][ T6072] bridge_slave_1: left allmulticast mode
[ 1069.763353][ T6072] bridge_slave_1: left promiscuous mode
[ 1069.788373][ T6072] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1069.828771][ T6072] bridge_slave_0: left allmulticast mode
[ 1069.837426][ T6072] bridge_slave_0: left promiscuous mode
[ 1069.843987][ T6072] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1070.483470][ T5880] Bluetooth: hci3: command tx timeout
[ 1070.836955][ T6072] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1070.858128][ T6072] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1070.877679][ T6072] bond0 (unregistering): Released all slaves
[ 1071.206666][T13163] veth1_vlan: entered promiscuous mode
[ 1071.477098][ T6072] hsr_slave_0: left promiscuous mode
[ 1071.520492][ T6072] hsr_slave_1: left promiscuous mode
[ 1071.589576][ T6072] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1071.722885][ T6072] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1072.577335][ T5179] Bluetooth: hci3: command tx timeout
[ 1074.042699][ T6072] team0 (unregistering): Port device team_slave_1 removed
[ 1074.077992][ T6072] team0 (unregistering): Port device team_slave_0 removed
[ 1074.550121][T13609] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1074.603425][T13609] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1074.610759][T13609] bridge_slave_0: entered allmulticast mode
[ 1074.675320][T13609] bridge_slave_0: entered promiscuous mode
[ 1075.075699][T13687] loop6: detected capacity change from 0 to 32768
[ 1075.209784][T13687] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1075.218039][T13687] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1075.233362][T13609] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1075.251095][T13687] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1075.253327][T13609] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1075.260216][T13362] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1075.290198][T13362] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1075.346878][T13609] bridge_slave_1: entered allmulticast mode
[ 1075.365478][T13609] bridge_slave_1: entered promiscuous mode
[ 1075.381905][T13362] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 91ms
[ 1075.421117][T13362] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1075.432525][T13687] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1076.414563][T13609] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1076.440970][T13228] veth0_vlan: entered promiscuous mode
[ 1076.608635][T13609] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1076.926427][ T5880] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1076.938040][ T5880] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1076.946643][ T5880] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1076.964370][ T5880] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1076.985102][ T5880] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1077.069007][T13609] team0: Port device team_slave_0 added
[ 1077.086952][T13609] team0: Port device team_slave_1 added
[ 1077.189204][T13228] veth1_vlan: entered promiscuous mode
[ 1077.489426][T13609] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1077.498294][T13609] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1077.543799][T13609] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1078.131017][T13609] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1078.175676][T13609] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1078.311836][T13609] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1079.076451][ T5179] Bluetooth: hci2: command tx timeout
[ 1080.235267][T13609] hsr_slave_0: entered promiscuous mode
[ 1080.282850][T13609] hsr_slave_1: entered promiscuous mode
[ 1080.328899][T13609] debugfs: 'hsr0' already exists in 'hsr'
[ 1080.369573][T13609] Cannot create hsr debugfs directory
[ 1080.995218][T13738] loop6: detected capacity change from 0 to 1024
[ 1081.122528][T13738] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1081.143324][ T5179] Bluetooth: hci2: command tx timeout
[ 1081.323355][   T30] audit: type=1800 audit(1757823845.873:511): pid=13738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1680" name="file1" dev="loop6" ino=15 res=0 errno=0
[ 1081.374143][ T5880] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1081.506759][ T5880] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1081.515671][ T5880] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1081.524585][ T5880] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1081.533651][ T5880] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1081.928513][   T30] audit: type=1804 audit(1757823846.473:512): pid=13738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1680" name="/newroot/385/file1/file1" dev="loop6" ino=15 res=1 errno=0
[ 1082.063748][ T6677] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1083.203497][ T5880] Bluetooth: hci2: command tx timeout
[ 1083.653426][ T5880] Bluetooth: hci5: command tx timeout
[ 1085.186161][T13707] chnl_net:caif_netlink_parms(): no params data found
[ 1085.303260][ T5880] Bluetooth: hci2: command tx timeout
[ 1085.838580][ T5880] Bluetooth: hci5: command tx timeout
[ 1086.785924][T13781] loop1: detected capacity change from 0 to 16
[ 1086.823712][T13781] erofs (device loop1): mounted with root inode @ nid 36.
[ 1086.977759][T13785] erofs (device loop1): readahead error at folio 12 @ nid 36
[ 1087.005840][T13785] erofs (device loop1): readahead error at folio 9 @ nid 36
[ 1087.039008][T13785] erofs (device loop1): readahead error at folio 6 @ nid 36
[ 1087.047177][T13785] erofs (device loop1): readahead error at folio 4 @ nid 36
[ 1087.066822][T13785] syz.1.1689: attempt to access beyond end of device
[ 1087.066822][T13785] loop1: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[ 1087.213869][T13785] syz.1.1689: attempt to access beyond end of device
[ 1087.213869][T13785] loop1: rw=524288, sector=376, nr_sectors = 16 limit=16
[ 1087.312665][T13785] syz.1.1689: attempt to access beyond end of device
[ 1087.312665][T13785] loop1: rw=524288, sector=0, nr_sectors = 24 limit=16
[ 1087.424118][T13785] syz.1.1689: attempt to access beyond end of device
[ 1087.424118][T13785] loop1: rw=524288, sector=720, nr_sectors = 16 limit=16
[ 1087.483459][T13785] syz.1.1689: attempt to access beyond end of device
[ 1087.483459][T13785] loop1: rw=524288, sector=525144, nr_sectors = 16 limit=16
[ 1087.925853][ T5880] Bluetooth: hci5: command tx timeout
[ 1088.457863][ T6072] bridge_slave_1: left allmulticast mode
[ 1088.515148][ T6072] bridge_slave_1: left promiscuous mode
[ 1088.664139][ T6072] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1088.999186][ T6072] bridge_slave_0: left allmulticast mode
[ 1089.013582][ T6072] bridge_slave_0: left promiscuous mode
[ 1089.029554][ T6072] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1090.013320][ T5880] Bluetooth: hci5: command tx timeout
[ 1091.542826][ T6072] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1091.581850][ T6072] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1091.618547][ T6072] bond0 (unregistering): Released all slaves
[ 1091.710341][T13742] chnl_net:caif_netlink_parms(): no params data found
[ 1091.866044][T13707] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1091.880874][T13707] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1091.927217][T13707] bridge_slave_0: entered allmulticast mode
[ 1092.000549][T13707] bridge_slave_0: entered promiscuous mode
[ 1092.541679][T13844] loop1: detected capacity change from 0 to 32768
[ 1092.573114][T13844] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1092.581400][T13844] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1092.642315][T13844] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1092.654286][T13350] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1092.662775][T13350] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1092.703634][ T6072] hsr_slave_0: left promiscuous mode
[ 1092.739962][ T6072] hsr_slave_1: left promiscuous mode
[ 1092.746520][ T6072] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1092.765652][ T6072] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1092.810070][T13350] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 147ms
[ 1092.853711][T13350] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1092.858995][T13844] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1092.891072][ T6072] veth1_vlan: left promiscuous mode
[ 1092.908378][ T6072] veth0_vlan: left promiscuous mode
[ 1095.478637][ T6072] team0 (unregistering): Port device team_slave_1 removed
[ 1095.698885][ T6072] team0 (unregistering): Port device team_slave_0 removed
[ 1096.904678][T13707] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1096.911853][T13707] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1096.922138][T13707] bridge_slave_1: entered allmulticast mode
[ 1096.970468][T13707] bridge_slave_1: entered promiscuous mode
[ 1097.446925][T13707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1097.710854][T13707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1098.064080][T13707] team0: Port device team_slave_0 added
[ 1098.155832][T13609] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1098.270569][T13707] team0: Port device team_slave_1 added
[ 1098.517674][T13742] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1098.534855][T13742] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1098.542099][T13742] bridge_slave_0: entered allmulticast mode
[ 1098.572055][T13905] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1709'.
[ 1098.575260][T13742] bridge_slave_0: entered promiscuous mode
[ 1098.640061][T13742] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1098.663270][T13742] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1098.670491][T13742] bridge_slave_1: entered allmulticast mode
[ 1098.729899][T13742] bridge_slave_1: entered promiscuous mode
[ 1098.907392][T13609] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1098.923103][T13609] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1099.107692][T13609] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1099.147856][T13707] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1099.177860][T13707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1099.264841][T13707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1099.458273][T13742] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1099.466640][T13911] loop1: detected capacity change from 0 to 32768
[ 1099.536978][T13911] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1099.548005][T13911] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1099.585708][T13707] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1099.623636][T13707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1099.678227][T13911] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1099.688290][T13254] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1099.693884][T13707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1099.695286][T13254] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1099.801902][T13742] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1099.947658][T13922] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(6)
[ 1099.954231][T13922] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1099.962753][T13922] vhci_hcd vhci_hcd.0: Device attached
[ 1100.494486][T13254] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 799ms
[ 1100.502321][T13254] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1100.520156][   T49] usb 47-1: new high-speed USB device number 4 using vhci_hcd
[ 1100.667062][T13923] vhci_hcd: connection reset by peer
[ 1100.719349][ T6309] vhci_hcd: stop threads
[ 1100.785771][ T6309] vhci_hcd: release socket
[ 1100.870445][ T6309] vhci_hcd: disconnect device
[ 1101.206186][T13911] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1101.352156][T13742] team0: Port device team_slave_0 added
[ 1101.688060][T13742] team0: Port device team_slave_1 added
[ 1101.965253][T13707] hsr_slave_0: entered promiscuous mode
[ 1101.972336][T13707] hsr_slave_1: entered promiscuous mode
[ 1101.978877][T13707] debugfs: 'hsr0' already exists in 'hsr'
[ 1101.984812][T13707] Cannot create hsr debugfs directory
[ 1103.438166][T13742] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1103.477065][T13742] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1103.522691][T13742] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1105.260131][T13742] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1105.526324][T13742] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1105.757666][   T49] vhci_hcd: vhci_device speed not set
[ 1105.882551][T13742] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1106.202289][T13960] syz.6.1718 (13960): drop_caches: 2
[ 1107.086168][T13742] hsr_slave_0: entered promiscuous mode
[ 1107.092910][T13742] hsr_slave_1: entered promiscuous mode
[ 1107.158496][T13742] debugfs: 'hsr0' already exists in 'hsr'
[ 1107.182055][T13742] Cannot create hsr debugfs directory
[ 1108.146118][T13987] loop7: detected capacity change from 0 to 1024
[ 1108.324245][T13987] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1108.482624][   T30] audit: type=1800 audit(1757823873.033:513): pid=13987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1725" name="file1" dev="loop7" ino=15 res=0 errno=0
[ 1108.504269][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1108.869814][ T6072] bridge_slave_1: left allmulticast mode
[ 1108.949034][ T6072] bridge_slave_1: left promiscuous mode
[ 1108.966942][   T30] audit: type=1804 audit(1757823873.523:514): pid=13987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1725" name="/newroot/292/file1/file1" dev="loop7" ino=15 res=1 errno=0
[ 1109.051208][ T6072] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1109.070508][ T8032] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1109.125423][ T6072] bridge_slave_0: left allmulticast mode
[ 1109.131921][ T6072] bridge_slave_0: left promiscuous mode
[ 1109.178852][ T6072] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1110.750969][T14002] loop7: detected capacity change from 0 to 32768
[ 1111.131219][ T6072] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1111.153029][T14002] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1111.153067][T14002]   allowing incompatible features above 0.0: (unknown version)
[ 1111.153083][T14002]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1111.220061][ T6072] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1111.235220][ T6072] bond0 (unregistering): Released all slaves
[ 1111.251389][T14002] bcachefs (loop7): Using encoding defined by superblock: utf8-12.1.0
[ 1111.267444][T14002] bcachefs (loop7): initializing new filesystem
[ 1111.381488][T14002] bcachefs (loop7): going read-write
[ 1111.451019][T14002] bcachefs (loop7): marking superblocks
[ 1111.716424][T14002] bcachefs (loop7): initializing freespace
[ 1111.842645][T14002] bcachefs (loop7): done initializing freespace
[ 1111.895013][T14002] bcachefs (loop7): reading snapshots table
[ 1111.908174][ T6072] hsr_slave_0: left promiscuous mode
[ 1111.909255][T14002] bcachefs (loop7): reading snapshots done
[ 1111.960183][ T6072] hsr_slave_1: left promiscuous mode
[ 1111.979226][T14002] bcachefs (loop7): done starting filesystem
[ 1111.998559][ T6072] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1112.065277][ T6072] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1112.190356][ T8032] bcachefs (loop7): shutting down
[ 1112.195719][ T6072] veth1_vlan: left promiscuous mode
[ 1112.195879][ T6072] veth0_vlan: left promiscuous mode
[ 1112.240145][ T8032] bcachefs (loop7): going read-only
[ 1112.253377][ T8032] bcachefs (loop7): finished waiting for writes to stop
[ 1112.394152][ T8032] bcachefs (loop7): flushing journal and stopping allocators, journal seq 3
[ 1113.384388][ T8032] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 4
[ 1113.418492][ T8032] bcachefs (loop7): clean shutdown complete, journal seq 5
[ 1113.430084][T14039] loop6: detected capacity change from 0 to 16
[ 1113.447053][ T8032] bcachefs (loop7): marking filesystem clean
[ 1113.466591][T14039] erofs (device loop6): mounted with root inode @ nid 36.
[ 1113.576296][T14039] erofs (device loop6): readahead error at folio 12 @ nid 36
[ 1113.584860][T14039] erofs (device loop6): readahead error at folio 9 @ nid 36
[ 1113.592318][T14039] erofs (device loop6): readahead error at folio 6 @ nid 36
[ 1113.599689][T14039] erofs (device loop6): readahead error at folio 4 @ nid 36
[ 1113.607310][T14039] syz.6.1736: attempt to access beyond end of device
[ 1113.607310][T14039] loop6: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[ 1113.621366][T14039] syz.6.1736: attempt to access beyond end of device
[ 1113.621366][T14039] loop6: rw=524288, sector=376, nr_sectors = 16 limit=16
[ 1113.635255][T14039] syz.6.1736: attempt to access beyond end of device
[ 1113.635255][T14039] loop6: rw=524288, sector=0, nr_sectors = 24 limit=16
[ 1113.648807][T14039] syz.6.1736: attempt to access beyond end of device
[ 1113.648807][T14039] loop6: rw=524288, sector=720, nr_sectors = 16 limit=16
[ 1113.662520][T14039] syz.6.1736: attempt to access beyond end of device
[ 1113.662520][T14039] loop6: rw=524288, sector=525144, nr_sectors = 16 limit=16
[ 1113.814701][ T8032] bcachefs (loop7): shutdown complete
[ 1114.002088][T14046] loop6: detected capacity change from 0 to 1024
[ 1114.125965][T14046] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1114.173692][   T30] audit: type=1800 audit(1757823878.733:515): pid=14046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1737" name="file1" dev="loop6" ino=15 res=0 errno=0
[ 1115.729144][   T30] audit: type=1804 audit(1757823880.283:516): pid=14046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1737" name="/newroot/406/file1/file1" dev="loop6" ino=15 res=1 errno=0
[ 1115.934661][ T6677] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1116.820226][ T6072] team0 (unregistering): Port device team_slave_1 removed
[ 1117.470665][ T6072] team0 (unregistering): Port device team_slave_0 removed
[ 1118.679117][T13609] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1118.968450][T13609] 8021q: adding VLAN 0 to HW filter on device team0
[ 1119.189553][ T6114] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1119.196981][ T6114] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1119.281204][ T6114] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1119.288456][ T6114] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1120.211890][T14078] loop6: detected capacity change from 0 to 32768
[ 1120.861602][T14078] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1120.861783][T14078]   allowing incompatible features above 0.0: (unknown version)
[ 1120.861890][T14078]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1121.223313][T14078] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[ 1121.236637][T14078] bcachefs (loop6): initializing new filesystem
[ 1121.322097][T14078] bcachefs (loop6): going read-write
[ 1121.359630][T13609] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1121.389143][T13742] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1121.426757][T14078] bcachefs (loop6): marking superblocks
[ 1121.488086][T13742] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1121.509221][T14078] bcachefs (loop6): initializing freespace
[ 1121.569557][T13742] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1121.591737][T14078] bcachefs (loop6): done initializing freespace
[ 1121.606477][T14078] bcachefs (loop6): reading snapshots table
[ 1121.648335][T14078] bcachefs (loop6): reading snapshots done
[ 1121.747474][T13742] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1121.790044][T14078] bcachefs (loop6): done starting filesystem
[ 1122.033983][ T6677] bcachefs (loop6): shutting down
[ 1122.061000][ T6677] bcachefs (loop6): going read-only
[ 1122.123319][ T6677] bcachefs (loop6): finished waiting for writes to stop
[ 1122.169773][ T6677] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[ 1122.179709][T13707] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1123.034653][T13707] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1123.171027][T13707] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1123.242444][ T6677] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 4
[ 1123.278275][ T6677] bcachefs (loop6): clean shutdown complete, journal seq 5
[ 1123.300035][ T6677] bcachefs (loop6): marking filesystem clean
[ 1123.323917][T13707] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1123.532152][ T6677] bcachefs (loop6): shutdown complete
[ 1123.902454][T13742] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1124.094299][ T5179] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1124.106640][ T5179] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1124.123719][ T5179] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1124.143683][ T5179] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1124.162354][ T5179] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1124.173966][T13707] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1124.377011][T13742] 8021q: adding VLAN 0 to HW filter on device team0
[ 1124.440427][T13707] 8021q: adding VLAN 0 to HW filter on device team0
[ 1124.471517][T13635] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1124.478763][T13635] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1124.543377][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1124.550562][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1124.815982][ T5979] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1124.823220][ T5979] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1125.065974][ T6086] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1125.073184][ T6086] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1125.539394][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1125.548247][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1126.258606][ T5179] Bluetooth: hci0: command tx timeout
[ 1128.391958][ T5179] Bluetooth: hci0: command tx timeout
[ 1128.401792][T14153] chnl_net:caif_netlink_parms(): no params data found
[ 1129.006618][ T6114] bridge_slave_1: left allmulticast mode
[ 1129.019589][ T6114] bridge_slave_1: left promiscuous mode
[ 1129.036888][ T6114] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1129.104479][ T6114] bridge_slave_0: left allmulticast mode
[ 1129.125069][ T6114] bridge_slave_0: left promiscuous mode
[ 1129.141779][ T6114] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1130.405900][ T5179] Bluetooth: hci0: command tx timeout
[ 1132.483374][ T5179] Bluetooth: hci0: command tx timeout
[ 1132.864102][T14216] loop1: detected capacity change from 0 to 32768
[ 1133.228668][T14216] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1133.228718][T14216]   allowing incompatible features above 0.0: (unknown version)
[ 1133.228740][T14216]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1133.324463][ T6114] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1133.371437][ T6114] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1133.374351][ T6114] bond0 (unregistering): Released all slaves
[ 1133.632321][T14153] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1133.632450][T14153] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1133.632632][T14153] bridge_slave_0: entered allmulticast mode
[ 1133.669997][T14153] bridge_slave_0: entered promiscuous mode
[ 1133.799403][T14153] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1133.799533][T14153] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1133.799858][T14153] bridge_slave_1: entered allmulticast mode
[ 1133.823401][T14153] bridge_slave_1: entered promiscuous mode
[ 1133.862699][T14216] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[ 1133.883499][T14216] bcachefs (loop1): initializing new filesystem
[ 1133.913268][T14216] warn_alloc: 1 callbacks suppressed
[ 1133.913291][T14216] syz.1.1758: vmalloc error: size 8388608, failed to allocated page array size 16384, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1134.005010][T14216] CPU: 1 UID: 0 PID: 14216 Comm: syz.1.1758 Not tainted syzkaller #0 PREEMPT(full) 
[ 1134.005058][T14216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1134.005082][T14216] Call Trace:
[ 1134.005094][T14216]  <TASK>
[ 1134.005108][T14216]  dump_stack_lvl+0x16c/0x1f0
[ 1134.005171][T14216]  warn_alloc+0x248/0x3a0
[ 1134.005233][T14216]  ? __pfx_warn_alloc+0x10/0x10
[ 1134.005309][T14216]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1134.005351][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.005397][T14216]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1134.005455][T14216]  __vmalloc_node_range_noprof+0x101b/0x14b0
[ 1134.005505][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.005564][T14216]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1134.005618][T14216]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1134.005667][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.005717][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.005762][T14216]  ? ___kmalloc_large_node+0xed/0x160
[ 1134.005807][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.005866][T14216]  __kvmalloc_node_noprof+0x30a/0x620
[ 1134.005921][T14216]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1134.005961][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.006008][T14216]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1134.006059][T14216]  ? bch2_fs_journal_start+0x2ce/0x1390
[ 1134.006098][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.006143][T14216]  bch2_fs_journal_start+0x2ce/0x1390
[ 1134.006187][T14216]  ? bch2_trans_put+0x86c/0x10d0
[ 1134.006251][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.006300][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.006345][T14216]  ? find_held_lock+0x2b/0x80
[ 1134.006391][T14216]  ? __pfx_bch2_fs_journal_start+0x10/0x10
[ 1134.006435][T14216]  ? enumerated_ref_put+0xc3/0x270
[ 1134.006479][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.006523][T14216]  ? bch2_fs_journal_alloc+0x3f6/0x5e0
[ 1134.006574][T14216]  bch2_fs_initialize+0x966/0x1bc0
[ 1134.006645][T14216]  ? __entry_text_end+0xfdfb5/0x1020b9
[ 1134.006694][T14216]  ? __pfx_bch2_fs_initialize+0x10/0x10
[ 1134.006756][T14216]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1134.006832][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.006883][T14216]  ? find_held_lock+0x2b/0x80
[ 1134.006951][T14216]  ? __lock_acquire+0xb97/0x1ce0
[ 1134.007080][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007127][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007174][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007222][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007276][T14216]  ? bch2_fs_start+0xdd0/0x1450
[ 1134.007314][T14216]  bch2_fs_start+0xdd0/0x1450
[ 1134.007370][T14216]  bch2_fs_get_tree+0xd9b/0x1b70
[ 1134.007434][T14216]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 1134.007515][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007560][T14216]  ? vfs_parse_fs_param_source+0x103/0x1e0
[ 1134.007606][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007653][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007697][T14216]  ? aa_get_newest_label+0xd2/0x250
[ 1134.007739][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007783][T14216]  ? apparmor_capable+0x114/0x1d0
[ 1134.007826][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007876][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.007929][T14216]  vfs_get_tree+0x8e/0x340
[ 1134.007981][T14216]  path_mount+0x1513/0x2000
[ 1134.008031][T14216]  ? __pfx_path_mount+0x10/0x10
[ 1134.008075][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.008119][T14216]  ? kmem_cache_free+0x2d1/0x4d0
[ 1134.008175][T14216]  ? putname+0x154/0x1a0
[ 1134.008222][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.008267][T14216]  ? putname+0x154/0x1a0
[ 1134.008314][T14216]  ? __x64_sys_mount+0x28d/0x310
[ 1134.008353][T14216]  __x64_sys_mount+0x28d/0x310
[ 1134.008397][T14216]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1134.008437][T14216]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.008497][T14216]  do_syscall_64+0xcd/0x4e0
[ 1134.008563][T14216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1134.008599][T14216] RIP: 0033:0x7fbfb2b9034a
[ 1134.008627][T14216] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1134.008663][T14216] RSP: 002b:00007fbfb3ad0e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1134.008698][T14216] RAX: ffffffffffffffda RBX: 00007fbfb3ad0ef0 RCX: 00007fbfb2b9034a
[ 1134.008723][T14216] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 00007fbfb3ad0eb0
[ 1134.008747][T14216] RBP: 0000200000000140 R08: 00007fbfb3ad0ef0 R09: 0000000002800000
[ 1134.008772][T14216] R10: 0000000002800000 R11: 0000000000000246 R12: 0000200000000100
[ 1134.008795][T14216] R13: 00007fbfb3ad0eb0 R14: 0000000000005aa4 R15: 0000200000000040
[ 1134.008852][T14216]  </TASK>
[ 1134.008887][T14216] Mem-Info:
[ 1134.502789][ T6114] hsr_slave_0: left promiscuous mode
[ 1134.523707][ T6114] hsr_slave_1: left promiscuous mode
[ 1134.545694][ T6114] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1134.553285][T14216] active_anon:15521 inactive_anon:0 isolated_anon:0
[ 1134.553285][T14216]  active_file:18951 inactive_file:40474 isolated_file:0
[ 1134.553285][T14216]  unevictable:768 dirty:57 writeback:0
[ 1134.553285][T14216]  slab_reclaimable:7371 slab_unreclaimable:103069
[ 1134.553285][T14216]  mapped:38448 shmem:8347 pagetables:1644
[ 1134.553285][T14216]  sec_pagetables:0 bounce:0
[ 1134.553285][T14216]  kernel_misc_reclaimable:0
[ 1134.553285][T14216]  free:1282799 free_pcp:13152 free_cma:0
[ 1134.601174][ T6114] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1134.643621][T14216] Node 0 active_anon:62084kB inactive_anon:0kB active_file:75804kB inactive_file:161688kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:153792kB dirty:228kB writeback:0kB shmem:31852kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13744kB pagetables:6436kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1134.744606][T14216] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1134.838886][T14216] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1134.931495][T14216] lowmem_reserve[]: 0 2479 2481 2481 2481
[ 1134.953748][T14216] Node 0 DMA32 free:1227340kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:56640kB inactive_anon:0kB active_file:75804kB inactive_file:160368kB unevictable:1536kB writepending:224kB present:3129332kB managed:2539448kB mlocked:0kB bounce:0kB free_pcp:37964kB local_pcp:24412kB free_cma:0kB
[ 1135.046623][T14216] lowmem_reserve[]: 0 0 1 1 1
[ 1135.061718][T14216] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:4kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[ 1135.136323][T14216] lowmem_reserve[]: 0 0 0 0 0
[ 1135.141130][T14216] Node 1 Normal free:3891788kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17488kB local_pcp:6064kB free_cma:0kB
[ 1135.182781][T14216] lowmem_reserve[]: 0 0 0 0 0
[ 1135.192717][T14216] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1135.206259][T14216] Node 0 DMA32: 2130*4kB (UME) 1151*8kB (UME) 646*16kB (UME) 1091*32kB (UME) 586*64kB (UME) 381*128kB (UME) 211*256kB (UME) 99*512kB (UM) 43*1024kB (UM) 0*2048kB 229*4096kB (M) = 1235968kB
[ 1135.226642][T14216] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[ 1135.239957][T14216] Node 1 Normal: 209*4kB (UE) 59*8kB (UME) 53*16kB (UME) 101*32kB (UME) 31*64kB (UME) 11*128kB (UME) 4*256kB (UM) 6*512kB (UME) 2*1024kB (UM) 1*2048kB (E) 946*4096kB (M) = 3891788kB
[ 1135.258713][T14216] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1135.275265][T14216] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1135.292502][T14216] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1135.308532][T14216] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1135.317964][T14216] 64815 total pagecache pages
[ 1135.331310][T14216] 0 pages in swap cache
[ 1135.336687][T14216] Free swap  = 124996kB
[ 1135.340855][T14216] Total swap = 124996kB
[ 1135.348358][T14216] 2097051 pages RAM
[ 1135.352239][T14216] 0 pages HighMem/MovableOnly
[ 1135.359135][T14216] 430227 pages reserved
[ 1135.364334][T14216] 0 pages cma reserved
[ 1135.384845][T14216] bcachefs (loop1): error reallocating journal fifo (32768 open entries)
[ 1135.411847][T14216] bcachefs (loop1): bch2_fs_initialize(): error ENOMEM_journal_pin_fifo
[ 1135.422582][T14216] bcachefs (loop1): bch2_fs_start(): error starting filesystem ENOMEM_journal_pin_fifo
[ 1135.443060][T14216] bcachefs (loop1): shutting down
[ 1135.476294][T14216] bcachefs (loop1): shutdown complete
[ 1135.513093][ T6114] team0 (unregistering): Port device team_slave_1 removed
[ 1135.561367][ T6114] team0 (unregistering): Port device team_slave_0 removed
[ 1137.241102][ T5880] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1137.253858][ T5880] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1137.262383][ T5880] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1137.270825][ T5880] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1137.279977][ T5880] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1137.486733][T14153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1137.657702][T14153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1137.801921][T13742] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1137.879930][T14216] bcachefs: bch2_fs_get_tree() error: ENOMEM_journal_pin_fifo
[ 1138.312946][T14153] team0: Port device team_slave_0 added
[ 1138.616930][T14153] team0: Port device team_slave_1 added
[ 1139.415317][ T5880] Bluetooth: hci3: command tx timeout
[ 1140.308768][T14153] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1140.325615][T14153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1140.439918][T14153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1140.940915][T14153] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1141.008699][T14153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1141.036444][T14153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1141.350672][T14153] hsr_slave_0: entered promiscuous mode
[ 1141.453493][ T5880] Bluetooth: hci3: command tx timeout
[ 1141.555842][T14153] hsr_slave_1: entered promiscuous mode
[ 1143.523475][ T5880] Bluetooth: hci3: command tx timeout
[ 1144.412364][ T5179] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1144.428093][ T5179] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1144.440816][ T5179] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1144.449475][ T5179] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1144.459288][ T5179] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1145.603940][ T5179] Bluetooth: hci3: command tx timeout
[ 1146.493065][T14254] chnl_net:caif_netlink_parms(): no params data found
[ 1146.566135][ T5179] Bluetooth: hci2: command tx timeout
[ 1147.619642][T14346] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6)
[ 1147.626241][T14346] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1147.634484][T14346] vhci_hcd vhci_hcd.0: Device attached
[ 1147.933452][T13350] usb 45-1: new high-speed USB device number 3 using vhci_hcd
[ 1148.409129][T14347] vhci_hcd: connection reset by peer
[ 1148.480257][ T6111] vhci_hcd: stop threads
[ 1148.517470][ T6111] vhci_hcd: release socket
[ 1148.554109][ T6111] vhci_hcd: disconnect device
[ 1148.643454][ T5179] Bluetooth: hci2: command tx timeout
[ 1149.100250][ T6114] bridge_slave_1: left allmulticast mode
[ 1149.106738][ T6114] bridge_slave_1: left promiscuous mode
[ 1149.115542][ T6114] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1149.244776][ T6114] bridge_slave_0: left allmulticast mode
[ 1149.250514][ T6114] bridge_slave_0: left promiscuous mode
[ 1149.273475][ T6114] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1150.803797][ T5179] Bluetooth: hci2: command tx timeout
[ 1152.883719][ T5179] Bluetooth: hci2: command tx timeout
[ 1153.126649][T13350] vhci_hcd: vhci_device speed not set
[ 1153.187556][ T6114] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1153.219711][ T6114] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1153.238365][ T6114] bond0 (unregistering): Released all slaves
[ 1153.502017][T14254] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1153.527815][T14254] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1153.537083][T14254] bridge_slave_0: entered allmulticast mode
[ 1153.561306][T14254] bridge_slave_0: entered promiscuous mode
[ 1153.956277][ T6114] hsr_slave_0: left promiscuous mode
[ 1153.969526][ T6114] hsr_slave_1: left promiscuous mode
[ 1154.012378][ T6114] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1154.056284][ T6114] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1154.459194][T14386] syz.7.1787 (14386): drop_caches: 2
[ 1156.040345][ T6114] team0 (unregistering): Port device team_slave_1 removed
[ 1156.199119][ T6114] team0 (unregistering): Port device team_slave_0 removed
[ 1158.141122][T14404] loop1: detected capacity change from 0 to 32768
[ 1158.490901][T14404] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1158.490957][T14404]   allowing incompatible features above 0.0: (unknown version)
[ 1158.490980][T14404]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1158.639239][T14404] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[ 1158.647758][T14404] bcachefs (loop1): initializing new filesystem
[ 1158.694644][T14254] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.701983][T14404] bcachefs (loop1): going read-write
[ 1158.722614][T14254] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.740407][T14254] bridge_slave_1: entered allmulticast mode
[ 1158.764763][T14254] bridge_slave_1: entered promiscuous mode
[ 1158.778343][T14404] bcachefs (loop1): marking superblocks
[ 1158.822794][T14404] bcachefs (loop1): initializing freespace
[ 1158.851948][T14404] bcachefs (loop1): done initializing freespace
[ 1158.916116][T14404] bcachefs (loop1): reading snapshots table
[ 1158.955472][T14254] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1158.955888][T14404] bcachefs (loop1): reading snapshots done
[ 1159.000834][T14254] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1159.050388][T14404] bcachefs (loop1): done starting filesystem
[ 1159.409508][T14254] team0: Port device team_slave_0 added
[ 1159.422608][ T5867] bcachefs (loop1): shutting down
[ 1159.482973][ T5867] bcachefs (loop1): going read-only
[ 1159.488456][ T5867] bcachefs (loop1): finished waiting for writes to stop
[ 1159.526787][T14254] team0: Port device team_slave_1 added
[ 1159.606360][ T5867] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[ 1159.766712][T14408] loop6: detected capacity change from 0 to 32768
[ 1159.797143][ T5867] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[ 1159.837980][T14408] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1159.871624][ T5867] bcachefs (loop1): clean shutdown complete, journal seq 4
[ 1159.874468][T14408] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1159.888760][ T5867] bcachefs (loop1): marking filesystem clean
[ 1159.902957][T14308] chnl_net:caif_netlink_parms(): no params data found
[ 1160.004791][T14408] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1160.037603][T14254] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1160.063691][T14254] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1160.098675][T12419] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1160.115738][T12419] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1160.136745][ T5867] bcachefs (loop1): shutdown complete
[ 1160.184478][T14254] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1160.315932][T12419] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 200ms
[ 1160.337547][T12419] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1160.344577][T14408] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1160.423932][T14254] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1160.431344][T14254] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1160.462652][T14254] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1160.510474][T14153] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1160.817610][T14153] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1160.827656][T14440] loop7: detected capacity change from 0 to 512
[ 1160.882746][T14153] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1160.932187][T14440] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1160.972120][T14440] ext4 filesystem being mounted at /314/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1161.266204][T14153] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1161.481585][T14254] hsr_slave_0: entered promiscuous mode
[ 1161.509209][T14254] hsr_slave_1: entered promiscuous mode
[ 1161.517341][T14254] debugfs: 'hsr0' already exists in 'hsr'
[ 1161.523403][T14254] Cannot create hsr debugfs directory
[ 1161.777955][ T8032] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1161.915730][T14308] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1161.942998][T14308] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1161.969459][T14308] bridge_slave_0: entered allmulticast mode
[ 1161.992804][T14308] bridge_slave_0: entered promiscuous mode
[ 1162.452383][T14308] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1162.522411][T14308] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1162.577717][T14308] bridge_slave_1: entered allmulticast mode
[ 1162.655665][T14308] bridge_slave_1: entered promiscuous mode
[ 1163.097159][T14469] loop7: detected capacity change from 0 to 1024
[ 1163.195795][T14308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1163.205032][   T30] audit: type=1800 audit(1757823927.753:517): pid=14469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1797" name="file1" dev="loop7" ino=20 res=0 errno=0
[ 1163.307680][T14308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1163.924342][T14308] team0: Port device team_slave_0 added
[ 1165.286965][T14308] team0: Port device team_slave_1 added
[ 1166.171291][T14308] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1166.190305][T14308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1166.262291][T14308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1166.310643][T14308] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1166.346450][T14308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1166.372438][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1166.388002][T14308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1166.481783][ T2941] bridge_slave_1: left allmulticast mode
[ 1166.492360][ T2941] bridge_slave_1: left promiscuous mode
[ 1166.501136][ T2941] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1166.543700][ T2941] bridge_slave_0: left allmulticast mode
[ 1166.550803][ T2941] bridge_slave_0: left promiscuous mode
[ 1166.562366][ T2941] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1170.047156][T14515] loop6: detected capacity change from 0 to 512
[ 1170.200066][T14515] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1170.273306][ T2941] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1170.282342][T14515] ext4 filesystem being mounted at /426/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1170.533821][ T2941] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1170.783439][ T2941] bond0 (unregistering): Released all slaves
[ 1171.006402][ T6677] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1171.380528][T14308] hsr_slave_0: entered promiscuous mode
[ 1171.444926][T14308] hsr_slave_1: entered promiscuous mode
[ 1171.485517][T14308] debugfs: 'hsr0' already exists in 'hsr'
[ 1171.491313][T14308] Cannot create hsr debugfs directory
[ 1172.585869][ T2941] hsr_slave_0: left promiscuous mode
[ 1172.597775][T14537] loop6: detected capacity change from 0 to 1024
[ 1172.632863][ T2941] hsr_slave_1: left promiscuous mode
[ 1172.669488][ T2941] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1172.785511][ T2941] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1172.839611][   T30] audit: type=1800 audit(1757823937.393:518): pid=14540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1808" name="file1" dev="loop6" ino=20 res=0 errno=0
[ 1174.993998][ T2941] team0 (unregistering): Port device team_slave_1 removed
[ 1175.543349][ T2941] team0 (unregistering): Port device team_slave_0 removed
[ 1176.093573][T14555] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1813'.
[ 1176.463219][T11109] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1176.679314][T11109] usb 7-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 1176.696019][T11109] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1176.710720][T11109] usb 7-1: Product: syz
[ 1176.716504][T11109] usb 7-1: Manufacturer: syz
[ 1176.721474][T11109] usb 7-1: SerialNumber: syz
[ 1176.781104][T11109] usb 7-1: config 0 descriptor??
[ 1176.797758][T11109] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 1176.819563][T14559] loop1: detected capacity change from 0 to 32768
[ 1177.055572][T14551] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1177.098048][T14559] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1177.098130][T14559]   allowing incompatible features above 0.0: (unknown version)
[ 1177.098154][T14559]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1177.212062][T14559] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[ 1177.235239][T14559] bcachefs (loop1): initializing new filesystem
[ 1177.267463][T14559] bcachefs (loop1): going read-write
[ 1177.304498][T14569] loop7: detected capacity change from 0 to 512
[ 1177.323440][T14559] bcachefs (loop1): marking superblocks
[ 1177.355545][T14559] bcachefs (loop1): initializing freespace
[ 1177.367847][T14559] bcachefs (loop1): done initializing freespace
[ 1177.394231][T14569] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1177.410295][T14559] bcachefs (loop1): reading snapshots table
[ 1177.434686][T14559] bcachefs (loop1): reading snapshots done
[ 1177.452528][T14569] ext4 filesystem being mounted at /321/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1177.688971][T14559] bcachefs (loop1): done starting filesystem
[ 1177.707770][T14153] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1177.820571][ T5874] usb 7-1: USB disconnect, device number 12
[ 1178.229172][T14153] 8021q: adding VLAN 0 to HW filter on device team0
[ 1178.275705][ T5867] bcachefs (loop1): shutting down
[ 1178.277619][ T8032] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1178.290663][ T5867] bcachefs (loop1): going read-only
[ 1178.320117][ T5867] bcachefs (loop1): finished waiting for writes to stop
[ 1178.334072][ T6109] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1178.341248][ T6109] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1178.366900][ T5867] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[ 1178.500407][ T6094] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1178.507617][ T6094] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1178.545824][T14254] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1178.596139][ T5867] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[ 1178.615217][ T5867] bcachefs (loop1): clean shutdown complete, journal seq 4
[ 1178.632519][T14254] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1178.642439][ T5867] bcachefs (loop1): marking filesystem clean
[ 1178.932684][ T5867] bcachefs (loop1): shutdown complete
[ 1179.741322][T14254] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1179.824831][T14254] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1180.001947][T14581] loop7: detected capacity change from 0 to 32768
[ 1180.075340][T14581] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1180.093844][T14581] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1180.219301][T14581] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1180.297572][ T5874] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1180.322709][ T5874] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1180.495344][T14254] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1180.592420][ T5874] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 269ms
[ 1180.603069][ T5874] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1180.609550][T14581] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1180.645848][T14254] 8021q: adding VLAN 0 to HW filter on device team0
[ 1180.721790][ T2941] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1180.729042][ T2941] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1180.777914][T14308] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1180.811019][ T2941] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1180.818342][ T2941] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1180.846176][T14308] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1180.905192][T14308] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1180.931221][T14308] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1181.079073][T14153] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1181.121491][T14254] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1181.533680][T14153] veth0_vlan: entered promiscuous mode
[ 1181.578669][T14153] veth1_vlan: entered promiscuous mode
[ 1181.922561][T14308] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1182.477836][T14153] veth0_macvtap: entered promiscuous mode
[ 1182.640042][T14254] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1182.779449][T14308] 8021q: adding VLAN 0 to HW filter on device team0
[ 1183.110951][T14153] veth1_macvtap: entered promiscuous mode
[ 1183.509611][ T2941] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1183.516857][ T2941] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1184.269886][ T6072] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1184.277136][ T6072] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1187.045352][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1187.052135][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1187.909568][T14652] loop1: detected capacity change from 0 to 128
[ 1187.939509][T14652] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1187.954082][T14652] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1188.628116][T14655] loop6: detected capacity change from 0 to 1024
[ 1188.833844][   T30] audit: type=1800 audit(1757823953.383:519): pid=14655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1830" name="file1" dev="loop6" ino=20 res=0 errno=0
[ 1189.129954][T14660] loop1: detected capacity change from 0 to 2048
[ 1189.259695][T14660] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1189.270180][ T5880] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1189.293528][ T5880] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1189.306159][ T5880] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1189.319448][ T5880] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1189.334307][ T5880] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1189.503738][T14254] veth0_vlan: entered promiscuous mode
[ 1189.532079][T14308] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1189.890798][T14668] loop1: detected capacity change from 0 to 512
[ 1190.076141][T14254] veth1_vlan: entered promiscuous mode
[ 1190.177934][T14668] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1833: bad orphan inode 11862016
[ 1190.575289][T14668] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1190.650408][T14668] ext4 filesystem being mounted at /456/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1191.180487][T14677] loop6: detected capacity change from 0 to 4096
[ 1191.384274][ T5880] Bluetooth: hci0: command tx timeout
[ 1191.892900][T14254] veth0_macvtap: entered promiscuous mode
[ 1191.937920][T14254] veth1_macvtap: entered promiscuous mode
[ 1191.959594][T14677] ntfs3(loop6): It is recommened to use chkdsk.
[ 1191.978591][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1192.065221][T14677] ntfs3(loop6): try to read out of volume at offset 0x3fffffc0c00
[ 1192.101926][T14677] ntfs3(loop6): try to read out of volume at offset 0x3fffffc0c00
[ 1192.115325][T14254] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1192.146698][T14677] ntfs3(loop6): try to read out of volume at offset 0x3fffffc0c00
[ 1192.192526][T14677] ntfs3(loop6): try to read out of volume at offset 0x3fffffc0c00
[ 1192.216702][T14677] ntfs3(loop6): try to read out of volume at offset 0x3fffffc1c00
[ 1192.258311][T14677] ntfs3(loop6): try to read out of volume at offset 0x3fffffc2c00
[ 1192.283342][T14677] ntfs3(loop6): try to read out of volume at offset 0x3fffffc4c00
[ 1192.291272][T14677] ntfs3(loop6): try to read out of volume at offset 0x3fffffc8c00
[ 1192.331067][T14677] ntfs3(loop6): try to read out of volume at offset 0x3fffffd0c00
[ 1192.398266][T14254] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1192.512365][   T36] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1193.443658][ T5880] Bluetooth: hci0: command tx timeout
[ 1193.907177][   T36] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1193.979409][   T36] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.076264][T14699] loop7: detected capacity change from 0 to 8
[ 1194.098325][T14699] MTD: Attempt to mount non-MTD device "/dev/loop7"
[ 1194.299827][T14699] cramfs: Error -3 while decompressing!
[ 1194.309129][T14696] syz.1.1839 (14696): drop_caches: 2
[ 1194.318987][T14699] cramfs: ffffffff9af31da8(26)->ffff8880483b9000(4096)
[ 1194.341334][T14699] cramfs: Error -3 while decompressing!
[ 1194.369404][T14699] cramfs: ffffffff9af31dc2(26)->ffff88806e391000(4096)
[ 1194.474875][T14699] cramfs: Error -3 while decompressing!
[ 1194.485784][ T6111] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.494027][T14699] cramfs: ffffffff9af31ddc(16)->ffff888051e2e000(4096)
[ 1194.501737][T14699] cramfs: Error -3 while decompressing!
[ 1194.543182][T14699] cramfs: ffffffff9af31da8(26)->ffff8880483b9000(4096)
[ 1195.014881][ T6259] udevd[6259]: incorrect cramfs checksum on /dev/loop7
[ 1195.067462][ T6259] udevd[6259]: incorrect cramfs checksum on /dev/loop7
[ 1195.180535][T14308] veth0_vlan: entered promiscuous mode
[ 1195.238404][ T6259] udevd[6259]: incorrect cramfs checksum on /dev/loop7
[ 1195.523322][ T5880] Bluetooth: hci0: command tx timeout
[ 1195.601571][T14661] chnl_net:caif_netlink_parms(): no params data found
[ 1195.649907][T14308] veth1_vlan: entered promiscuous mode
[ 1195.892795][ T6109] bridge_slave_1: left allmulticast mode
[ 1195.899725][ T6109] bridge_slave_1: left promiscuous mode
[ 1195.906289][ T6109] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1195.918691][ T6109] bridge_slave_0: left allmulticast mode
[ 1195.925597][ T6109] bridge_slave_0: left promiscuous mode
[ 1195.931862][ T6109] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1196.770624][T14707] loop7: detected capacity change from 0 to 32768
[ 1197.229372][T14707] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1197.229429][T14707]   allowing incompatible features above 0.0: (unknown version)
[ 1197.229452][T14707]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1197.305436][T14707] bcachefs (loop7): Using encoding defined by superblock: utf8-12.1.0
[ 1197.314024][T14707] bcachefs (loop7): initializing new filesystem
[ 1197.350704][T14707] bcachefs (loop7): going read-write
[ 1197.378576][T14707] bcachefs (loop7): marking superblocks
[ 1197.448483][T14707] bcachefs (loop7): initializing freespace
[ 1197.491224][T14707] bcachefs (loop7): done initializing freespace
[ 1197.537337][T14707] bcachefs (loop7): reading snapshots table
[ 1197.551624][ T6109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1197.562568][T14707] bcachefs (loop7): reading snapshots done
[ 1197.584850][ T6109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1197.600900][ T6109] bond0 (unregistering): Released all slaves
[ 1197.607305][ T5880] Bluetooth: hci0: command tx timeout
[ 1197.779635][T14707] bcachefs (loop7): done starting filesystem
[ 1198.247529][ T8032] bcachefs (loop7): shutting down
[ 1198.252610][ T8032] bcachefs (loop7): going read-only
[ 1198.253405][ T6109] hsr_slave_0: left promiscuous mode
[ 1198.299857][ T8032] bcachefs (loop7): finished waiting for writes to stop
[ 1198.330692][ T6109] hsr_slave_1: left promiscuous mode
[ 1198.365215][ T8032] bcachefs (loop7): flushing journal and stopping allocators, journal seq 3
[ 1198.376060][ T6109] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1198.711820][ T6109] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1199.148664][ T8032] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 3
[ 1199.231984][ T5179] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1199.242764][ T5179] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1199.251513][ T5179] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1199.265454][ T5179] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1199.273458][ T5179] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1199.292694][ T8032] bcachefs (loop7): clean shutdown complete, journal seq 4
[ 1199.329765][ T6109] veth1_macvtap: left promiscuous mode
[ 1199.354210][ T6109] veth0_macvtap: left promiscuous mode
[ 1199.552267][ T6109] veth1_vlan: left promiscuous mode
[ 1199.561607][ T8032] bcachefs (loop7): marking filesystem clean
[ 1199.567930][ T6109] veth0_vlan: left promiscuous mode
[ 1199.702594][ T8032] bcachefs (loop7): shutdown complete
[ 1201.365939][T14751] loop6: detected capacity change from 0 to 8
[ 1201.383672][T14751] MTD: Attempt to mount non-MTD device "/dev/loop6"
[ 1201.411982][ T6259] udevd[6259]: incorrect cramfs checksum on /dev/loop6
[ 1201.435414][T14751] cramfs: Error -3 while decompressing!
[ 1201.448378][T14751] cramfs: ffffffff9af35da8(26)->ffff888041efd000(4096)
[ 1201.457105][T14751] cramfs: Error -3 while decompressing!
[ 1201.462892][T14751] cramfs: ffffffff9af35dc2(26)->ffff888041efc000(4096)
[ 1201.523547][ T5871] Bluetooth: hci3: command tx timeout
[ 1201.553518][T14751] cramfs: Error -3 while decompressing!
[ 1201.566743][T14751] cramfs: ffffffff9af35ddc(16)->ffff888041efb000(4096)
[ 1201.590292][ T6259] udevd[6259]: incorrect cramfs checksum on /dev/loop6
[ 1201.614861][T14751] cramfs: Error -3 while decompressing!
[ 1201.620564][T14751] cramfs: ffffffff9af35da8(26)->ffff888041efd000(4096)
[ 1201.961026][T14754] syz.1.1852 (14754): drop_caches: 2
[ 1203.240439][ T6109] team0 (unregistering): Port device team_slave_1 removed
[ 1203.520881][ T6109] team0 (unregistering): Port device team_slave_0 removed
[ 1204.347383][ T5880] Bluetooth: hci3: command tx timeout
[ 1205.602657][ T5880] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1205.618760][ T5880] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1205.629126][ T5880] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1205.640253][ T5880] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1205.648972][ T5880] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1206.407360][ T5871] Bluetooth: hci3: command tx timeout
[ 1207.645509][T14794] syz.7.1865 (14794): drop_caches: 2
[ 1207.691845][T14795] loop6: detected capacity change from 0 to 128
[ 1207.763527][ T5871] Bluetooth: hci5: command tx timeout
[ 1207.837786][T14661] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1207.853428][T14661] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1207.861061][T14661] bridge_slave_0: entered allmulticast mode
[ 1207.870472][T14661] bridge_slave_0: entered promiscuous mode
[ 1207.914941][T14661] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1208.015974][T14661] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1208.023440][T14661] bridge_slave_1: entered allmulticast mode
[ 1208.031690][T14661] bridge_slave_1: entered promiscuous mode
[ 1208.763400][ T5871] Bluetooth: hci3: command tx timeout
[ 1208.860159][T14800] loop7: detected capacity change from 0 to 1024
[ 1209.013503][   T30] audit: type=1800 audit(1757823973.563:520): pid=14801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1866" name="file1" dev="loop7" ino=20 res=0 errno=0
[ 1209.853182][ T5871] Bluetooth: hci5: command tx timeout
[ 1209.867665][T14661] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1209.898026][T14661] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1210.399873][T14810] loop6: detected capacity change from 0 to 64
[ 1210.510772][T14661] team0: Port device team_slave_0 added
[ 1210.538856][T14661] team0: Port device team_slave_1 added
[ 1210.877088][T14810] Trying to free block not in datazone
[ 1211.942042][ T5871] Bluetooth: hci5: command tx timeout
[ 1212.994469][T14661] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1213.001475][T14661] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1213.451861][T14661] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1213.508467][T14661] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1213.515558][T14661] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1213.542730][T14661] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1214.010819][ T5871] Bluetooth: hci5: command tx timeout
[ 1214.656814][T14834] loop6: detected capacity change from 0 to 1024
[ 1216.797251][T14661] hsr_slave_0: entered promiscuous mode
[ 1216.806248][T14661] hsr_slave_1: entered promiscuous mode
[ 1216.815085][ T5979] hfsplus: b-tree write err: -5, ino 4
[ 1218.523593][T14736] chnl_net:caif_netlink_parms(): no params data found
[ 1219.465167][T14869] Bluetooth: MGMT ver 1.23
[ 1219.469683][T14869] Bluetooth: hci0: invalid length 0, exp 2 for type 5
[ 1221.128258][T14892] syz.1.1889 (14892): drop_caches: 2
[ 1222.072568][T14900] loop1: detected capacity change from 0 to 4096
[ 1222.163028][T14900] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[ 1222.186290][T14900] ntfs3(loop1): RAW NTFS volume: Filesystem size 0.00 Gb > volume size 0.00 Gb. Mount in read-only.
[ 1223.071492][T11109] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 1223.132598][T14900] ntfs3(loop1): $Secure::$SDH is corrupted.
[ 1223.160143][T14900] ntfs3(loop1): Failed to initialize $Secure (-22).
[ 1223.253721][T11109] usb 7-1: Using ep0 maxpacket: 16
[ 1223.519398][T11109] usb 7-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[ 1223.552685][T11109] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1223.565655][T11109] usb 7-1: Product: syz
[ 1223.570317][T11109] usb 7-1: Manufacturer: syz
[ 1223.575056][T11109] usb 7-1: SerialNumber: syz
[ 1223.615033][T11109] usb 7-1: config 0 descriptor??
[ 1224.218115][T14781] chnl_net:caif_netlink_parms(): no params data found
[ 1224.223004][T11109] ssu100 7-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[ 1224.591889][T14912] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1224.858394][T11109] ssu100 7-1:0.0: probe with driver ssu100 failed with error -71
[ 1224.895367][T11109] usb 7-1: USB disconnect, device number 13
[ 1225.030593][T14736] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1225.079019][T14736] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1225.102003][T14736] bridge_slave_0: entered allmulticast mode
[ 1225.112053][T14736] bridge_slave_0: entered promiscuous mode
[ 1225.120161][T14924] loop7: detected capacity change from 0 to 1024
[ 1225.121234][T14736] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1225.135040][T14736] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1225.142327][T14736] bridge_slave_1: entered allmulticast mode
[ 1225.151499][T14736] bridge_slave_1: entered promiscuous mode
[ 1226.995165][T14935] syz.6.1901 (14935): drop_caches: 2
[ 1227.596352][T14940] loop7: detected capacity change from 0 to 1024
[ 1227.608681][T14940] EXT4-fs: Ignoring removed bh option
[ 1228.703696][T14940] EXT4-fs (loop7): stripe (5) is not aligned with cluster size (16), stripe is disabled
[ 1229.410063][T14781] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1229.487330][T14781] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1229.557305][T14781] bridge_slave_0: entered allmulticast mode
[ 1230.159490][T14940] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1230.172197][T14781] bridge_slave_0: entered promiscuous mode
[ 1230.181519][T14781] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1230.189463][T14781] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1230.197051][T14781] bridge_slave_1: entered allmulticast mode
[ 1230.205997][T14781] bridge_slave_1: entered promiscuous mode
[ 1230.420348][T14736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1230.731803][T14736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1230.901928][ T8032] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1231.236397][T14781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1231.364419][T14736] team0: Port device team_slave_0 added
[ 1231.389155][T14781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1232.058346][T14966] loop1: detected capacity change from 0 to 2048
[ 1232.110662][T14966] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=27743, location=27743
[ 1232.244328][T14966] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1232.277419][ T6109] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1232.477465][T14974] loop6: detected capacity change from 0 to 1024
[ 1232.675378][T14966] loop1: detected capacity change from 2048 to 0
[ 1232.675456][T14736] team0: Port device team_slave_1 added
[ 1232.972648][    C1] blk_print_req_error: 1 callbacks suppressed
[ 1232.972688][    C1] I/O error, dev loop1, sector 1408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1233.511018][T14781] team0: Port device team_slave_0 added
[ 1233.549156][T14781] team0: Port device team_slave_1 added
[ 1234.008670][T14983] loop7: detected capacity change from 0 to 32768
[ 1234.048078][    C1] I/O error, dev loop1, sector 1408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1234.075996][T14983] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1234.088383][T14983] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1234.089080][    C0] I/O error, dev loop1, sector 1408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1234.171448][T14983] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1234.187385][ T5951] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1234.203173][ T5951] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1234.326273][ T5951] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 123ms
[ 1234.348536][    C1] I/O error, dev loop1, sector 128 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1234.358202][    C1] Buffer I/O error on dev loop1, logical block 128, lost sync page write
[ 1234.406855][ T5951] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1234.433201][T14983] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1234.572414][ T6109] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1234.861389][T15000] loop6: detected capacity change from 0 to 64
[ 1235.152818][T14736] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1235.183326][T14736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1235.209290][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1235.216417][T14736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1235.231945][T14736] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1235.238943][T14736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1235.265114][T14736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1235.495356][T14781] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1235.510435][T14781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1235.615606][T14781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1235.673010][T14781] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1235.700665][T14781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1235.726866][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1235.783204][T14781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1235.995542][ T6109] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.045770][ T6109] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.327081][T14781] hsr_slave_0: entered promiscuous mode
[ 1237.354395][T14781] hsr_slave_1: entered promiscuous mode
[ 1237.360879][T14781] debugfs: 'hsr0' already exists in 'hsr'
[ 1237.468704][T14781] Cannot create hsr debugfs directory
[ 1237.917110][T14736] hsr_slave_0: entered promiscuous mode
[ 1237.935213][T14736] hsr_slave_1: entered promiscuous mode
[ 1237.941910][T14736] debugfs: 'hsr0' already exists in 'hsr'
[ 1237.949336][T14736] Cannot create hsr debugfs directory
[ 1238.013441][ T9863] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 1238.071053][T14661] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1238.235566][ T9863] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1238.284902][T14661] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1238.292180][ T9863] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1238.315497][ T9863] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1238.350415][ T9863] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1238.373317][ T9863] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1238.394067][ T9863] usb 8-1: Product: syz
[ 1238.398869][ T9863] usb 8-1: Manufacturer: syz
[ 1238.431172][ T9863] usb 8-1: SerialNumber: syz
[ 1238.469461][ T9863] cdc_ncm 8-1:1.0: CDC Union missing and no IAD found
[ 1238.483468][ T9863] cdc_ncm 8-1:1.0: bind() failure
[ 1238.773280][T14661] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1238.804680][ T5880] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1238.817176][T14661] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1238.825289][ T5880] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1238.994650][ T5880] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1239.084686][ T5880] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1239.101055][ T5880] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1239.661646][   T49] usb 8-1: USB disconnect, device number 9
[ 1240.796339][T15052] loop7: detected capacity change from 0 to 1024
[ 1240.997931][   T30] audit: type=1800 audit(1757824005.553:521): pid=15052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1924" name="file1" dev="loop7" ino=20 res=0 errno=0
[ 1241.063545][T15052] hfsplus: request for non-existent node 16777216 in B*Tree
[ 1241.096471][T15052] hfsplus: request for non-existent node 16777216 in B*Tree
[ 1241.456349][T15054] loop6: detected capacity change from 0 to 32768
[ 1241.466287][ T5880] Bluetooth: hci2: command tx timeout
[ 1241.531350][T15054] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1241.539827][T15054] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1241.583040][T15054] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1241.598653][ T5874] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1241.606375][ T5874] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1241.702014][ T5874] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 95ms
[ 1241.713347][ T5874] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1241.718611][T15054] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1241.877041][ T6109] bridge_slave_1: left allmulticast mode
[ 1241.890759][ T6109] bridge_slave_1: left promiscuous mode
[ 1241.903880][ T6109] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1241.918411][ T6109] bridge_slave_0: left allmulticast mode
[ 1241.933346][ T6109] bridge_slave_0: left promiscuous mode
[ 1241.939250][ T6109] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1242.098008][ T6109] bridge_slave_1: left allmulticast mode
[ 1242.135735][ T6109] bridge_slave_1: left promiscuous mode
[ 1242.141582][ T6109] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1242.257233][ T6109] bridge_slave_0: left allmulticast mode
[ 1242.262935][ T6109] bridge_slave_0: left promiscuous mode
[ 1242.290639][ T6109] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1243.090045][T15066] loop6: detected capacity change from 0 to 128
[ 1243.526020][ T5880] Bluetooth: hci2: command tx timeout
[ 1244.292900][ T6109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1244.323049][ T6109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1244.337385][ T6109] bond0 (unregistering): Released all slaves
[ 1244.970556][ T6109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1245.041306][ T6109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1245.055251][ T6109] bond0 (unregistering): Released all slaves
[ 1245.603250][ T5880] Bluetooth: hci2: command tx timeout
[ 1245.968872][ T6109] hsr_slave_0: left promiscuous mode
[ 1246.352772][ T6109] hsr_slave_1: left promiscuous mode
[ 1246.364170][ T6109] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1246.398055][ T6109] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1247.333186][ T6109] hsr_slave_0: left promiscuous mode
[ 1247.363282][ T6109] hsr_slave_1: left promiscuous mode
[ 1247.369682][ T6109] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1247.396160][T15086] loop7: detected capacity change from 0 to 1024
[ 1247.403408][ T6109] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1247.446523][ T6109] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1247.476104][ T6109] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1247.500051][ T5871] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1247.502709][T15086] hfsplus: request for non-existent node 16777216 in B*Tree
[ 1247.515849][   T30] audit: type=1800 audit(1757824012.053:522): pid=15086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1935" name="file1" dev="loop7" ino=20 res=0 errno=0
[ 1247.517176][ T5871] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1247.552384][ T5871] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1247.553030][T15086] hfsplus: request for non-existent node 16777216 in B*Tree
[ 1247.578833][ T5871] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1247.590728][ T5871] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1247.683376][ T5880] Bluetooth: hci2: command tx timeout
[ 1247.734616][ T6109] veth1_vlan: left promiscuous mode
[ 1247.740056][ T6109] veth0_vlan: left promiscuous mode
[ 1247.759558][ T6109] veth1_macvtap: left promiscuous mode
[ 1247.772476][ T6109] veth0_macvtap: left promiscuous mode
[ 1247.780119][ T6109] veth1_vlan: left promiscuous mode
[ 1247.793126][ T6109] veth0_vlan: left promiscuous mode
[ 1248.410240][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1248.417397][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1249.502485][ T6109] team0 (unregistering): Port device team_slave_1 removed
[ 1249.549887][ T6109] team0 (unregistering): Port device team_slave_0 removed
[ 1249.689081][ T5880] Bluetooth: hci0: command tx timeout
[ 1251.469829][ T6109] team0 (unregistering): Port device team_slave_1 removed
[ 1251.619773][ T6109] team0 (unregistering): Port device team_slave_0 removed
[ 1251.763327][ T5880] Bluetooth: hci0: command tx timeout
[ 1253.344503][ T5874] usb 8-1: new low-speed USB device number 10 using dummy_hcd
[ 1253.640529][ T5874] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1253.755810][ T5874] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1253.797750][ T5874] usb 8-1: config 0 descriptor??
[ 1253.875039][ T5880] Bluetooth: hci0: command tx timeout
[ 1254.066619][T14781] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1254.196058][T14781] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1254.261635][T15036] chnl_net:caif_netlink_parms(): no params data found
[ 1254.306616][T14781] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1254.455764][T14781] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1254.863822][T15087] chnl_net:caif_netlink_parms(): no params data found
[ 1255.326565][ T5874] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1255.366174][ T5874] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1255.418876][ T5874] asix 8-1:0.0: probe with driver asix failed with error -71
[ 1255.486227][ T5874] usb 8-1: USB disconnect, device number 10
[ 1255.925397][T15036] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1255.934941][ T5880] Bluetooth: hci0: command tx timeout
[ 1255.994164][T15036] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1256.033534][T15036] bridge_slave_0: entered allmulticast mode
[ 1256.366501][T15036] bridge_slave_0: entered promiscuous mode
[ 1256.394505][T15036] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1256.402008][T15036] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1256.433902][T15036] bridge_slave_1: entered allmulticast mode
[ 1256.473033][T15036] bridge_slave_1: entered promiscuous mode
[ 1256.533683][T15087] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1256.540897][T15087] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1256.603517][T15087] bridge_slave_0: entered allmulticast mode
[ 1256.612401][T15087] bridge_slave_0: entered promiscuous mode
[ 1256.836303][T15164] Bluetooth: MGMT ver 1.23
[ 1257.562047][T15163] netlink: 120 bytes leftover after parsing attributes in process `syz.7.1950'.
[ 1257.745455][T15087] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1257.752664][T15087] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1257.781540][T15087] bridge_slave_1: entered allmulticast mode
[ 1257.806384][T15087] bridge_slave_1: entered promiscuous mode
[ 1257.867019][T15036] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1257.918805][T15036] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1258.107215][T15087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1258.136682][T15087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1258.205183][T15036] team0: Port device team_slave_0 added
[ 1258.245168][T15087] team0: Port device team_slave_0 added
[ 1258.291659][T15036] team0: Port device team_slave_1 added
[ 1258.300055][T15087] team0: Port device team_slave_1 added
[ 1258.406096][T15087] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1258.421383][T15087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1258.461163][T15087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1258.617605][T15087] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1258.625978][T15087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1258.652621][T15087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1258.693773][T15036] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1258.700766][T15036] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1258.733805][T15036] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1258.774006][T15036] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1258.780994][T15036] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1258.903437][T15036] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1258.909590][T15183] loop6: detected capacity change from 0 to 1024
[ 1259.113437][ T5951] usb 8-1: new full-speed USB device number 11 using dummy_hcd
[ 1259.174612][ T2941] hfsplus: b-tree write err: -5, ino 4
[ 1259.320949][ T5951] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1259.356646][ T5951] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[ 1259.389135][ T5951] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1259.452882][ T5951] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1259.497720][ T5951] usb 8-1: config 0 descriptor??
[ 1260.441371][ T5880] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1260.452350][ T5880] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1260.464695][ T5880] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1260.473923][ T5880] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1260.482773][ T5880] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1260.519161][T14781] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1260.664880][T15087] hsr_slave_0: entered promiscuous mode
[ 1260.674912][   T49] usb 8-1: USB disconnect, device number 11
[ 1260.684421][T15087] hsr_slave_1: entered promiscuous mode
[ 1260.712574][T15087] debugfs: 'hsr0' already exists in 'hsr'
[ 1260.734926][T15087] Cannot create hsr debugfs directory
[ 1260.838179][T15036] hsr_slave_0: entered promiscuous mode
[ 1260.872096][T15036] hsr_slave_1: entered promiscuous mode
[ 1260.899886][T15036] debugfs: 'hsr0' already exists in 'hsr'
[ 1260.907836][T15036] Cannot create hsr debugfs directory
[ 1261.312132][T14781] 8021q: adding VLAN 0 to HW filter on device team0
[ 1261.876519][T15216] loop7: detected capacity change from 0 to 64
[ 1261.918300][ T2941] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1261.925569][ T2941] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1262.394788][T15220] ------------[ cut here ]------------
[ 1262.400795][T15220] WARNING: CPU: 0 PID: 15220 at fs/buffer.c:1183 mark_buffer_dirty+0x38b/0x410
[ 1262.410052][T15220] Modules linked in:
[ 1262.414540][T15220] CPU: 0 UID: 0 PID: 15220 Comm: syz.7.1956 Not tainted syzkaller #0 PREEMPT(full) 
[ 1262.424127][T15220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1262.434338][T15220] RIP: 0010:mark_buffer_dirty+0x38b/0x410
[ 1262.440144][T15220] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 85 00 00 00 48 8b 3b be 20 00 00 00 e8 f0 ec fb ff e9 d9 fd ff ff e8 f6 ba 74 ff 90 <0f> 0b 90 e9 a1 fc ff ff e8 e8 ba 74 ff 90 0f 0b 90 e9 c3 fc ff ff
[ 1262.459962][T15220] RSP: 0018:ffffc90003e7f938 EFLAGS: 00010283
[ 1262.466219][T15220] RAX: 0000000000006df4 RBX: ffff88804b2bad98 RCX: ffffc90014f1c000
[ 1262.477540][T15220] RDX: 0000000000080000 RSI: ffffffff8246e32a RDI: 0000000000000001
[ 1262.485812][T15220] RBP: ffff888055032000 R08: 0000000000000001 R09: 0000000000000000
[ 1262.494239][T15220] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000009
[ 1262.502263][T15220] R13: ffffed100aa0642c R14: ffff88804b2bad98 R15: ffff888054bba3a0
[ 1262.510402][T15220] FS:  00007f41a47e16c0(0000) GS:ffff8881246b4000(0000) knlGS:0000000000000000
[ 1262.519544][T15220] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1262.526363][T15220] CR2: 00002000002dd030 CR3: 0000000055532000 CR4: 0000000000350ef0
[ 1262.534528][T15220] Call Trace:
[ 1262.537940][T15220]  <TASK>
[ 1262.540941][T15220]  bfs_get_block+0x3eb/0xe70
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1262.546001][T15220]  ? __pfx_bfs_get_block+0x10/0x10
[ 1262.551239][T15220]  ? __pfx_bfs_get_block+0x10/0x10
[ 1262.556586][T15220]  __block_write_begin_int+0x4f4/0x16d0
[ 1262.562314][T15220]  ? __pfx_bfs_get_block+0x10/0x10
[ 1262.567826][T15220]  ? __pfx___block_write_begin_int+0x10/0x10
[ 1262.576927][T15220]  ? __pfx_bfs_get_block+0x10/0x10
[ 1262.582185][T15220]  block_write_begin+0x9a/0x1d0
[ 1262.587295][T15220]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1262.593036][T15220]  bfs_write_begin+0x31/0xd0
[ 1262.593369][ T5880] Bluetooth: hci3: command tx timeout
[ 1262.597824][T15220]  generic_perform_write+0x3c5/0x900
[ 1262.609358][T15220]  ? __pfx_generic_perform_write+0x10/0x10
[ 1262.615514][T15220]  ? inode_needs_update_time.part.0+0x191/0x270
[ 1262.621945][T15220]  __generic_file_write_iter+0x1f7/0x240
[ 1262.627877][T15220]  generic_file_write_iter+0xe1/0x3c0
[ 1262.633530][T15220]  vfs_write+0x7d3/0x11d0
[ 1262.637994][T15220]  ? __pfx_generic_file_write_iter+0x10/0x10
[ 1262.644404][T15220]  ? __pfx_vfs_write+0x10/0x10
[ 1262.649262][T15220]  ? find_held_lock+0x2b/0x80
[ 1262.654370][T15220]  __x64_sys_pwrite64+0x1eb/0x250
[ 1262.659545][T15220]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[ 1262.665268][T15220]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1262.671035][T15220]  do_syscall_64+0xcd/0x4e0
[ 1262.676575][T15220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1262.684045][T15220] RIP: 0033:0x7f41a398eba9
[ 1262.688557][T15220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1262.708419][T15220] RSP: 002b:00007f41a47e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[ 1262.717043][T15220] RAX: ffffffffffffffda RBX: 00007f41a3bd6090 RCX: 00007f41a398eba9
[ 1262.726699][T15220] RDX: 000000000000fdef RSI: 0000200000000140 RDI: 0000000000000006
[ 1262.734831][T15220] RBP: 00007f41a3a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1262.742931][T15220] R10: 000000000000fecc R11: 0000000000000246 R12: 0000000000000000
[ 1262.751044][T15220] R13: 00007f41a3bd6128 R14: 00007f41a3bd6090 R15: 00007ffccc92f2e8
[ 1262.759890][T15220]  </TASK>
[ 1262.763003][T15220] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1262.770301][T15220] CPU: 0 UID: 0 PID: 15220 Comm: syz.7.1956 Not tainted syzkaller #0 PREEMPT(full) 
[ 1262.779684][T15220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1262.789742][T15220] Call Trace:
[ 1262.793022][T15220]  <TASK>
[ 1262.795956][T15220]  dump_stack_lvl+0x3d/0x1f0
[ 1262.800576][T15220]  vpanic+0x6e8/0x7a0
[ 1262.804609][T15220]  ? __pfx_vpanic+0x10/0x10
[ 1262.809133][T15220]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1262.814790][T15220]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1262.820451][T15220]  ? mark_buffer_dirty+0x38b/0x410
[ 1262.825577][T15220]  panic+0xca/0xd0
[ 1262.829324][T15220]  ? __pfx_panic+0x10/0x10
[ 1262.833795][T15220]  check_panic_on_warn+0xab/0xb0
[ 1262.838744][T15220]  __warn+0xf6/0x3c0
[ 1262.842646][T15220]  ? mark_buffer_dirty+0x38b/0x410
[ 1262.847779][T15220]  report_bug+0x3c3/0x580
[ 1262.852145][T15220]  ? mark_buffer_dirty+0x38b/0x410
[ 1262.857267][T15220]  handle_bug+0x184/0x210
[ 1262.861619][T15220]  exc_invalid_op+0x17/0x50
[ 1262.866141][T15220]  asm_exc_invalid_op+0x1a/0x20
[ 1262.871001][T15220] RIP: 0010:mark_buffer_dirty+0x38b/0x410
[ 1262.876735][T15220] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 85 00 00 00 48 8b 3b be 20 00 00 00 e8 f0 ec fb ff e9 d9 fd ff ff e8 f6 ba 74 ff 90 <0f> 0b 90 e9 a1 fc ff ff e8 e8 ba 74 ff 90 0f 0b 90 e9 c3 fc ff ff
[ 1262.896374][T15220] RSP: 0018:ffffc90003e7f938 EFLAGS: 00010283
[ 1262.902469][T15220] RAX: 0000000000006df4 RBX: ffff88804b2bad98 RCX: ffffc90014f1c000
[ 1262.910458][T15220] RDX: 0000000000080000 RSI: ffffffff8246e32a RDI: 0000000000000001
[ 1262.918448][T15220] RBP: ffff888055032000 R08: 0000000000000001 R09: 0000000000000000
[ 1262.926436][T15220] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000009
[ 1262.934417][T15220] R13: ffffed100aa0642c R14: ffff88804b2bad98 R15: ffff888054bba3a0
[ 1262.942413][T15220]  ? mark_buffer_dirty+0x38a/0x410
[ 1262.947560][T15220]  ? mark_buffer_dirty+0x38a/0x410
[ 1262.952692][T15220]  bfs_get_block+0x3eb/0xe70
[ 1262.957333][T15220]  ? __pfx_bfs_get_block+0x10/0x10
[ 1262.962479][T15220]  ? __pfx_bfs_get_block+0x10/0x10
[ 1262.967620][T15220]  __block_write_begin_int+0x4f4/0x16d0
[ 1262.973210][T15220]  ? __pfx_bfs_get_block+0x10/0x10
[ 1262.978362][T15220]  ? __pfx___block_write_begin_int+0x10/0x10
[ 1262.984384][T15220]  ? __pfx_bfs_get_block+0x10/0x10
[ 1262.989528][T15220]  block_write_begin+0x9a/0x1d0
[ 1262.994402][T15220]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1263.000060][T15220]  bfs_write_begin+0x31/0xd0
[ 1263.004692][T15220]  generic_perform_write+0x3c5/0x900
[ 1263.010025][T15220]  ? __pfx_generic_perform_write+0x10/0x10
[ 1263.015868][T15220]  ? inode_needs_update_time.part.0+0x191/0x270
[ 1263.022144][T15220]  __generic_file_write_iter+0x1f7/0x240
[ 1263.027799][T15220]  generic_file_write_iter+0xe1/0x3c0
[ 1263.033209][T15220]  vfs_write+0x7d3/0x11d0
[ 1263.037578][T15220]  ? __pfx_generic_file_write_iter+0x10/0x10
[ 1263.043603][T15220]  ? __pfx_vfs_write+0x10/0x10
[ 1263.048411][T15220]  ? find_held_lock+0x2b/0x80
[ 1263.053150][T15220]  __x64_sys_pwrite64+0x1eb/0x250
[ 1263.058227][T15220]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[ 1263.063823][T15220]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1263.069486][T15220]  do_syscall_64+0xcd/0x4e0
[ 1263.074030][T15220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1263.079958][T15220] RIP: 0033:0x7f41a398eba9
[ 1263.084392][T15220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1263.104033][T15220] RSP: 002b:00007f41a47e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[ 1263.112481][T15220] RAX: ffffffffffffffda RBX: 00007f41a3bd6090 RCX: 00007f41a398eba9
[ 1263.120462][T15220] RDX: 000000000000fdef RSI: 0000200000000140 RDI: 0000000000000006
[ 1263.128439][T15220] RBP: 00007f41a3a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1263.136415][T15220] R10: 000000000000fecc R11: 0000000000000246 R12: 0000000000000000
[ 1263.144410][T15220] R13: 00007f41a3bd6128 R14: 00007f41a3bd6090 R15: 00007ffccc92f2e8
[ 1263.152442][T15220]  </TASK>
[ 1263.155714][T15220] Kernel Offset: disabled
[ 1263.160046][T15220] Rebooting in 86400 seconds..