last executing test programs:

23m48.00968875s ago: executing program 32 (id=14):
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getitimer(0x0, 0x0)

23m11.348923705s ago: executing program 33 (id=104):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x24000050}, 0x0)

21m10.179378931s ago: executing program 34 (id=312):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
syz_usb_connect(0x1, 0x2d, 0x0, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, 0x0, 0x0)

20m29.909959305s ago: executing program 35 (id=383):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getpgrp(0xffffffffffffffff)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1770, 0xff00, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)

20m15.732102164s ago: executing program 36 (id=403):
socket$vsock_stream(0x28, 0x1, 0x0)
epoll_create1(0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="6000000010000304f500"/20, @ANYRES32=0x0, @ANYBLOB="00050000000000003000128009000100766c616e00000000200002800c0002000a0000001f00000006000100000000000600050088a8000008000500", @ANYRES32=r2], 0x60}}, 0x4000000)

17m37.5529647s ago: executing program 37 (id=614):
rename(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x66b, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r3, 0x112, 0xb, 0x0, 0x0)
r4 = memfd_secret(0x0)
fchownat(r4, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)
socket$tipc(0x1e, 0x5, 0x0)
listen(0xffffffffffffffff, 0x8)

16m0.844672679s ago: executing program 38 (id=728):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x408, &(0x7f0000001180)="$eJzs3M1uG1UbAOB3JrHTpD/OJ3XxqbCIBIIgaFIHAhQhKGz52QAXECVpqUibqgkSDVkUVDasWCB2LHoDLJDYVhVCQuIWuAFUqUJpFrALGnsmcWs72Ikdp+R5pNGcMz7ue94Zd3TOxD4BHFkTEXEhIoYiYiYiKvnxNN/iZn3L2j3YWJ/f3FifT2Jr64M/k0jyY8W/leT743llMo1Ib0U8cbM57sqNtU/mlpYWr+f16dUr16ZXbqydvXxl7tLipcWr1VfOV6uzM69WX+pZrt89/dz5obcvnPn+98rd2XJ5NOvvify1xjx6ZSImts9JYSrfz/Y62ICVB90BAAA6kuZj/+Ha+L8SQ7VSXSWm1wfaOQAAAKAntt7M93tybI/vAwAAAA5W0mIOXzKvBwAAgP+QUv49gAcb6/PFNsjvIxy0+29FxPjOb5s3t/MfjmN5m1Iff986ERHXnkkq2RZ9+h0yAECju9n451yr8V8a/29oNxJRGw+N9jj+xCP15vFPeq/HIR+Sjf9ej4jNpvFfWjQZH8prJ2tDxVJy8fLS4rmIOBURk1EayerVXWK889cP77d7Lcv/l+TkqWLL4mf7nRbpveGRh9+zMLc6t5+cG93/IuLMcKv8k+3xbxIRY/uIMfT57dfavfbv+ffX1u2IZ1te/52Ve5Ld1yearn0epotPRbO/v/zxvXbxW+U/HAeXf3b9x3bPfzxpXK9ppfsYdz7+7claoUVWjfOfbj7/5eTDWrmYl302t7p6vRpRTt5tPj6z896iXrTP8p98qvX//+L+l+RrWp3I7wHd+vqbn1/YvUU9/2zL4hdzwcxXM7fW9hCyY1n+C11d/+4LL9/59aN28Ruvf6v869e/vgbYZH6kk/tfpx3cz7kDAACAx0Vae66RpFPb5TSdmqo/7zgdY+nS8srq8xeXP726UH/+MR6ltHjSVWl4Hlqt/xl9uz7zSP3FiPhfRHxbGa3Vp+aXlxYGnTwAAAAcEcfbzP8zf1QG3TsAAACgZ8YH3QEAAACg7/L5/9nTg+4IAAAA0A/7Wdfv6BayM9dp43Icjj4fzsIbP4XzcygLg74zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPN7+CQAA//8e+LAL")
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
splice(r4, 0x0, r0, 0x0, 0x406f413, 0x0)

14m3.896725692s ago: executing program 39 (id=873):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket(0x10, 0x400000000080803, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvfrom$unix(r3, 0x0, 0x0, 0x2041, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdir(0x0, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000540)={0x30, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x14, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbc}]}, {0x4}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x0, 0x25dfdbfc, {0x5}}, 0x14}}, 0x0)

13m56.558614562s ago: executing program 40 (id=878):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket(0x11, 0xa, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040))
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r1, &(0x7f0000000300)={0x2, 0x4e21, @private=0xa010100}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x0, 0xffff}, @mss, @window, @window], 0x6)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f00000000c0)=0x3, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="540000001400090525bd70000003000002180d00", @ANYRES32=r5, @ANYBLOB="080001000000000008000200e0000002080009000e00000008000100ac1414"], 0x54}}, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r6, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x0, @loopback=0x7f000000}})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)

10m30.983356309s ago: executing program 5 (id=1089):
madvise(&(0x7f00003d1000/0x4000)=nil, 0x4000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7}, 0x50)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r3, 0x0)
truncate(0x0, 0x8fff7)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)

10m27.664713292s ago: executing program 5 (id=1094):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fstat(0xffffffffffffffff, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
recvmmsg(r5, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000002940)=[{&(0x7f00000003c0)=""/9, 0x9}], 0x1}, 0x2000}], 0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xd}, @hci_ev_le_ltk_req={{}, {0xc9}}}}, 0x10)

10m24.883631412s ago: executing program 5 (id=1096):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xf, &(0x7f0000000780)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x5}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x0, 0x10, 0xfffffffb, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x9}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0xac}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
preadv(r0, &(0x7f0000000740)=[{0x0}, {&(0x7f0000000500)=""/97, 0x61}], 0x2, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000240)={'vxcan0\x00'})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180), 0x201, 0x0)

10m22.399468475s ago: executing program 5 (id=1097):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xffd1, &(0x7f0000000080)=0x2)
openat$binder_debug(0xffffff9c, &(0x7f0000000340)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
io_uring_setup(0xaab, 0x0)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x4, @loopback}, 0x1c)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pread64(r5, &(0x7f00000001c0)=""/107, 0x6b, 0x3)
setsockopt(r4, 0x84, 0x81, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000), 0x0)
sendto$inet6(r4, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
listen(r3, 0x20000005)
r6 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
accept4(r3, 0x0, 0x0, 0x0)

10m16.359741324s ago: executing program 5 (id=1099):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x125)
r3 = io_uring_setup(0xaab, &(0x7f0000000340)={0x0, 0x40000001})
r4 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r4, &(0x7f000047b000)={0xa, 0x4e20, 0x4, @loopback}, 0x1c)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r5, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
accept4(r4, 0x0, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

10m11.777621189s ago: executing program 5 (id=1107):
socket(0x80000000000000a, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$setperm(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$pptp(0x18, 0x1, 0x2)
r1 = fsopen(&(0x7f00000001c0)='configfs\x00', 0x1)
socket$nl_route(0x10, 0x3, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x5)
fchdir(r2)
r3 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getdents64(r3, &(0x7f0000000f80)=""/4084, 0xff4)
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0x2b, 0xa, 0x7)
mount$afs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x23000e9, &(0x7f0000000200)={[{@flock_local}, {@flock_write}, {@flock_local}, {@flock_openafs}], [{@dont_appraise}, {@fsuuid={'fsuuid', 0x3d, {[0x36, 0x36, 0x32, 0x35, 0x64, 0x63, 0x64, 0x37], 0x2d, [0x62, 0x61, 0x31, 0x33], 0x2d, [0x38, 0x35, 0x36, 0x31], 0x2d, [0x34, 0x62, 0x62, 0x64], 0x2d, [0x32, 0x34, 0x36, 0x36, 0x38, 0x7, 0x39, 0x61]}}}]})
setsockopt$inet_tcp_int(r2, 0x6, 0x17, 0x0, 0x0)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r4, 0x0)

9m54.262033782s ago: executing program 41 (id=1107):
socket(0x80000000000000a, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$setperm(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$pptp(0x18, 0x1, 0x2)
r1 = fsopen(&(0x7f00000001c0)='configfs\x00', 0x1)
socket$nl_route(0x10, 0x3, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x5)
fchdir(r2)
r3 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getdents64(r3, &(0x7f0000000f80)=""/4084, 0xff4)
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0x2b, 0xa, 0x7)
mount$afs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x23000e9, &(0x7f0000000200)={[{@flock_local}, {@flock_write}, {@flock_local}, {@flock_openafs}], [{@dont_appraise}, {@fsuuid={'fsuuid', 0x3d, {[0x36, 0x36, 0x32, 0x35, 0x64, 0x63, 0x64, 0x37], 0x2d, [0x62, 0x61, 0x31, 0x33], 0x2d, [0x38, 0x35, 0x36, 0x31], 0x2d, [0x34, 0x62, 0x62, 0x64], 0x2d, [0x32, 0x34, 0x36, 0x36, 0x38, 0x7, 0x39, 0x61]}}}]})
setsockopt$inet_tcp_int(r2, 0x6, 0x17, 0x0, 0x0)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r4, 0x0)

9m22.098397465s ago: executing program 3 (id=1142):
syz_usb_connect$uac1(0x6, 0xb8, &(0x7f0000000000)={{0x12, 0x1, 0x4879151a0ba339fc, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa6, 0x3, 0x1, 0x2, 0xa0, 0xf, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xfffb, 0x1}, [@feature_unit={0xf, 0x24, 0x6, 0x1, 0x4, 0x4, [0x6, 0x9, 0xa, 0x2], 0x4}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x2, 0x0, 0x5, "9fae0d"}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x7, 0xa6, 0x6, {0x7, 0x25, 0x1, 0x2, 0x7, 0x7fff}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x9, 0x2, 0x4, 0x2, "fa1a54", ':'}, @as_header={0x7, 0x24, 0x1, 0x7f, 0x9, 0x5}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x80, 0x4, 0x24, 0x7f, "bb34", "ea3faa"}, @format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x13c9, 0xd, 0x81, ' `s'}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x3, 0x0, 0x6, {0x7, 0x25, 0x1, 0x83, 0x21, 0x2}}}}}}}]}}, &(0x7f0000000840)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x110, 0x0, 0x20, 0xd5, 0x20, 0x4}, 0x137, &(0x7f0000000140)={0x5, 0xf, 0x137, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x0, 0x4, 0x2}, @ssp_cap={0x10, 0x10, 0xa, 0xf8, 0x1, 0x29, 0x0, 0x5, [0xff00c0]}, @ss_container_id={0x14, 0x10, 0x4, 0x10, "f88832df761ee1eaa4e42c00b4371518"}, @generic={0xb5, 0x10, 0x1, "69e166db784c06490f641b183f96f2aff821b52574c4ced4dec50f58c9d4f97ba2742259263c03e46c89167c4b01d5192c72e8839bb4471c71beea22edaa03b02e1d7472bc6f01cc7a5d543a786427fe550e0f6fc798cba78c99da3f066ceee05c2299fc7439c88b378ae0afc359da51bc6f51726d7b88134bf0c3def89993bf569394bdd7e296322ca4ce2907a0b838ec4a4069441a102e071a15504506f22bd7abcf53385daa6c830a761bf3eb31266104"}, @generic={0x4f, 0x10, 0x4, "2e5d5eb5d1989c9d311ee7080205b0dc001ae958c32f78fbf02f93043830140a6fd71f1e980394388d05f2758ad56c10965dee978fde499a01ea33a98852274dd54e660e2d7594b3dbcf651e"}]}})

9m11.47059415s ago: executing program 3 (id=1153):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0x7, 0x0, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000900), 0x410002, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)

9m6.015417348s ago: executing program 3 (id=1159):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40)
fanotify_init(0x200, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r3, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56)
sendmsg$inet(r3, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000000300)="c88e1fa505c9a3ffa4bc2859ca8b324390247f30ef8f3c", 0x17}], 0x1}, 0x0)
r4 = syz_open_dev$media(0x0, 0x4ec45fcf, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, 0x0)
ioctl$MEDIA_REQUEST_IOC_QUEUE(0xffffffffffffffff, 0x7c80, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x23, 0x1, 0x0}, &(0x7f00000002c0)=0x40)
mremap(&(0x7f00008d5000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)

8m58.590979261s ago: executing program 3 (id=1165):
syz_usb_connect$uac1(0x6, 0xb8, &(0x7f0000000000)={{0x12, 0x1, 0x4879151a0ba339fc, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa6, 0x3, 0x1, 0x2, 0xa0, 0xf, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xfffb, 0x1}, [@feature_unit={0xf, 0x24, 0x6, 0x1, 0x4, 0x4, [0x6, 0x9, 0xa, 0x2], 0x4}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x2, 0x0, 0x5, "9fae0d"}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x7, 0xa6, 0x6, {0x7, 0x25, 0x1, 0x2, 0x7, 0x7fff}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x9, 0x2, 0x4, 0x2, "fa1a54", ':'}, @as_header={0x7, 0x24, 0x1, 0x7f, 0x9, 0x5}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x80, 0x4, 0x24, 0x7f, "bb34", "ea3faa"}, @format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x13c9, 0xd, 0x81, ' `s'}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x3, 0x0, 0x6, {0x7, 0x25, 0x1, 0x83, 0x21, 0x2}}}}}}}]}}, &(0x7f0000000840)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x110, 0x0, 0x20, 0xd5, 0x20, 0x4}, 0x137, &(0x7f0000000140)={0x5, 0xf, 0x137, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x0, 0x4, 0x2}, @ssp_cap={0x10, 0x10, 0xa, 0xf8, 0x1, 0x29, 0x0, 0x5, [0xff00c0]}, @ss_container_id={0x14, 0x10, 0x4, 0x10, "f88832df761ee1eaa4e42c00b4371518"}, @generic={0xb5, 0x10, 0x1, "69e166db784c06490f641b183f96f2aff821b52574c4ced4dec50f58c9d4f97ba2742259263c03e46c89167c4b01d5192c72e8839bb4471c71beea22edaa03b02e1d7472bc6f01cc7a5d543a786427fe550e0f6fc798cba78c99da3f066ceee05c2299fc7439c88b378ae0afc359da51bc6f51726d7b88134bf0c3def89993bf569394bdd7e296322ca4ce2907a0b838ec4a4069441a102e071a15504506f22bd7abcf53385daa6c830a761bf3eb31266104"}, @generic={0x4f, 0x10, 0x4, "2e5d5eb5d1989c9d311ee7080205b0dc001ae958c32f78fbf02f93043830140a6fd71f1e980394388d05f2758ad56c10965dee978fde499a01ea33a98852274dd54e660e2d7594b3dbcf651e"}]}})

8m52.650230778s ago: executing program 3 (id=1171):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="020300090f0000000000000000000000010018000000000005000600000000000a00000000000000fc02000007000000000000000000000000000000000000000200010000000000000002000000000005000500000000000a"], 0x78}, 0x1, 0x7}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000580), 0x0}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83b23dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c11160fb20b1c581e7b0915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab3aa32f948c06b59b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2abd18cae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e26d0a5752813bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a7237841cef384b22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c74f0e2a9bf62ffec6459db40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced84680900000000000000d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d2782a70cf44ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d767671414c99d4894edff8249dc1e3428d2129369ee1b85af1eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038deb359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d40973109644fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f77abb21338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e155f455010b0cb578af7dc7d5e87d4cd376444e2de02f47c61e8e84ff828de453f3489460fd83210e95307e676e1fb4d5865c0ca177a4c7fbb4e62b4450900576b2b5cc7f819abd0f885cc4806f47ffbff01000054f5a2d3875e46000000000000e734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329a18cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481ed51a6359cade91fd645c6d924f36a86bf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf817becd9e5a225d67521d1128eac7d80a6225c3e2f0932223bfbf69ff861f4394836ddf128d6d19079e64336e09000000c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661fdcfa68f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b98a8bf6c747d9a1cc500bb892c3a16ff10feea20bdac89afb758cfa10000000000000000000000000200000000000000ed713df0c59e38928511a64845f1b21ed03369719fa905909d8ce35b42761c46d040e53a0a227e9cecd4d414231baa4894a13763ea5de7a52e61a588babaf5da9a28f477e032400938116cb294447898039724881de3ba3dd5e5e115b58d438b17ad11bf1b1f1ed057d89ec46b2b9bb434e9187a728d1136333958469b22d2126664b5299cc3167ac9a4d501638b978e1c692da5261dae5c9d13065b8ed8b358e7273dfa1e9a8dc1d16aa1edd0c274dedb7cd7e4753c152b4e0e3d124e561420587b9b00ab68c32d6b397c5e7cc4e803e6b6e8ed547e2875372023d111e64cd9ee3635888ecbc7352fd60f348456d74e9e7c09ee202dd09524ecfd3d8c836c0a13a9a45a7e2cec88fa2710ee35c9ed1b824fe4fe68849eee41b5e335aeec0f27053b3a07a001ffe29c5cc3a0ccdcc74330c2a995378d225495c5a543519d952c96da9257f47acc29c48d48b22b1f502b9d743d352de56efbb1b15158c4f0107ba5b3394d4cad4f0a1d31f694d0f559e7f82682775ec7569eeb7ef643dbcbafc4c1c5cbb0ad02dd2a69c5f2b5350049a817b546cf734a746a1cc147a6050bd16598e8e3a5c3515d0edc23e66bbdc6c117559357f49c59208af1162ba1d6667e3ab6bb1696c32dc3bcb2c8ab30d28265ff55c8a80c8e3ce29b2f576ea686d351a8cdb808739ed1a7022fb6e4e834593279c791085e49d1b8124adaf0010790e72ef2035e3da7ebb117c1a032a7378d5c62bb1a4e212618113bbd688091273028a44abfe09067e22fda361d6769d1f44bb06ca0cb9a14a54a8ba0dcb5445c4b368bd1dcce7500"/2356], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r9, 0x18000000000002a0, 0x22, 0x60000000, &(0x7f0000000100)="b9ff03076044238cb89e14f086dd47e0ffff00004000632f77fb8035140cac14140c07029f89052f87e577ca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
sendmsg$key(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x13, 0x0, 0x0, 0x2, 0x0, 0x0, 0x10}, 0x10}}, 0x0)
getsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)

8m44.122039413s ago: executing program 3 (id=1178):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000100085000000220000008500000023"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$setperm(0x5, 0x0, 0x0)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
lgetxattr(0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
sendto$inet(r0, &(0x7f0000000280)="c0e403442e9a07820ae65fa6fb9d69542f5de752f294904821ef5b3810368ff8f6ebd1d6c3bb6109fa222d1bcf9d95361ff0a8a7a0783c33258e9a1d6d0c0e9cb1957d54a6433c34ce9f6d7244111cd9f7ced391877f3b1ba625df089f37ed8d01e49b9230e17269b08c5b077cc759bb2e0c6aff9d0010d896f0b890710f98260e66801949848d2e2bc70da88a0564d40b4ed208371a5816de20c13cc6dc371ae1bdf5689e6bfe", 0xa7, 0x40800, &(0x7f0000000340)={0x2, 0x4e23, @private=0xa010102}, 0x10)
socket$pptp(0x18, 0x1, 0x2)
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_LLC_SDREQ(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000240)={0x1c, 0x0, 0x6d827113aa2625e5, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0)
r2 = socket(0x2b, 0x3, 0x1)
setsockopt$inet_int(r2, 0x0, 0xd, 0x0, 0xffffffffffffff83)
openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a40, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0xb2851, r3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

8m28.509695291s ago: executing program 42 (id=1178):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000100085000000220000008500000023"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$setperm(0x5, 0x0, 0x0)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
lgetxattr(0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
sendto$inet(r0, &(0x7f0000000280)="c0e403442e9a07820ae65fa6fb9d69542f5de752f294904821ef5b3810368ff8f6ebd1d6c3bb6109fa222d1bcf9d95361ff0a8a7a0783c33258e9a1d6d0c0e9cb1957d54a6433c34ce9f6d7244111cd9f7ced391877f3b1ba625df089f37ed8d01e49b9230e17269b08c5b077cc759bb2e0c6aff9d0010d896f0b890710f98260e66801949848d2e2bc70da88a0564d40b4ed208371a5816de20c13cc6dc371ae1bdf5689e6bfe", 0xa7, 0x40800, &(0x7f0000000340)={0x2, 0x4e23, @private=0xa010102}, 0x10)
socket$pptp(0x18, 0x1, 0x2)
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_LLC_SDREQ(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000240)={0x1c, 0x0, 0x6d827113aa2625e5, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0)
r2 = socket(0x2b, 0x3, 0x1)
setsockopt$inet_int(r2, 0x0, 0xd, 0x0, 0xffffffffffffff83)
openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a40, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0xb2851, r3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

6m55.878753923s ago: executing program 1 (id=1320):
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0x40505330, &(0x7f0000000bc0)={{0x0, 0x1}, {0xe}, 0x0, 0x6})
r4 = memfd_create(&(0x7f0000000600)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb77\x1e\xba\xf2\x8cG\b\xc1\xef\xba!\x9d\xd0\rSt\xa24\t\x00\xae\x00\x00\x00\x00\x00\xff\xff\x10\x04\x00\x00\x1dz\xd05\xe2e,^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5U\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fh\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x00\x00\xc8X\xdaNz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x00\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[R\xc36b\xa2]\xed\xe8\xb0\xfa\"\xa2\xd2\xff\xff\xff\xff\xff\xff\xff\xfb\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x06?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3n-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\x061] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x00P\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8fC\x91W\xadi\x00\xf2k\xd5v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\xd4\x1a\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\xf0V\xbd\xa60\x1f\xc3\x03\xfa\x890\x86#\bQ\xcb)\xf6]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1n 1\x8d \xc1\xaf\x19\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\x9fJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa68\xf37g\xab9m\xe7\xdd)I\x1f\x96c\x9dO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16\x00\x00\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xf2\xb5K\x03\x85\x92k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86$\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdI\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00KT2\x1b\x16=\x10\xd3\x9a\xf0\xb7\x00\x00\x00\x00\x00\x00\x00\x8b\x108\x170\xcf\xde\xe4\xd1\xf7\xb9\xe5t\x80\x95\r\xbe\x83\x12\xe1m\xa3\x1d\xb6\xe2\xc0\x91\xab\x15\x8aZe/\x13\t\xcd{&\xec\xa5\x1e\x9e1\xc2\x89\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa6\x00#\t=\xafE\x80\x85\xc0\xb9\xc1qN\x97\xb3\x90\f,\xb4\x99\xa4\xad\xff\xcd\x829\x88\xd6\x19\xe2P\x87\xf71\xd7\x8f?u\x01 ~\xd9\x94\xb0f|\xb8j=\x9d\xfa\x7f\xc1\xef\x1f\xe9B)\x97\xff\xb8\xffR\x19\xa9\xb4=\xb2x\x19\xe1yf\xb4\xf5^B5\x8d\x10H-\xd4;\xbdd\xd4\x16?\xbe\x18\xa1.\xd8\x12E\b3@\x97\xaf<\xb5Y\"w3\x8d#UE\xcc\xb7\x01d=|\xad\x92d\xd8m\xf9P\xcd)F\x1b\x81\xce\x8a\x11\x93\xe3D\xaa\xb4\xd1\xb0\xfef\xa1\x8eT\x81\x11\xca\xa5\xea\xd1\xea:\xbbG\x9f\xe6A\xc8\xf50\xb5\xfa\"\xa2\xb0/T\xf7\x98\xe9\xae\b\x9bY_\xc1\x01\xb1z\v\x05\x0f\x00\xfd\xbd\x8a\xdc\xe4m\xf5;\xf0Rp\x8f\xbcSg?\xbb\xb3\xe3\xaf*\x7fC\n\xa3\x90\xbai\xdd\xa5\xb9eu\r\xb6\xc2#\x8e\xba\xc0\xfe&D\xe9p\x1b\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcar\\.\xfc\xb0a\x87\x7f\xb35\x1a55\x1b', 0x6)
fcntl$addseals(r4, 0x409, 0x19)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1ab, 0x110, r4, 0x2000)
r5 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r5, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

6m54.925838275s ago: executing program 1 (id=1321):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x300, 0xc, 0x83, 0x83, 0x20, 0x421, 0x223, 0x8516, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x9, 0x4, 0x80, 0x9, [{{0x9, 0x4, 0xe6, 0x12, 0x1, 0x2, 0x2, 0xff, 0x5, [], [{{0x9, 0x5, 0x7, 0x2, 0x20, 0x8e, 0x20, 0x5b}}]}}]}}]}}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0})

6m50.12325688s ago: executing program 1 (id=1338):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d0327408ca0768a8d4c4000000010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

6m44.639367416s ago: executing program 1 (id=1334):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f0000000200)={0x0, "ecb519d349dedadee13c3e4eaea22d26e490e9070a00131d4c0456f9a175271029c954d2ec7c9e63403b273ac81a862634d327ff76102ec908d1efd8318d0fb6", 0x31}, 0x48, 0xfffffffffffffffb)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000280)={r1}, &(0x7f00000002c0)={'enc=', 'oaep', ' hash=', {'rmd256\x00'}}, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000340)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
dup(0xffffffffffffffff)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r5, 0x0)
r6 = msgget$private(0x0, 0x0)
msgsnd(r6, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000000000000d925377cebd2cc4abcbdc1dbbaf9abaf9d454c16049ee3f66b125b70112921a91abe4ec02e69feac02172486e354b43893518d80f4030000000000006361e8396c0a705b246c181541b0b94070865ea68bab2d94ad7178961793ddcd9601a98454e5f339f1959cf77a19d672f493c3f58bd55b42ae8d17fca97cb93ad9096e380ae0d9748e605e327110a3c11f7704c0105c743f66dcb20c6e721136d98810bf3495fc5009"], 0xad, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001200)=ANY=[@ANYBLOB="020d0000100000000000000000000000080012000200020000000000000000001200320002030000000000000000000002000000000000000000000000000000fc020000000000000000000000000000030005000000000002000000ac1414aa00000000000000000300"], 0x80}}, 0x0)
msgrcv(r6, &(0x7f0000000280)={0x0, ""/55}, 0x3f, 0x0, 0x86b1b18158a7cb82)
connect$rose(r5, &(0x7f0000000040)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x40)
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r8, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000280)=@usbdevfs_driver={0x0, 0x4, 0x0})
openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
msgsnd(0x0, &(0x7f0000000080)=ANY=[@ANYRESDEC], 0x2000, 0x800)

6m42.00885089s ago: executing program 1 (id=1336):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f00000002c0)=ANY=[@ANYBLOB="756e695f786c6174653d302c726f6469722c756e695f786c6174653d312c696f636861727365743d63703836e50a000066383d312c6e6f636173652c757466383d312c73686f72746e78bb60db31cf2c91ef616d653d6d697865642c73686f72746e616d653d6c6f7765722c756e695f786c6174653d312c00"], 0x0, 0x2a1, &(0x7f0000000800)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")

6m37.384739175s ago: executing program 1 (id=1344):
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f00000004c0))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={0x0, <r1=>0x0}, &(0x7f0000000240)=0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getresgid(&(0x7f0000003c40), &(0x7f0000003c80), &(0x7f0000003cc0))
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x200000, &(0x7f00000002c0)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=r1, @ANYBLOB="2cfd"])
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000540)='cq_alloc_error\x00', r5}, 0x18)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00', 0x2, 0xffffffffffffffff)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r3}, &(0x7f0000000380), &(0x7f0000000400)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r6 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$inet(r6, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0x0, @local}, 0x10, &(0x7f0000000180)=[{0x0}], 0x1, 0x0, 0x0, 0x2000}, 0x60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r2}, 0x18)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB="1800", @ANYRES32=0x1, @ANYBLOB="0000000000bedf4a"], 0x48)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
ioctl$TIOCSETD(r7, 0x5423, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x141080, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000080)=0x1)

6m19.209237519s ago: executing program 43 (id=1344):
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f00000004c0))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={0x0, <r1=>0x0}, &(0x7f0000000240)=0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getresgid(&(0x7f0000003c40), &(0x7f0000003c80), &(0x7f0000003cc0))
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x200000, &(0x7f00000002c0)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=r1, @ANYBLOB="2cfd"])
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000540)='cq_alloc_error\x00', r5}, 0x18)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00', 0x2, 0xffffffffffffffff)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r3}, &(0x7f0000000380), &(0x7f0000000400)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r6 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$inet(r6, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0x0, @local}, 0x10, &(0x7f0000000180)=[{0x0}], 0x1, 0x0, 0x0, 0x2000}, 0x60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r2}, 0x18)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB="1800", @ANYRES32=0x1, @ANYBLOB="0000000000bedf4a"], 0x48)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
ioctl$TIOCSETD(r7, 0x5423, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x141080, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000080)=0x1)

5m32.203533027s ago: executing program 2 (id=1446):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x0, 0x300}})

5m29.792682087s ago: executing program 2 (id=1451):
r0 = syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x1008801, &(0x7f0000000080)=ANY=[], 0x1, 0x1f8, &(0x7f0000000400)="$eJzsmTGL1EAUx/8zyWbPQxQbCxsLD1T0sklW5ZpDTrC0uhO1DF487py7lb0IdweCi42NpYUfwC8gaLGVhZ2drRYqCBaunZ0wMskkmU3YJSvKLtz7wU7+mcx7897b7AtsQBDEoeXrl1+fn11bWrsI4CgW0NTz361iDTfWf3rx8MLz5evWq48v3+0ce9Qv+2MApKy/vwPg7YqFxuPjybmUw9YL+rgGnuub4Div9S0wuFmssrCOwHBHT28ZunNECxGxux2xfm9TRJ4afDUEamgDRQg2gEGPYV1XRu3AjPh29w/uhwLopkJEmWjIbJ/KpUnFuPol8a1wLBslUN/X7adPeurc1fOeUT8fHL7WbTCsar2EJlzXLUpi5H/KLvxblfz/QZL/Q5xYnIkwquL11m+ZMhvxQN/Sf+1HGU89i7qClWdU9vnMyUH/fdXqW+0tfoaC6R/L1DNNBebScCqXPswLcaO0WDbre3Yw5rYp+pMqx1mjP9mw8/7RircftHb3DxY3t8ONaCPaCYL2Fe+S510OWkkjSscx/W8u6U/zhv/GiLUOc7AXxnHX3wPirp+fB+lodNzVN50fiQ1P+h+/ijOpD6afWfmDsgTTH54clTpnjQyeIAiCIAiCIAiCIAiCIAhiIk6DQb9cYNk7sWHMPyT/BAAA//9cM2SO")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYRES8=r4, @ANYRES64=r0, @ANYBLOB], 0x48)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r5, 0x4c80, 0xffffffffffffffb6)
lstat(0x0, 0x0)
unshare(0x22020600)
r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='sys_enter\x00', r7}, 0x18)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
llistxattr(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
setns(r6, 0x0)
io_uring_enter(0xffffffffffffffff, 0x79be, 0xc565, 0x8, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

5m27.97404742s ago: executing program 2 (id=1458):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x18, 0x3d, 0x701, 0x0, 0xfffffffe, {0x3}, [@nested={0x4, 0x62}]}, 0x18}}, 0x0)

5m26.364394484s ago: executing program 2 (id=1473):
r0 = socket$rds(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2718, 0x0, &(0x7f00000006c0))

5m24.783138971s ago: executing program 2 (id=1465):
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x7)
syz_mount_image$hfsplus(&(0x7f0000000800), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYRES16], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x3c2b, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x0, 0x0)
lseek(r6, 0xc6c3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r8=>0x0})
sendto$packet(r2, &(0x7f00000002c0)="05040800d3fc030000004788031c09102f", 0x11, 0x4, &(0x7f0000000140)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)

5m22.646555062s ago: executing program 2 (id=1474):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)

5m5.997015229s ago: executing program 44 (id=1474):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)

21.903358984s ago: executing program 6 (id=2293):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x8002, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x540, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

20.395788214s ago: executing program 7 (id=2297):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r1, 0x29, 0x35, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000000580)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b87033c0000001f03000000000000040014000d000a000da100009ee517d34460bc24eab556a7", 0x38}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
readv(r4, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
getitimer(0x1, &(0x7f0000000800))

19.090980102s ago: executing program 7 (id=2300):
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x7)
syz_mount_image$hfsplus(&(0x7f0000000800), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYRES16], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x3c2b, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x0, 0x0)
lseek(r6, 0xc6c3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r8=>0x0})
sendto$packet(r2, &(0x7f00000002c0)="05040800d3fc030000004788031c09102f", 0x11, 0x4, &(0x7f0000000140)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)

18.320840145s ago: executing program 6 (id=2301):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000005, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x11)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r2, 0x28543634fae43ad, 0x0, 0x0, {0xd}}, 0x14}}, 0x0)

14.781511556s ago: executing program 6 (id=2307):
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xf, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
recvmsg$unix(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001780)=""/4071, 0xfe7}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
syz_usb_connect$uac1(0x6, 0xb8, &(0x7f0000000000)={{0x12, 0x1, 0x4879151a0ba339fc, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa6, 0x3, 0x1, 0x2, 0xa0, 0xf, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xfffb, 0x1}, [@feature_unit={0xf, 0x24, 0x6, 0x1, 0x4, 0x4, [0x6, 0x9, 0xa, 0x2], 0x4}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x2, 0x0, 0x5, "9fae0d"}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x7, 0xa6, 0x6, {0x7, 0x25, 0x1, 0x2, 0x7, 0x7fff}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x9, 0x2, 0x4, 0x2, "fa1a54", ':'}, @as_header={0x7, 0x24, 0x1, 0x7f, 0x9, 0x5}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x80, 0x4, 0x24, 0x7f, "bb34", "ea3faa"}, @format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x13c9, 0xd, 0x81, ' `s'}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x3, 0x0, 0x6, {0x7, 0x25, 0x1, 0x83, 0x21, 0x2}}}}}}}]}}, &(0x7f0000000840)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x110, 0x0, 0x20, 0xd5, 0x20, 0x4}, 0x137, &(0x7f0000000140)={0x5, 0xf, 0x137, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x0, 0x4, 0x2}, @ssp_cap={0x10, 0x10, 0xa, 0xf8, 0x1, 0x29, 0x0, 0x5, [0xff00c0]}, @ss_container_id={0x14, 0x10, 0x4, 0x10, "f88832df761ee1eaa4e42c00b4371518"}, @generic={0xb5, 0x10, 0x1, "69e166db784c06490f641b183f96f2aff821b52574c4ced4dec50f58c9d4f97ba2742259263c03e46c89167c4b01d5192c72e8839bb4471c71beea22edaa03b02e1d7472bc6f01cc7a5d543a786427fe550e0f6fc798cba78c99da3f066ceee05c2299fc7439c88b378ae0afc359da51bc6f51726d7b88134bf0c3def89993bf569394bdd7e296322ca4ce2907a0b838ec4a4069441a102e071a15504506f22bd7abcf53385daa6c830a761bf3eb31266104"}, @generic={0x4f, 0x10, 0x4, "2e5d5eb5d1989c9d311ee7080205b0dc001ae958c32f78fbf02f93043830140a6fd71f1e980394388d05f2758ad56c10965dee978fde499a01ea33a98852274dd54e660e2d7594b3dbcf651e"}]}})

14.744745789s ago: executing program 9 (id=2308):
r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./bus/file0\x00', 0x270b8, &(0x7f0000000140)=ANY=[], 0x1, 0x21d, &(0x7f0000000240)="$eJzs3T9rU1EYB+C3ttVSkHQQiiJ4xcUptBX3FqkgBhQlg04W26I0sWAgoEPr5pfQr6Cjq+Cgrn4BEaQKLnarIETqjY2tiU1pb66Y51nyknt+509yySFDTm6drC7NL9cW19fXYmRkIIamYzo2BmIsDsVgpB4FAPA/2Wg04msjlfdcAIDesP8DQP/pcv+/2sMpAQAZ8/0fAPrP9Rs3L8+USrPXkmQkovq4Xq6X08f0+sxi3I1KLMREFOJ7RGNLWl+8VJqdSDZ9GotydbWZX62XB7fnJ6MQY+3zk0lqe344Rpv596OxEFNRiGPt81Nt84fj7Jnfxi9GId7djuWoxHxsZlv5lckkuXCltCN/5Gc7AAAAAAAAAAAAAAAAAAAAAADIQjHZ0vb8nmKx0/U03/35QDvP5xmKE0P5rh0AAAAAAAAAAAAAAAAAAAD+FbUHD5fmKpWF+38r7r199mq3Nl0WA81x99vP/oujpz8+6dRmcG+vz8EWL09lOcS3g+nn9dqd4+dq4+dzeweHI+LPZzreWl8KERnN53mut/GvVe/aePzp9NyLlQ+fu+255x9FAAAAAAAAAAAAAAAAAADQ91o/+t1T7E1mEwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHLT+/z+7Iu81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAjwAAAP//3cefEg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_misc(r4, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r5}, 0x18)
unshare(0x20000400)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_EXTENDED(r6, 0x40043d0d, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x12, r0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008000, &(0x7f0000000240)={[{@debug}, {@orlov}, {@nomblk_io_submit}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@init_itable_val={'init_itable', 0x3d, 0xa0}}, {@usrquota}, {@usrquota}]}, 0x1, 0x5ba, &(0x7f0000001bc0)="$eJzs3c1vVFUbAPDnTD8olPdtIUbFhTQxBhKlpQUMMS5gTxr8iBs3VloIUqChNVo0sSS4MTFujDFx5UL8L5TIlpWuXLhxZUiIGpYmjrkzc0tb7rS0THsr9/dLht57zlzOczt9eu6cnnMngMoayv6pReyLiJkUMZAWFuu6o1U51Hzevb8+OpM9UtTrr/+RIrXK8uen1tf+1sF9EfHTjyn2dj3Y7uz81QsT09NTV1r7I3MXZ0Zm568eOn9x4tzUualLYy+NHT929Njx0cMdO9dT1999f+DT8be+/frvNPrdr+MpTsTuVt3S8+iUoRhqfk92LC/Pvq/HO91YSbpa57P0JU7dJQbEuuSvX09EPBUD0RX3X7yB+OTVUoMDNlU9RdSBikryHyoqvw7I39uvfB9cK+WqBNgKd082BwAezP/u5thg9DXGBnbdS7F0WCdFRCdG5rI2bt8av3721vj12KRxOKDYwrWIeLoo/1MjNwcbo/hZ/teW5X92XXC69TUrf22D7Q+t2Jf/sHWa+d+3ofx/e0n+v7PB9uU/AAAAAAAAdM7NkxHxYtHf/2uL83+iYP5Pf0Sc6ED7a//9r3anA80ABe6ejHilcP5vLZ/9O9jV2vpfYz5ATzp7fnrqcET8PyIORs+ObH90lTYOfbb3q3Z1+fy//JG1f7s1F7AVx53uFetnJyfmJh71vIGIu9cinimc/5sW+/9U0P9nvw9mHrKNvc/fON2ubu38BzZL/ZuIA4X9f1p8Tlr9/hwjjeuBkfyq4EHPfvj59+3al/9Qnqz/37V6/g+mpffrmV1/G0fmu+vt6jZ6/d+b3mjccqa3VfbBxNzcldGI3nSqKytdVj62/pjhcZTnQ54vWf4ffG718b+i6/+dEbGw4v9Ofy5fU5x78p/+39rFo/+H8mT5P7mu/n/9G2M3Bn9o1/7D9f9HG339wVaJ8T9o+jJP097l5QXp2F1UtdXxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjoBYRuyPVhhe3a7Xh4Yj+iHgidtWmL8/OvXD28nuXJrO6xuf/1/JP+h1o7qf88/8Hl+yPrdg/EhF7IuKLrp2N/eEzl6cnyz55AAAAAAAAAAAAAAAAAAAA2Cb626z/z/zeVXZ0wKbrLjsAoDQF+f9zGXEAW0//D9Ul/6G65D9Ul/yH6pL/UF3yH6pL/kN1yX8AAAAAAHis7Nl/85cUEQsv72w8Mr2tup5SIwM2W63sAIDSuMUPVJepP1Bd3uMDaY36vrYHrXXkambOPMLBAAAAAAAAAAAAAFA5B/ZZ/w9VZf0/VJf1/1Bd+fr//SXHAWw97/GBWGMlf+H6/zWPAgAAAAAAAAAAAAA6aXb+6oWJ6empKzbe3B5hbOVGvV7/OPsp2C7x/Mc38qnw2yWeR9oo9/cSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw378BAAD//2QiJqY=")
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x3c, r8, 0x731, 0x0, 0x0, {0x38}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73}}}]}, 0x3c}, 0x1, 0x2}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

12.968538392s ago: executing program 0 (id=2310):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000680)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000008d80)=[{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000000c0)="1b10284938c218a739ce2f69368a687ba3", 0x11}, {&(0x7f0000000140)="06ec9aa810042566dfcbbd45e3b4dd82e9", 0x11}, {&(0x7f0000000340)="32f793a7c186b8c2a9ad02d88d9004adac8f2a5929da8d1fde5a31409224c848b5200a19e1faa081bfabd3c68c4f", 0x2e}], 0x3, 0x0, 0x0, 0x40041}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000001b80)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000002640)=""/130, 0x82}], 0x1}, 0x8}], 0x1, 0x2, 0x0)

12.968422523s ago: executing program 9 (id=2311):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)={@multicast2, @loopback}, 0x10)

12.47452002s ago: executing program 4 (id=2312):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x5)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10)
sendmmsg(r1, &(0x7f000000c080)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x10}}], 0x2, 0x0)

12.283240521s ago: executing program 0 (id=2314):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x75, 0x1c, 0x1, 0x10, 0xfe6, 0x9800, 0xd19a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x29, 0x2, 0x2, 0xb4, 0x8c, 0xbb, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x40, 0x13, 0x6, @multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000380)={0x2c, &(0x7f0000000180)={0x20, 0x12, 0x2, "e4af"}, 0x0, 0x0, 0x0, 0x0})

11.359576031s ago: executing program 9 (id=2316):
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x7)
syz_mount_image$hfsplus(&(0x7f0000000800), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYRES16], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
r2 = socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x0, 0x0)
lseek(r6, 0xc6c3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r8=>0x0})
sendto$packet(r2, &(0x7f00000002c0)="05040800d3fc030000004788031c09102f", 0x11, 0x4, &(0x7f0000000140)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)

10.695399198s ago: executing program 4 (id=2317):
r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./bus/file0\x00', 0x270b8, &(0x7f0000000140)=ANY=[], 0x1, 0x21d, &(0x7f0000000240)="$eJzs3T9rU1EYB+C3ttVSkHQQiiJ4xcUptBX3FqkgBhQlg04W26I0sWAgoEPr5pfQr6Cjq+Cgrn4BEaQKLnarIETqjY2tiU1pb66Y51nyknt+509yySFDTm6drC7NL9cW19fXYmRkIIamYzo2BmIsDsVgpB4FAPA/2Wg04msjlfdcAIDesP8DQP/pcv+/2sMpAQAZ8/0fAPrP9Rs3L8+USrPXkmQkovq4Xq6X08f0+sxi3I1KLMREFOJ7RGNLWl+8VJqdSDZ9GotydbWZX62XB7fnJ6MQY+3zk0lqe344Rpv596OxEFNRiGPt81Nt84fj7Jnfxi9GId7djuWoxHxsZlv5lckkuXCltCN/5Gc7AAAAAAAAAAAAAAAAAAAAAADIQjHZ0vb8nmKx0/U03/35QDvP5xmKE0P5rh0AAAAAAAAAAAAAAAAAAAD+FbUHD5fmKpWF+38r7r199mq3Nl0WA81x99vP/oujpz8+6dRmcG+vz8EWL09lOcS3g+nn9dqd4+dq4+dzeweHI+LPZzreWl8KERnN53mut/GvVe/aePzp9NyLlQ+fu+255x9FAAAAAAAAAAAAAAAAAADQ91o/+t1T7E1mEwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHLT+/z+7Iu81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAjwAAAP//3cefEg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
connect(0xffffffffffffffff, &(0x7f0000000080)=@un=@abs, 0x80)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r4}, 0x18)
unshare(0x20000400)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_EXTENDED(r5, 0x40043d0d, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x12, r0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008000, &(0x7f0000000240)={[{@debug}, {@orlov}, {@nomblk_io_submit}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@init_itable_val={'init_itable', 0x3d, 0xa0}}, {@usrquota}, {@usrquota}]}, 0x1, 0x5ba, &(0x7f0000001bc0)="$eJzs3c1vVFUbAPDnTD8olPdtIUbFhTQxBhKlpQUMMS5gTxr8iBs3VloIUqChNVo0sSS4MTFujDFx5UL8L5TIlpWuXLhxZUiIGpYmjrkzc0tb7rS0THsr9/dLht57zlzOczt9eu6cnnMngMoayv6pReyLiJkUMZAWFuu6o1U51Hzevb8+OpM9UtTrr/+RIrXK8uen1tf+1sF9EfHTjyn2dj3Y7uz81QsT09NTV1r7I3MXZ0Zm568eOn9x4tzUualLYy+NHT929Njx0cMdO9dT1999f+DT8be+/frvNPrdr+MpTsTuVt3S8+iUoRhqfk92LC/Pvq/HO91YSbpa57P0JU7dJQbEuuSvX09EPBUD0RX3X7yB+OTVUoMDNlU9RdSBikryHyoqvw7I39uvfB9cK+WqBNgKd082BwAezP/u5thg9DXGBnbdS7F0WCdFRCdG5rI2bt8av3721vj12KRxOKDYwrWIeLoo/1MjNwcbo/hZ/teW5X92XXC69TUrf22D7Q+t2Jf/sHWa+d+3ofx/e0n+v7PB9uU/AAAAAAAAdM7NkxHxYtHf/2uL83+iYP5Pf0Sc6ED7a//9r3anA80ABe6ejHilcP5vLZ/9O9jV2vpfYz5ATzp7fnrqcET8PyIORs+ObH90lTYOfbb3q3Z1+fy//JG1f7s1F7AVx53uFetnJyfmJh71vIGIu9cinimc/5sW+/9U0P9nvw9mHrKNvc/fON2ubu38BzZL/ZuIA4X9f1p8Tlr9/hwjjeuBkfyq4EHPfvj59+3al/9Qnqz/37V6/g+mpffrmV1/G0fmu+vt6jZ6/d+b3mjccqa3VfbBxNzcldGI3nSqKytdVj62/pjhcZTnQ54vWf4ffG718b+i6/+dEbGw4v9Ofy5fU5x78p/+39rFo/+H8mT5P7mu/n/9G2M3Bn9o1/7D9f9HG339wVaJ8T9o+jJP097l5QXp2F1UtdXxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjoBYRuyPVhhe3a7Xh4Yj+iHgidtWmL8/OvXD28nuXJrO6xuf/1/JP+h1o7qf88/8Hl+yPrdg/EhF7IuKLrp2N/eEzl6cnyz55AAAAAAAAAAAAAAAAAAAA2Cb626z/z/zeVXZ0wKbrLjsAoDQF+f9zGXEAW0//D9Ul/6G65D9Ul/yH6pL/UF3yH6pL/kN1yX8AAAAAAHis7Nl/85cUEQsv72w8Mr2tup5SIwM2W63sAIDSuMUPVJepP1Bd3uMDaY36vrYHrXXkambOPMLBAAAAAAAAAAAAAFA5B/ZZ/w9VZf0/VJf1/1Bd+fr//SXHAWw97/GBWGMlf+H6/zWPAgAAAAAAAAAAAAA6aXb+6oWJ6empKzbe3B5hbOVGvV7/OPsp2C7x/Mc38qnw2yWeR9oo9/cSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw378BAAD//2QiJqY=")
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x3c, r7, 0x731, 0x0, 0x0, {0x38}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73}}}]}, 0x3c}, 0x1, 0x2}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

8.698192611s ago: executing program 9 (id=2318):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x4100, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}}, 0x0)

8.487772816s ago: executing program 6 (id=2319):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x0, 0xffffffffffffffff})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000800)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1060, 0x18, &(0x7f0000000880)={@flat=@binder={0x73622a85, 0x1009, 0x3}, @ptr={0x70742a85, 0x0, &(0x7f0000000a40)=""/206, 0xce, 0x0, 0xffffffffffffffff}, @fda={0x66646185, 0x5, 0x1}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

8.351228221s ago: executing program 0 (id=2320):
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x7)
syz_mount_image$hfsplus(&(0x7f0000000800), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYRES16], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x3c2b, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x0, 0x0)
lseek(r6, 0xc6c3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r8=>0x0})
sendto$packet(r2, &(0x7f00000002c0)="05040800d3fc030000004788031c09102f", 0x11, 0x4, &(0x7f0000000140)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)

7.301920555s ago: executing program 8 (id=2322):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="400000003c0007010000000000000000047c00008b3d9076e666384d"], 0x40}}, 0x0)

7.135830147s ago: executing program 7 (id=2323):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioperm(0x0, 0x3, 0x4)

7.046568559s ago: executing program 4 (id=2324):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee800", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="20000000140001000000000000000000020000ff", @ANYRES32=r3, @ANYBLOB="08000200ac1414aa"], 0x20}}, 0x0)
r4 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001f80)=@delchain={0x24, 0x11, 0x1, 0x1e, 0x0, {0x0, 0x0, 0x0, r5, {}, {0x0, 0x9}}}, 0x24}}, 0x0)

6.972805531s ago: executing program 6 (id=2325):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x8, &(0x7f0000000400)={[{@nodiscard}, {@nocheckpoint_merge}, {@alloc_mode_def}, {@checkpoint_diasble}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@acl}, {@noacl}, {@compress_cache}, {@alloc_mode_def}, {@noextent_cache}, {@compress_cache}, {@fault_type={'fault_type', 0x3d, 0x4}}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
syz_open_dev$I2C(0x0, 0x0, 0x0)
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r0, 0xc0044dff, &(0x7f0000000200))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
fdatasync(r1)

5.791808432s ago: executing program 8 (id=2326):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x50, &(0x7f0000000000)={0x0, 0x0}, 0x10)

5.517764233s ago: executing program 7 (id=2327):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10000, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x2, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0)

4.703123987s ago: executing program 4 (id=2328):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r1, 0x29, 0x35, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000000580)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
readv(r4, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
getitimer(0x1, &(0x7f0000000800))

4.307769971s ago: executing program 8 (id=2329):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
fsopen(0x0, 0x0)
syz_io_uring_setup(0x416d, &(0x7f00000010c0)={0x0, 0x0, 0x10100, 0x2000000}, &(0x7f0000000280)=<r0=>0x0, 0x0)
syz_io_uring_submit(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$evdev(&(0x7f0000000700), 0x3, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

4.297621063s ago: executing program 7 (id=2330):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000026c0)=@newtfilter={0x87c, 0x2c, 0xd27, 0x70bd2d, 0x4, {0x0, 0x0, 0x0, r2, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x84c, 0x2, [@TCA_BASIC_POLICE={0x848, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x5, 0x8, 0x401, 0x7, 0xffffffff, 0x6, 0x97e, 0x7f, 0x101, 0x3, 0x9, 0x5, 0x4dc6, 0x7fff, 0x5, 0x8, 0x3, 0xd, 0x4, 0x3ae0, 0x5, 0x99, 0x1, 0xff, 0x1, 0x6, 0x80, 0x7f1b, 0x5, 0x5, 0x80000000, 0xfffffffa, 0x6, 0x800, 0xf20d, 0x800, 0x0, 0x1, 0x6, 0x80000000, 0x6, 0x9, 0x3, 0x4000ff, 0x0, 0x9f0, 0x1ff, 0xdf7a, 0x7fffffff, 0xfffffffe, 0x5, 0xc, 0x14, 0x2, 0xc, 0x401, 0xffff, 0x9bf, 0x6f3c, 0x8, 0x9, 0x7ff, 0x3, 0x9, 0x8000, 0x8, 0xffffffc0, 0x4, 0x1, 0x2, 0x8, 0x4, 0x9, 0x200, 0x403, 0x8000, 0x81, 0x3, 0x8, 0x800, 0x1, 0x5, 0x80000000, 0x2, 0x6, 0x5, 0x1, 0x0, 0x10001, 0x81, 0x5, 0x6, 0x80000001, 0x401, 0x6, 0x0, 0x3, 0x800, 0xf79, 0x6, 0x1, 0x4, 0xfff, 0x2, 0x1, 0x37800000, 0x0, 0x3, 0xae5, 0x4, 0x4, 0xae, 0xfffffffe, 0x1, 0x6, 0x8, 0x6, 0x1, 0x8000, 0xc, 0x1, 0x8, 0x3, 0x95, 0x1, 0x6, 0x3, 0xca, 0x0, 0x0, 0x3, 0x7, 0xffffb09a, 0x1, 0xe, 0x9, 0x5, 0x3, 0x4b, 0x9, 0x4, 0x2, 0xfffffffe, 0x4, 0x69, 0x2, 0x2, 0x6c, 0x0, 0x5, 0x3, 0x4, 0x5, 0x2, 0x6, 0xffffffd1, 0x6, 0x1, 0xb6, 0x5, 0x5, 0x1, 0x9, 0x4, 0x3, 0x9, 0x0, 0x5, 0x2c9, 0xd5, 0x0, 0x7, 0x9, 0x8, 0x2055f550, 0x1534fe8b, 0x5, 0x0, 0x6, 0x2, 0x4, 0x83, 0xd16d, 0x0, 0xf9, 0x8, 0x401, 0x7, 0xe19b, 0x80000000, 0x3ff, 0x81, 0x800, 0x9, 0x651, 0x10001, 0x6, 0x0, 0x4, 0x1d58, 0x401, 0x3, 0x8002, 0x8, 0x36, 0x15a, 0x2, 0x6, 0x5, 0x7, 0x6, 0xffffffff, 0x8, 0x1da, 0x1, 0x9, 0x30, 0x0, 0xfffffff9, 0x9c06, 0x7, 0x0, 0x27b, 0x3, 0x1000, 0x3, 0x1, 0x6, 0x5, 0x64c, 0x4, 0xfffffff7, 0x9, 0x4, 0x80000000, 0x8000, 0x7, 0x7, 0x7, 0x3, 0x7, 0x8, 0xffff, 0x22, 0x9, 0x4, 0x3, 0x3, 0x9, 0xfffffffa, 0x1, 0x6, 0x3321, 0x5, 0x7fffffff]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x80000001, 0x7, 0x3ff, 0x5, 0x4, 0x2, 0xffffffc0, 0x7ff, 0x86, 0x9, 0x9, 0x2, 0x8c, 0x1000200, 0x5, 0x5, 0x40000000, 0x5, 0x7, 0x1, 0x0, 0x4, 0x80000000, 0xc, 0xd, 0x3, 0x9, 0x49, 0x80000000, 0xd35, 0x25431060, 0xd2, 0x5, 0x9, 0xb5f0, 0x401, 0x7, 0x2, 0x6, 0x80000001, 0xa, 0x8, 0x6, 0x1, 0xccf1793, 0x2c800000, 0x5d, 0x1, 0x239, 0x5, 0x5a5057fd, 0x5, 0x4, 0x6, 0x8, 0x5, 0x200, 0x6, 0x10000, 0xf9, 0x5, 0x8, 0x7, 0x2, 0xfffffeff, 0x9, 0x1, 0x401, 0x1ff, 0x2, 0x0, 0x0, 0x800, 0x3, 0x0, 0x8, 0x10000, 0x6, 0x7c, 0x1, 0x8, 0x2, 0x9, 0x3, 0x8052, 0x9, 0x5, 0x8, 0x142, 0x2d, 0x7, 0x8, 0xb, 0x81, 0x9, 0x3ff, 0x1, 0x10000, 0x5, 0x1, 0x7, 0xffffffff, 0x5, 0xe8, 0x6, 0x8, 0xf, 0x3, 0x0, 0xff, 0xfffffffa, 0xfffffff7, 0x8001, 0x5, 0x9, 0x9, 0x5, 0x6, 0x2, 0x2, 0x7fff, 0x8, 0x0, 0x6, 0x4, 0x8, 0x7fff, 0xe0, 0x8, 0xd3a, 0x6000000, 0x1, 0x9, 0x8, 0x5dc, 0x10000, 0x40, 0x7fff, 0x40000000, 0x1, 0x7, 0xfffffffb, 0x3, 0x1, 0x9, 0x0, 0x7, 0x6, 0x4, 0x700, 0x4, 0x1, 0x2, 0x0, 0x5, 0x7, 0x4, 0x7, 0x8, 0x6, 0xc, 0xb, 0x7, 0x5, 0x0, 0x7fff, 0x2, 0x4, 0x8, 0x9, 0x9, 0x9, 0x5847cb5c, 0x9, 0x2, 0xffffffd8, 0x10001, 0xfffffff9, 0x5, 0x401, 0x8, 0x1, 0x2, 0x0, 0x8, 0x1200, 0x2, 0x0, 0xef2c, 0x80000001, 0xac5ae1dd, 0x0, 0x800, 0x1ff, 0x2, 0x3, 0x1, 0x8, 0x7785, 0x8001, 0x4, 0x5, 0x4, 0x7, 0x0, 0x2, 0x4b, 0x8001, 0x3, 0x5, 0x3, 0x4, 0x7, 0x5, 0x7, 0xabd, 0x0, 0x8, 0x6, 0x400004, 0x6, 0x5, 0x4, 0x3, 0x7, 0x1, 0x9, 0x2, 0x6, 0x1, 0x2, 0x2, 0xb, 0x8, 0xa, 0x9, 0xfffffff9, 0x7, 0x407, 0x3, 0x8, 0x9, 0xfffffffc, 0x6, 0xe7a9, 0x10001, 0x6, 0x0, 0x237b, 0x8cca, 0xdda5, 0x1, 0xa, 0x7fdfffff, 0x10, 0x31f]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4, 0x4, 0x81, 0x0, {0x6, 0x0, 0xfc00, 0x7ff, 0x6e6, 0x10000d74}, {0x8, 0x0, 0xffff, 0x8, 0x7f, 0x7fff}, 0x0, 0x8000, 0xbab2}}]}]}}]}, 0x87c}, 0x1, 0x0, 0x0, 0x4004000}, 0x8010)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg$inet(r0, &(0x7f0000002240)=[{{&(0x7f0000000140)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x44}}, 0x10, 0x0}}], 0x1, 0x4000000)

3.172706948s ago: executing program 4 (id=2331):
socket$nl_route(0x10, 0x3, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r4, @ANYBLOB="05"], 0x0)

2.943640647s ago: executing program 6 (id=2332):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@delchain={0x34, 0x64, 0xf31, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r3, {0x9}, {0x10, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x1000000)

2.382250102s ago: executing program 0 (id=2333):
socket$netlink(0x10, 0x3, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
connect$bt_sco(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
socket$kcm(0x2, 0xa, 0x2)
setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x2100, 0x0)
sendmsg$sock(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)

2.290608627s ago: executing program 8 (id=2334):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
r4 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r4, 0xab00, r5)
r6 = dup3(r4, r0, 0x80000)
ioctl$NBD_DO_IT(r6, 0xab03)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r3, 0x1, 0x70bd2b, 0x8, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x20000004)

2.072906445s ago: executing program 7 (id=2335):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x803, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_EMATCHES={0x20, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x2, 0x0, 0x0, {{0x1, 0x2, 0xff37}, {0x9}}}]}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x800)

1.438204647s ago: executing program 45 (id=2335):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x803, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_EMATCHES={0x20, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x2, 0x0, 0x0, {{0x1, 0x2, 0xff37}, {0x9}}}]}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x800)

1.42501136s ago: executing program 8 (id=2337):
r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./bus/file0\x00', 0x270b8, &(0x7f0000000140)=ANY=[], 0x1, 0x21d, &(0x7f0000000240)="$eJzs3T9rU1EYB+C3ttVSkHQQiiJ4xcUptBX3FqkgBhQlg04W26I0sWAgoEPr5pfQr6Cjq+Cgrn4BEaQKLnarIETqjY2tiU1pb66Y51nyknt+509yySFDTm6drC7NL9cW19fXYmRkIIamYzo2BmIsDsVgpB4FAPA/2Wg04msjlfdcAIDesP8DQP/pcv+/2sMpAQAZ8/0fAPrP9Rs3L8+USrPXkmQkovq4Xq6X08f0+sxi3I1KLMREFOJ7RGNLWl+8VJqdSDZ9GotydbWZX62XB7fnJ6MQY+3zk0lqe344Rpv596OxEFNRiGPt81Nt84fj7Jnfxi9GId7djuWoxHxsZlv5lckkuXCltCN/5Gc7AAAAAAAAAAAAAAAAAAAAAADIQjHZ0vb8nmKx0/U03/35QDvP5xmKE0P5rh0AAAAAAAAAAAAAAAAAAAD+FbUHD5fmKpWF+38r7r199mq3Nl0WA81x99vP/oujpz8+6dRmcG+vz8EWL09lOcS3g+nn9dqd4+dq4+dzeweHI+LPZzreWl8KERnN53mut/GvVe/aePzp9NyLlQ+fu+255x9FAAAAAAAAAAAAAAAAAADQ91o/+t1T7E1mEwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHLT+/z+7Iu81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAjwAAAP//3cefEg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_misc(r4, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r5}, 0x18)
unshare(0x20000400)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_EXTENDED(r6, 0x40043d0d, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x12, r0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008000, &(0x7f0000000240)={[{@debug}, {@orlov}, {@nomblk_io_submit}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@init_itable_val={'init_itable', 0x3d, 0xa0}}, {@usrquota}, {@usrquota}]}, 0x1, 0x5ba, &(0x7f0000001bc0)="$eJzs3c1vVFUbAPDnTD8olPdtIUbFhTQxBhKlpQUMMS5gTxr8iBs3VloIUqChNVo0sSS4MTFujDFx5UL8L5TIlpWuXLhxZUiIGpYmjrkzc0tb7rS0THsr9/dLht57zlzOczt9eu6cnnMngMoayv6pReyLiJkUMZAWFuu6o1U51Hzevb8+OpM9UtTrr/+RIrXK8uen1tf+1sF9EfHTjyn2dj3Y7uz81QsT09NTV1r7I3MXZ0Zm568eOn9x4tzUualLYy+NHT929Njx0cMdO9dT1999f+DT8be+/frvNPrdr+MpTsTuVt3S8+iUoRhqfk92LC/Pvq/HO91YSbpa57P0JU7dJQbEuuSvX09EPBUD0RX3X7yB+OTVUoMDNlU9RdSBikryHyoqvw7I39uvfB9cK+WqBNgKd082BwAezP/u5thg9DXGBnbdS7F0WCdFRCdG5rI2bt8av3721vj12KRxOKDYwrWIeLoo/1MjNwcbo/hZ/teW5X92XXC69TUrf22D7Q+t2Jf/sHWa+d+3ofx/e0n+v7PB9uU/AAAAAAAAdM7NkxHxYtHf/2uL83+iYP5Pf0Sc6ED7a//9r3anA80ABe6ejHilcP5vLZ/9O9jV2vpfYz5ATzp7fnrqcET8PyIORs+ObH90lTYOfbb3q3Z1+fy//JG1f7s1F7AVx53uFetnJyfmJh71vIGIu9cinimc/5sW+/9U0P9nvw9mHrKNvc/fON2ubu38BzZL/ZuIA4X9f1p8Tlr9/hwjjeuBkfyq4EHPfvj59+3al/9Qnqz/37V6/g+mpffrmV1/G0fmu+vt6jZ6/d+b3mjccqa3VfbBxNzcldGI3nSqKytdVj62/pjhcZTnQ54vWf4ffG718b+i6/+dEbGw4v9Ofy5fU5x78p/+39rFo/+H8mT5P7mu/n/9G2M3Bn9o1/7D9f9HG339wVaJ8T9o+jJP097l5QXp2F1UtdXxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjoBYRuyPVhhe3a7Xh4Yj+iHgidtWmL8/OvXD28nuXJrO6xuf/1/JP+h1o7qf88/8Hl+yPrdg/EhF7IuKLrp2N/eEzl6cnyz55AAAAAAAAAAAAAAAAAAAA2Cb626z/z/zeVXZ0wKbrLjsAoDQF+f9zGXEAW0//D9Ul/6G65D9Ul/yH6pL/UF3yH6pL/kN1yX8AAAAAAHis7Nl/85cUEQsv72w8Mr2tup5SIwM2W63sAIDSuMUPVJepP1Bd3uMDaY36vrYHrXXkambOPMLBAAAAAAAAAAAAAFA5B/ZZ/w9VZf0/VJf1/1Bd+fr//SXHAWw97/GBWGMlf+H6/zWPAgAAAAAAAAAAAAA6aXb+6oWJ6empKzbe3B5hbOVGvV7/OPsp2C7x/Mc38qnw2yWeR9oo9/cSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw378BAAD//2QiJqY=")
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x3c, r8, 0x731, 0x0, 0x0, {0x38}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73}}}]}, 0x3c}, 0x1, 0x2}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.423391936s ago: executing program 0 (id=2338):
openat$binderfs_ctrl(0xffffffffffffff9c, 0x0, 0x802, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = socket$inet(0x2, 0x3, 0x8)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000200)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3b, r1})
r3 = socket(0xa, 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
ioctl(r2, 0x8916, &(0x7f0000000000))
ioctl(r3, 0x8936, &(0x7f0000000000))

1.334151581s ago: executing program 9 (id=2339):
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040), 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fcntl$dupfd(r0, 0x0, r0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="31010000dccd5e08cb060700000800000001090224000100007e000904340102d469e7000905", @ANYRES32], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x900)
mincore(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0)
dup3(0xffffffffffffffff, r0, 0x0)

1.026410078s ago: executing program 0 (id=2340):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r3, r3, 0x0, 0x800000009)

58.084782ms ago: executing program 9 (id=2341):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x2, 0xc1, 0x7f, 0xc, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000c80)={0x34, &(0x7f0000000480)={0x0, 0xb, 0x1, "e4"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000180)={0x40, 0x12, 0x1, "b4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000cc0)={0x44, &(0x7f0000000a00)={0x6703c7331c95c4c3, 0x0, 0x5b, "94"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

50.102267ms ago: executing program 8 (id=2342):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
setfsuid(0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000540)='tasks\x00', 0x2, 0x0)
r2 = geteuid()
setresuid(r2, 0x0, 0x0)
write$cgroup_pid(r1, &(0x7f0000001100), 0x12)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x4040, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

0s ago: executing program 4 (id=2343):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r1, 0x29, 0x35, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000000580)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
readv(r4, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
getitimer(0x1, &(0x7f0000000800))

kernel console output (not intermixed with test programs):

 set [1, 0] type 2 family 0 port 6081 - 0
[ 1169.762572][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1169.843318][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1170.214769][ T6042] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1170.232159][ T6042] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1175.514385][T13140] loop2: detected capacity change from 0 to 256
[ 1176.413164][T11306] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1176.502248][T13148] loop2: detected capacity change from 0 to 1024
[ 1176.533943][T13148] hfsplus: Unknown parameter 'ÿÿ'
[ 1176.622062][T11306] usb 5-1: Using ep0 maxpacket: 32
[ 1176.652890][T11306] usb 5-1: config 0 has an invalid interface number: 124 but max is 0
[ 1176.702158][T11306] usb 5-1: config 0 has no interface number 0
[ 1176.721493][T11306] usb 5-1: config 0 interface 124 altsetting 0 has an endpoint descriptor with address 0x1A, changing to 0xA
[ 1176.836288][T11306] usb 5-1: New USB device found, idVendor=0bfd, idProduct=001c, bcdDevice=8c.e8
[ 1176.888312][T11306] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1177.697693][T13155] loop7: detected capacity change from 0 to 128
[ 1177.765963][T11306] usb 5-1: Product: syz
[ 1177.770595][T11306] usb 5-1: Manufacturer: syz
[ 1177.777258][T11306] usb 5-1: SerialNumber: syz
[ 1177.835315][T11306] usb 5-1: config 0 descriptor??
[ 1177.842265][T11306] kvaser_usb 5-1:0.124: error -ENODEV: Cannot get usb endpoint(s)
[ 1177.857533][T13155] VFS: Found a Xenix FS (block size = 512) on device loop7
[ 1177.895934][T13155] sysv_free_block: trying to free block not in datazone
[ 1177.953599][T13155] sysv_free_block: trying to free block not in datazone
[ 1178.080317][T13155] sysv_free_block: getblk() failed
[ 1178.144035][T13155] sysv_free_block: getblk() failed
[ 1178.197042][T13155] sysv_free_block: getblk() failed
[ 1178.212816][T11306] usb 5-1: USB disconnect, device number 13
[ 1178.265869][T13155] sysv_free_block: getblk() failed
[ 1178.339553][T13155] sysv_free_block: getblk() failed
[ 1178.346331][T13155] sysv_free_block: getblk() failed
[ 1178.390919][T13155] sysv_free_block: getblk() failed
[ 1178.572479][T13155] sysv_free_block: getblk() failed
[ 1178.578275][T13155] sysv_free_block: getblk() failed
[ 1178.591595][T13155] sysv_free_block: getblk() failed
[ 1178.605423][T13155] sysv_free_block: getblk() failed
[ 1178.611134][T13155] sysv_free_block: getblk() failed
[ 1178.621657][T13155] sysv_free_block: getblk() failed
[ 1178.703908][ T5952] IPVS: starting estimator thread 0...
[ 1179.113461][T13155] sysv_free_block: getblk() failed
[ 1179.118662][T13155] sysv_free_block: getblk() failed
[ 1179.163678][T13155] sysv_free_block: getblk() failed
[ 1179.179169][T13155] sysv_free_block: getblk() failed
[ 1179.193182][T13166] IPVS: using max 16 ests per chain, 38400 per kthread
[ 1179.227379][T13155] sysv_free_block: getblk() failed
[ 1179.277031][T13155] sysv_free_block: getblk() failed
[ 1179.314002][T13155] sysv_free_block: getblk() failed
[ 1179.353648][T13155] sysv_free_block: getblk() failed
[ 1179.359738][T13155] sysv_free_block: getblk() failed
[ 1179.384253][T13155] sysv_free_block: getblk() failed
[ 1179.389424][T13155] sysv_free_block: getblk() failed
[ 1179.427657][T13155] sysv_free_block: getblk() failed
[ 1179.432833][T13155] sysv_free_block: getblk() failed
[ 1179.472169][T13155] sysv_free_block: getblk() failed
[ 1179.477206][T13171] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1402'.
[ 1179.494583][T13155] sysv_free_block: getblk() failed
[ 1179.499759][T13155] sysv_free_block: getblk() failed
[ 1179.546636][T13155] sysv_free_block: getblk() failed
[ 1179.551834][T13155] sysv_free_block: getblk() failed
[ 1179.603487][T13155] sysv_free_block: getblk() failed
[ 1179.608687][T13155] sysv_free_block: getblk() failed
[ 1179.656285][T13155] sysv_free_block: getblk() failed
[ 1179.661640][T13155] sysv_free_block: getblk() failed
[ 1179.718792][T13155] sysv_free_block: getblk() failed
[ 1179.760098][T13155] sysv_free_block: getblk() failed
[ 1179.829988][T13155] sysv_free_block: getblk() failed
[ 1179.859760][T13155] sysv_free_block: trying to free block not in datazone
[ 1180.865885][T13155] sysv_free_block: trying to free block not in datazone
[ 1180.918443][T13155] sysv_free_block: trying to free block not in datazone
[ 1182.039783][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1182.053092][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1182.133382][T13155] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1182.551214][T13201] loop6: detected capacity change from 0 to 512
[ 1182.666318][T13201] EXT4-fs: Ignoring removed i_version option
[ 1182.672383][T13201] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1182.791993][T13201] ext4: Unknown parameter 'seclabel'
[ 1182.912110][T13211] usb usb9: usbfs: process 13211 (syz.7.1400) did not claim interface 0 before use
[ 1182.914591][T13201] loop6: detected capacity change from 0 to 256
[ 1183.950569][T13201] msdos: Bad value for 'errors'
[ 1187.565156][T11977] IPVS: starting estimator thread 0...
[ 1188.003317][T13232] IPVS: using max 15 ests per chain, 36000 per kthread
[ 1188.267959][T13237] loop6: detected capacity change from 0 to 16
[ 1188.336798][T13237] erofs (device loop6): mounted with root inode @ nid 36.
[ 1189.204914][T13253] syz.6.1407: attempt to access beyond end of device
[ 1189.204914][T13253] loop6: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1189.221435][T13253] syz.6.1407: attempt to access beyond end of device
[ 1189.221435][T13253] loop6: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1189.235829][T13253] erofs (device loop6): read error -5 @ 124 of nid 36
[ 1189.276369][T13253] syz.6.1407: attempt to access beyond end of device
[ 1189.276369][T13253] loop6: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1189.291969][T13253] syz.6.1407: attempt to access beyond end of device
[ 1189.291969][T13253] loop6: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1189.307220][T13253] erofs (device loop6): read error -5 @ 124 of nid 36
[ 1190.901229][T13274] xt_l2tp: v2 sid > 0xffff: 134217728
[ 1192.049291][T13280] netlink: 288 bytes leftover after parsing attributes in process `syz.0.1420'.
[ 1193.517879][T13296] netlink: 'syz.2.1435': attribute type 10 has an invalid length.
[ 1193.751611][T13296] team0: Device veth0_macvtap failed to register rx_handler
[ 1194.784924][T13304] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1195.058068][T13307] loop0: detected capacity change from 0 to 2048
[ 1195.089301][T13310] loop6: detected capacity change from 0 to 512
[ 1195.124444][T13310] EXT4-fs: Ignoring removed i_version option
[ 1195.139450][T13307] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1195.153114][T13310] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1195.171972][T13310] ext4: Unknown parameter 'seclabel'
[ 1195.344891][T13320] loop7: detected capacity change from 0 to 16
[ 1195.414730][T13320] erofs (device loop7): mounted with root inode @ nid 36.
[ 1195.514076][T13307] syz.0.1426: attempt to access beyond end of device
[ 1195.514076][T13307] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[ 1195.536473][T13322] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1196.861448][T13329] syz.7.1427: attempt to access beyond end of device
[ 1196.861448][T13329] loop7: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1196.877221][T13329] syz.7.1427: attempt to access beyond end of device
[ 1196.877221][T13329] loop7: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1196.892511][T13329] erofs (device loop7): read error -5 @ 124 of nid 36
[ 1196.931642][T13329] syz.7.1427: attempt to access beyond end of device
[ 1196.931642][T13329] loop7: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1196.946429][T13329] syz.7.1427: attempt to access beyond end of device
[ 1196.946429][T13329] loop7: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1196.960871][T13329] erofs (device loop7): read error -5 @ 124 of nid 36
[ 1197.711233][T13330] netlink: 'syz.9.1429': attribute type 1 has an invalid length.
[ 1198.447512][ T5835] Bluetooth: hci2: unexpected event for opcode 0x0c58
[ 1202.095316][T13384] loop2: detected capacity change from 0 to 16
[ 1202.152796][T13384] erofs (device loop2): mounted with root inode @ nid 36.
[ 1202.777394][T13388] syz.2.1451: attempt to access beyond end of device
[ 1202.777394][T13388] loop2: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1202.791989][T13388] syz.2.1451: attempt to access beyond end of device
[ 1202.791989][T13388] loop2: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1202.808184][T13388] erofs (device loop2): read error -5 @ 124 of nid 36
[ 1202.843363][T13388] syz.2.1451: attempt to access beyond end of device
[ 1202.843363][T13388] loop2: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1202.858159][T13388] syz.2.1451: attempt to access beyond end of device
[ 1202.858159][T13388] loop2: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1202.874672][T13388] erofs (device loop2): read error -5 @ 124 of nid 36
[ 1203.674938][T13392] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1454'.
[ 1203.741479][T13392] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1454'.
[ 1204.283309][T13405] overlayfs: missing 'lowerdir'
[ 1205.013966][T13413] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1207.294162][T13433] loop2: detected capacity change from 0 to 1024
[ 1207.352295][T13433] hfsplus: Unknown parameter 'ÿÿ'
[ 1211.434416][T13470] netlink: 'syz.4.1477': attribute type 1 has an invalid length.
[ 1211.651854][T13474] loop0: detected capacity change from 0 to 1024
[ 1211.773303][T13474] hfsplus: Unknown parameter 'ÿÿ'
[ 1215.280286][T13492] overlayfs: failed to clone upperpath
[ 1215.379388][T13492] overlayfs: missing 'lowerdir'
[ 1215.826006][T13502] loop4: detected capacity change from 0 to 1024
[ 1215.894521][T13502] hfsplus: Unknown parameter 'ÿÿ'
[ 1219.311113][T13458] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1219.333790][T13458] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1219.629431][T13458] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1219.665422][T13458] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1221.368721][T13545] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[ 1221.375576][T13545] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1221.518269][T13545] vhci_hcd vhci_hcd.0: Device attached
[ 1221.593122][    T8] vhci_hcd: vhci_device speed not set
[ 1221.631608][T13546] vhci_hcd: connection closed
[ 1221.637144][ T5899] vhci_hcd: stop threads
[ 1221.663329][    T8] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[ 1221.766606][ T5899] vhci_hcd: release socket
[ 1221.835605][ T5899] vhci_hcd: disconnect device
[ 1222.546473][T13458] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1222.552443][T13458] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1222.559203][T13562] loop4: detected capacity change from 0 to 1024
[ 1222.632003][T13562] hfsplus: Unknown parameter 'ÿÿ'
[ 1224.804577][T13570] overlayfs: failed to clone upperpath
[ 1224.812261][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1225.614795][T13458] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[ 1225.620807][T13458] Bluetooth: hci7: Error when powering off device on rfkill (-4)
[ 1225.876020][T13578] netlink: 'syz.9.1511': attribute type 8 has an invalid length.
[ 1225.944975][T13582] loop7: detected capacity change from 0 to 256
[ 1226.058145][T13581] loop6: detected capacity change from 0 to 1024
[ 1227.079787][T13581] hfsplus: Unknown parameter 'ÿÿ'
[ 1227.144233][    T8] vhci_hcd: vhci_device speed not set
[ 1228.966384][T13599] loop7: detected capacity change from 0 to 1024
[ 1229.063922][T13599] hfsplus: Unknown parameter 'ÿÿ'
[ 1230.373298][T13608] vivid-000: kernel_thread() failed
[ 1231.541962][T13629] loop7: detected capacity change from 0 to 1024
[ 1231.614137][T13629] hfsplus: Unknown parameter 'ÿÿ'
[ 1232.919820][T13637] loop4: detected capacity change from 0 to 512
[ 1233.004255][T13637] EXT4-fs: Ignoring removed i_version option
[ 1233.103280][T13637] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1233.120043][T13637] ext4: Unknown parameter 'seclabel'
[ 1234.666836][ T9186] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1234.680654][ T9186] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1234.698239][ T9186] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1234.723307][ T9186] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1234.740739][ T9186] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1234.748211][ T9186] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1234.810089][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1234.849661][ T5835] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1234.913416][ T5835] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1234.925178][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1234.932761][ T5835] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1234.940282][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1235.123250][T13658] netlink: 20 bytes leftover after parsing attributes in process `syz.9.1528'.
[ 1235.589168][T13664] loop0: detected capacity change from 0 to 256
[ 1235.784975][T13666] loop6: detected capacity change from 0 to 1024
[ 1236.013345][T11977] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1236.224127][T11306] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1236.243183][T11977] usb 1-1: Using ep0 maxpacket: 32
[ 1236.295496][T11977] usb 1-1: config 4 has an invalid interface number: 228 but max is 0
[ 1236.357415][T11977] usb 1-1: config 4 has no interface number 0
[ 1236.429240][T11977] usb 1-1: config 4 interface 228 altsetting 68 endpoint 0x7 has an invalid bInterval 147, changing to 11
[ 1236.530356][T11306] usb 7-1: config 0 has an invalid interface number: 127 but max is 1
[ 1236.583106][T11977] usb 1-1: config 4 interface 228 altsetting 68 endpoint 0x7 has invalid maxpacket 41529, setting to 1024
[ 1236.603050][T11306] usb 7-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 241
[ 1236.686283][T11977] usb 1-1: config 4 interface 228 has no altsetting 0
[ 1236.921742][T11306] usb 7-1: config 0 has no interface number 1
[ 1236.946703][T11306] usb 7-1: config 0 interface 127 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1237.007616][ T9186] Bluetooth: hci4: command tx timeout
[ 1237.883439][T11306] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 29
[ 1237.899629][T11306] usb 7-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[ 1237.910208][T11977] usb 1-1: New USB device found, idVendor=0499, idProduct=a9a2, bcdDevice=c4.e8
[ 1237.919394][T11977] usb 1-1: New USB device strings: Mfr=1, Product=25, SerialNumber=3
[ 1237.927595][T11306] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1237.943164][T11977] usb 1-1: Product: syz
[ 1237.947398][T11306] usb 7-1: Product: syz
[ 1237.951598][T11306] usb 7-1: Manufacturer: syz
[ 1237.956325][T11977] usb 1-1: Manufacturer: syz
[ 1237.977415][T11977] usb 1-1: SerialNumber: syz
[ 1238.083176][T11306] usb 7-1: SerialNumber: syz
[ 1238.106270][T11306] usb 7-1: config 0 descriptor??
[ 1238.153377][T11306] usb-storage 7-1:0.127: USB Mass Storage device detected
[ 1238.236366][T11306] usb-storage 7-1:0.127: Quirks match for vid 1908 pid 1315: 20000
[ 1238.320505][T13678] loop4: detected capacity change from 0 to 1024
[ 1238.413654][T11977] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1238.463703][T13684] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1238.477180][T11977] usb 1-1: invalid MIDI in EP 0
[ 1238.529813][T11306] usb-storage 7-1:0.0: USB Mass Storage device detected
[ 1238.571792][T13644] chnl_net:caif_netlink_parms(): no params data found
[ 1238.636609][T11306] usb-storage 7-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[ 1238.823184][T11977] snd-usb-audio 1-1:4.228: probe with driver snd-usb-audio failed with error -22
[ 1238.862308][T11977] usb 1-1: USB disconnect, device number 2
[ 1239.080153][T11306] usb 7-1: USB disconnect, device number 2
[ 1239.156599][ T3438] hfsplus: b-tree write err: -5, ino 4
[ 1239.306085][T11902] udevd[11902]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:4.228/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1239.390504][T13696] loop4: detected capacity change from 0 to 1024
[ 1239.478127][T13696] hfsplus: Unknown parameter 'ÿÿ'
[ 1240.723415][ T5835] Bluetooth: hci4: command tx timeout
[ 1241.134491][T13644] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1241.141737][T13644] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1241.298899][T13644] bridge_slave_0: entered allmulticast mode
[ 1241.317620][T13711] loop0: detected capacity change from 0 to 512
[ 1241.337382][T13644] bridge_slave_0: entered promiscuous mode
[ 1241.384047][T13711] EXT4-fs: Ignoring removed i_version option
[ 1241.390111][T13711] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1241.437297][T13644] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1241.466758][T13713] loop4: detected capacity change from 0 to 1024
[ 1241.523257][T13711] ext4: Unknown parameter 'seclabel'
[ 1241.528838][T13644] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1241.540208][T13713] hfsplus: Unknown parameter 'ÿÿ'
[ 1241.573280][T13644] bridge_slave_1: entered allmulticast mode
[ 1241.611285][T13711] loop0: detected capacity change from 0 to 256
[ 1241.624630][T13644] bridge_slave_1: entered promiscuous mode
[ 1241.733999][T13711] msdos: Bad value for 'errors'
[ 1244.205638][ T5835] Bluetooth: hci4: command tx timeout
[ 1245.637432][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1245.644013][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1246.336574][ T5835] Bluetooth: hci4: command tx timeout
[ 1247.402819][T13733] loop4: detected capacity change from 0 to 16
[ 1247.501506][T13733] erofs (device loop4): mounted with root inode @ nid 36.
[ 1247.529802][T13731] netlink: 'syz.6.1544': attribute type 1 has an invalid length.
[ 1247.540986][T13644] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1247.986233][T13644] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1248.237894][T13739] syz.4.1547: attempt to access beyond end of device
[ 1248.237894][T13739] loop4: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1248.252483][T13739] syz.4.1547: attempt to access beyond end of device
[ 1248.252483][T13739] loop4: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1248.266840][T13739] erofs (device loop4): read error -5 @ 124 of nid 36
[ 1248.303248][T13739] syz.4.1547: attempt to access beyond end of device
[ 1248.303248][T13739] loop4: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1248.317656][T13739] syz.4.1547: attempt to access beyond end of device
[ 1248.317656][T13739] loop4: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1248.332061][T13739] erofs (device loop4): read error -5 @ 124 of nid 36
[ 1249.025199][T13738] loop0: detected capacity change from 0 to 512
[ 1249.204607][T13738] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1249.221277][T13742] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1548'.
[ 1249.303607][T13738] EXT4-fs error (device loop0): ext4_orphan_get:1415: comm syz.0.1546: bad orphan inode 131083
[ 1249.494012][T13738] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1250.006234][T13644] team0: Port device team_slave_0 added
[ 1250.087017][T13644] team0: Port device team_slave_1 added
[ 1250.888223][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1251.193638][T13644] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1251.265584][T13644] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1251.423125][T13644] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1251.515285][T13644] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1251.594048][T13644] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1251.757250][T13644] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1252.326653][T13644] hsr_slave_0: entered promiscuous mode
[ 1252.402782][T13644] hsr_slave_1: entered promiscuous mode
[ 1252.447216][T13780] loop7: detected capacity change from 0 to 1024
[ 1252.495673][T13780] hfsplus: Unknown parameter 'ÿÿ'
[ 1254.992528][T13799] capability: warning: `syz.6.1564' uses 32-bit capabilities (legacy support in use)
[ 1255.004222][T13800] loop0: detected capacity change from 0 to 16
[ 1255.053846][T13800] erofs (device loop0): mounted with root inode @ nid 36.
[ 1255.682906][T13808] syz.0.1562: attempt to access beyond end of device
[ 1255.682906][T13808] loop0: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1255.697575][T13808] syz.0.1562: attempt to access beyond end of device
[ 1255.697575][T13808] loop0: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1255.711864][T13808] erofs (device loop0): read error -5 @ 124 of nid 36
[ 1255.746500][T13808] syz.0.1562: attempt to access beyond end of device
[ 1255.746500][T13808] loop0: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1255.760897][T13808] syz.0.1562: attempt to access beyond end of device
[ 1255.760897][T13808] loop0: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1255.775127][T13808] erofs (device loop0): read error -5 @ 124 of nid 36
[ 1256.700825][T13802] pim6reg: entered allmulticast mode
[ 1257.037856][T13819] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1568'.
[ 1257.039858][T13820] loop7: detected capacity change from 0 to 512
[ 1257.196152][T13820] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1257.476835][T13820] EXT4-fs (loop7): 1 truncate cleaned up
[ 1257.526045][T13820] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1257.636885][T13832] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1257.887930][T13838] loop0: detected capacity change from 0 to 1024
[ 1257.920864][T13838] hfsplus: Unknown parameter 'ÿÿ'
[ 1257.999284][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1259.793122][ T5952] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 1261.023315][ T5952] usb 5-1: Using ep0 maxpacket: 8
[ 1261.166165][ T5952] usb 5-1: config 0 has an invalid interface number: 22 but max is 0
[ 1261.216014][ T5952] usb 5-1: config 0 has no interface number 0
[ 1261.278553][ T5952] usb 5-1: config 0 interface 22 has no altsetting 0
[ 1261.314917][ T5952] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=bf.9a
[ 1261.363202][ T5952] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1261.410422][ T5952] usb 5-1: Product: syz
[ 1261.432940][ T5952] usb 5-1: Manufacturer: syz
[ 1261.463501][ T5952] usb 5-1: SerialNumber: syz
[ 1261.510813][ T5952] usb 5-1: config 0 descriptor??
[ 1262.098021][ T5952] RobotFuzz Open Source InterFace, OSIF 5-1:0.22: version bf.9a found at bus 005 address 014
[ 1263.078291][ T5952] usb 5-1: USB disconnect, device number 14
[ 1263.620789][T13644] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1263.736170][T13644] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1263.834247][T13644] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1263.983601][T13644] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1264.071787][  T967] usb 1-1: new low-speed USB device number 3 using dummy_hcd
[ 1264.084190][T13896] loop4: detected capacity change from 0 to 8
[ 1264.121950][T13896] MTD: Attempt to mount non-MTD device "/dev/loop4"
[ 1264.164838][T13893] loop6: detected capacity change from 0 to 4096
[ 1264.252018][T13896] cramfs: bad data blocksize 503315823
[ 1264.277870][T13899] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1264.315856][  T967] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[ 1264.319414][T13900] loop7: detected capacity change from 0 to 256
[ 1264.335883][T13896] cramfs: bad data blocksize 271293305
[ 1264.372113][  T967] usb 1-1: config 0 has no interface number 0
[ 1264.393104][T13896] cramfs: bad data blocksize 4176613145
[ 1264.415189][  T967] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1264.437647][T13896] cramfs: bad data blocksize 503315823
[ 1264.441594][T13900] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[ 1264.471981][T13644] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1264.478745][   T29] kauditd_printk_skb: 18 callbacks suppressed
[ 1264.478768][   T29] audit: type=1800 audit(1736398820.986:85): pid=13896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1593" name="file0" dev="loop4" ino=244 res=0 errno=0
[ 1264.515144][  T967] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1264.686620][T13644] 8021q: adding VLAN 0 to HW filter on device team0
[ 1264.731595][  T967] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1264.824767][ T6042] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1264.831915][ T6042] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1264.846980][  T967] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1264.905264][ T6042] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1264.912445][ T6042] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1264.913070][  T967] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1264.983066][  T967] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1265.047366][  T967] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1265.087172][  T967] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1265.116008][  T967] usb 1-1: config 0 descriptor??
[ 1265.129816][T13644] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1265.146145][T13908] loop4: detected capacity change from 0 to 256
[ 1265.165435][T13891] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1265.211819][  T967] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1265.694423][T13917] loop4: detected capacity change from 0 to 1024
[ 1265.704156][T13917] EXT4-fs: Ignoring removed orlov option
[ 1265.709928][T13917] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1266.525822][T13917] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1266.534283][T13917] System zones: 0-1, 3-36
[ 1266.540859][T13917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1266.865661][T13644] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1266.897932][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1266.935934][  T967] usb 1-1: USB disconnect, device number 3
[ 1266.973557][  T967] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[ 1267.154852][T13933] Bluetooth: MGMT ver 1.23
[ 1267.352516][T13931] netlink: 92 bytes leftover after parsing attributes in process `syz.9.1603'.
[ 1270.286255][T13644] veth0_vlan: entered promiscuous mode
[ 1270.381180][   T29] audit: type=1800 audit(1736398826.886:86): pid=13961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1608" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[ 1270.400288][T13644] veth1_vlan: entered promiscuous mode
[ 1271.568175][T13644] veth0_macvtap: entered promiscuous mode
[ 1271.659076][T13644] veth1_macvtap: entered promiscuous mode
[ 1271.762171][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1271.811003][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1271.870120][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1271.882602][T13977] loop6: detected capacity change from 0 to 256
[ 1271.910314][T13974] loop4: detected capacity change from 0 to 1024
[ 1271.910853][T13978] loop7: detected capacity change from 0 to 512
[ 1271.933101][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1271.944356][T13974] hfsplus: Unknown parameter 'ÿÿ'
[ 1272.181240][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1272.203086][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1272.216656][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1272.228382][T13978] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1272.270391][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1272.384870][T13983] loop6: detected capacity change from 0 to 1024
[ 1272.394827][T13983] EXT4-fs: Ignoring removed orlov option
[ 1272.400600][T13983] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1273.417301][T13978] EXT4-fs (loop7): 1 truncate cleaned up
[ 1273.431403][T13983] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1273.439844][T13983] System zones: 0-1, 3-36
[ 1273.445856][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1273.446982][T13983] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1273.824982][T13978] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1273.827123][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1273.883642][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1273.923577][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1273.953048][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1273.973101][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1273.998094][T13644] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1274.074584][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1274.085786][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1274.106507][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1274.127522][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1274.194027][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1274.213191][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1274.225696][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1274.236485][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1274.246678][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1274.269304][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1274.289562][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1274.310405][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1274.330345][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1274.351130][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1274.371464][T13644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1274.392369][T13644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1274.415380][T13644] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1274.446821][T13644] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1274.466213][T13644] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1274.488205][T13644] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1274.524071][T13644] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1274.652710][ T7853] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1274.672616][ T7853] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1274.707037][ T1152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1274.715197][ T1152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1274.874962][T14003] program syz.0.1629 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1276.075027][T14026] loop8: detected capacity change from 0 to 16
[ 1276.165549][T14026] erofs (device loop8): mounted with root inode @ nid 36.
[ 1276.252649][T14034] loop0: detected capacity change from 0 to 1024
[ 1276.292571][T14034] hfsplus: Unknown parameter 'ÿÿ'
[ 1277.159664][T14041] syz.8.1617: attempt to access beyond end of device
[ 1277.159664][T14041] loop8: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1277.174092][T14041] syz.8.1617: attempt to access beyond end of device
[ 1277.174092][T14041] loop8: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1277.189619][T14041] erofs (device loop8): read error -5 @ 124 of nid 36
[ 1277.223951][T14041] syz.8.1617: attempt to access beyond end of device
[ 1277.223951][T14041] loop8: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[ 1277.238462][T14041] syz.8.1617: attempt to access beyond end of device
[ 1277.238462][T14041] loop8: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[ 1277.255001][T14041] erofs (device loop8): read error -5 @ 124 of nid 36
[ 1278.686313][ T3068] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1278.728149][T14061] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[ 1278.753585][T11290] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1278.894774][ T3068] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1278.933028][ T3068] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1278.953225][T11290] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1278.964296][ T3068] usb 5-1: config 0 descriptor??
[ 1278.994977][ T3068] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1280.104408][ T3068] gspca_cpia1: usb_control_msg 01, error -71
[ 1280.110468][ T3068] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0)
[ 1280.301241][ T3068] usb 5-1: USB disconnect, device number 15
[ 1286.610733][T14163] loop4: detected capacity change from 0 to 1024
[ 1286.659132][T14163] hfsplus: Unknown parameter 'ÿÿ'
[ 1286.955466][T14175] loop6: detected capacity change from 0 to 1024
[ 1287.000142][T14175] hfsplus: Unknown parameter 'ÿÿ'
[ 1289.458394][T14187] raw_sendmsg: syz.6.1666 forgot to set AF_INET. Fix it!
[ 1289.484734][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1289.915044][T14193] loop4: detected capacity change from 0 to 512
[ 1289.989230][T14193] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1290.052867][T14193] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1290.584619][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1291.642059][T14224] loop6: detected capacity change from 0 to 256
[ 1292.008121][T14230] loop4: detected capacity change from 0 to 256
[ 1292.196552][T14236] loop6: detected capacity change from 0 to 1024
[ 1292.206670][T14236] EXT4-fs: Ignoring removed orlov option
[ 1292.212441][T14236] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1292.318333][T14236] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1292.327088][T14236] System zones: 0-1, 3-36
[ 1292.355908][T14236] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1292.658302][T14230] FAT-fs (loop4): Directory bread(block 64) failed
[ 1292.667112][T14235] loop8: detected capacity change from 0 to 1024
[ 1292.721837][T14230] FAT-fs (loop4): Directory bread(block 65) failed
[ 1292.733568][T14235] hfsplus: Unknown parameter 'ÿÿ'
[ 1292.773757][T14230] FAT-fs (loop4): Directory bread(block 66) failed
[ 1292.829553][T14230] FAT-fs (loop4): Directory bread(block 67) failed
[ 1292.894108][T14230] FAT-fs (loop4): Directory bread(block 68) failed
[ 1292.900806][T14230] FAT-fs (loop4): Directory bread(block 69) failed
[ 1292.923340][T14230] FAT-fs (loop4): Directory bread(block 70) failed
[ 1292.942558][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1292.962568][T14230] FAT-fs (loop4): Directory bread(block 71) failed
[ 1292.979047][T14243] loop7: detected capacity change from 0 to 256
[ 1292.999601][T14230] FAT-fs (loop4): Directory bread(block 72) failed
[ 1293.057545][T14230] FAT-fs (loop4): Directory bread(block 73) failed
[ 1293.927736][T14246] loop7: detected capacity change from 0 to 1024
[ 1293.937618][T14246] EXT4-fs: Ignoring removed orlov option
[ 1293.943556][T14246] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1294.004070][T14246] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1294.019531][T14246] System zones: 0-1, 3-36
[ 1294.039494][T14246] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1294.504561][T14241] kexec: Could not allocate control_code_buffer
[ 1294.787376][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1295.401307][T14260] can0: slcan on ptm0.
[ 1296.556791][T14259] can0 (unregistered): slcan off ptm0.
[ 1297.302616][T14295] random: crng reseeded on system resumption
[ 1297.332377][T14292] loop7: detected capacity change from 0 to 256
[ 1299.395897][T14319] netlink: 128 bytes leftover after parsing attributes in process `syz.6.1703'.
[ 1299.507397][T14319] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1703'.
[ 1299.743383][T14325] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1705'.
[ 1300.307096][T14292] loop7: detected capacity change from 0 to 1024
[ 1300.364503][T14292] EXT4-fs: Ignoring removed orlov option
[ 1300.410935][T14292] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1300.467213][T14292] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1300.518098][T14292] System zones: 0-1, 3-36
[ 1300.594857][T14292] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1300.743200][ T3068] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1300.923616][ T3068] usb 9-1: Using ep0 maxpacket: 16
[ 1300.956649][ T3068] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[ 1300.993079][ T3068] usb 9-1: config 0 has no interface number 0
[ 1301.019654][ T3068] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1301.070307][T14317] loop4: detected capacity change from 0 to 32768
[ 1301.078243][ T3068] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1301.118831][ T3068] usb 9-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1301.139685][T14317] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1702 (14317)
[ 1301.185570][ T3068] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1301.205498][ T3068] usb 9-1: config 0 descriptor??
[ 1301.226762][T14317] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1301.266426][T14317] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[ 1301.298030][T14317] BTRFS info (device loop4): disk space caching is enabled
[ 1301.323323][T14317] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1301.404033][T14359] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1714'.
[ 1301.597303][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1301.642821][T14317] BTRFS info (device loop4): rebuilding free space tree
[ 1301.723066][  T967] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1301.804519][T14317] BTRFS info (device loop4): disabling free space tree
[ 1301.811487][T14317] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1301.863398][T14317] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1301.913039][  T967] usb 1-1: Using ep0 maxpacket: 8
[ 1301.918297][ T3068] input: HID 28bd:0071 Pen as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.1/0003:28BD:0071.0006/input/input10
[ 1301.932818][  T967] usb 1-1: config index 0 descriptor too short (expected 74, got 45)
[ 1301.983128][  T967] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1302.033253][  T967] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1302.075832][  T967] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1302.092029][ T3068] input: HID 28bd:0071 Pad as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.1/0003:28BD:0071.0006/input/input11
[ 1302.117033][  T967] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1302.158503][  T967] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1302.183276][ T3068] uclogic 0003:28BD:0071.0006: input,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.8-1/input1
[ 1302.203910][  T967] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1302.246115][ T3068] usb 9-1: USB disconnect, device number 3
[ 1302.296099][T11568] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1302.511423][  T967] usb 1-1: GET_CAPABILITIES returned 0
[ 1302.526428][  T967] usbtmc 1-1:16.0: can't read capabilities
[ 1302.804354][  T967] usb 1-1: USB disconnect, device number 4
[ 1303.098992][T14399] loop8: detected capacity change from 0 to 1024
[ 1303.171347][T14399] hfsplus: Unknown parameter 'ÿÿ'
[ 1304.853738][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1304.860236][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1306.033456][T14416] warning: `syz.0.1724' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 1306.325897][T14418] loop8: detected capacity change from 0 to 4096
[ 1306.621436][T14418] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512).
[ 1307.397678][T14436] loop6: detected capacity change from 0 to 64
[ 1307.408917][T14418] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[ 1307.934653][   T29] audit: type=1800 audit(1736398864.436:87): pid=14436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1731" name="file1" dev="loop6" ino=5 res=0 errno=0
[ 1308.757660][T14445] ceph: No source
[ 1308.972364][T14449] loop6: detected capacity change from 0 to 1024
[ 1308.984904][ T3068] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1309.035205][T14449] hfsplus: Unknown parameter 'ÿÿ'
[ 1309.207489][ T3068] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1309.254882][ T3068] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1309.431872][ T3068] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1309.818072][ T3068] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1309.830314][ T3068] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1309.844505][ T3068] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1309.853955][ T3068] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1309.863403][ T3068] usb 1-1: Product: syz
[ 1309.867593][ T3068] usb 1-1: Manufacturer: syz
[ 1309.890668][ T3068] cdc_wdm 1-1:1.0: skipping garbage
[ 1309.903252][ T3068] cdc_wdm 1-1:1.0: skipping garbage
[ 1309.929631][ T3068] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[ 1309.943025][ T3068] cdc_wdm 1-1:1.0: Unknown control protocol
[ 1310.611415][ T3068] usb 1-1: USB disconnect, device number 5
[ 1312.332800][T14467] loop7: detected capacity change from 0 to 32768
[ 1312.442162][T14467] XFS (loop7): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1312.646329][T14467] XFS (loop7): Ending clean mount
[ 1312.739258][T14467] XFS (loop7): Quotacheck needed: Please wait.
[ 1313.124479][T14506] loop4: detected capacity change from 0 to 256
[ 1313.576037][T14511] loop4: detected capacity change from 0 to 1024
[ 1313.583164][T14511] EXT4-fs: Ignoring removed orlov option
[ 1313.588846][T14511] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1314.345327][T14509] loop0: detected capacity change from 0 to 64
[ 1314.397111][T14511] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1314.405810][T14511] System zones: 0-1, 3-36
[ 1314.424628][T14511] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1314.457981][T14467] XFS (loop7): Quotacheck: Done.
[ 1314.746572][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1314.933841][ T6937] XFS (loop7): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1315.547552][T14528] loop0: detected capacity change from 0 to 1024
[ 1315.592170][T14528] hfsplus: Unknown parameter 'ÿÿ'
[ 1318.726279][T14558] loop8: detected capacity change from 0 to 256
[ 1319.037723][T14562] loop7: detected capacity change from 0 to 256
[ 1321.051760][T14565] loop7: detected capacity change from 0 to 1024
[ 1321.070833][T14565] EXT4-fs: Ignoring removed orlov option
[ 1321.076949][T14565] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1321.182144][T14567] loop8: detected capacity change from 0 to 1024
[ 1321.192314][T14567] EXT4-fs: Ignoring removed orlov option
[ 1321.198158][T14567] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1321.265538][T14567] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1321.274294][T14567] System zones: 0-1, 3-36
[ 1322.222393][T14567] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1322.329231][T14565] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1322.337493][T14565] System zones: 0-1, 3-36
[ 1322.375248][T14565] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1322.404450][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1322.556837][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1322.871373][T14574] loop4: detected capacity change from 0 to 4096
[ 1322.968471][T14574] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[ 1323.175424][T14574] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[ 1323.183377][T14582] loop8: detected capacity change from 0 to 1024
[ 1323.234940][T14582] hfsplus: Unknown parameter 'ÿÿ'
[ 1323.359748][T14585] loop6: detected capacity change from 0 to 1024
[ 1323.682862][T14585] hfsplus: Unknown parameter 'ÿÿ'
[ 1324.893193][T11568] ntfs3(loop4): ino=1a, ntfs_sync_fs failed, -22.
[ 1325.173205][T11290] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1325.404600][T11290] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1325.468171][T11290] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1325.571244][T11290] usb 9-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 1325.622631][T11290] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1325.694318][T11290] usb 9-1: config 0 descriptor??
[ 1326.175738][T11290] hid-led 0003:0FC5:B080.0007: unknown main item tag 0x0
[ 1326.883146][T14093] usb 9-1: USB disconnect, device number 4
[ 1326.909160][T14626] loop4: detected capacity change from 0 to 4096
[ 1327.064882][T14630] random: crng reseeded on system resumption
[ 1327.142913][T14626] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[ 1328.584910][T14621] loop6: detected capacity change from 0 to 32768
[ 1328.653419][T14647] loop7: detected capacity change from 0 to 512
[ 1328.740418][T14647] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 1328.790060][T14621] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[ 1328.848809][T14647] Quota error (device loop7): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[ 1328.961297][T14647] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[ 1329.064188][T14647] EXT4-fs error (device loop7): ext4_acquire_dquot:6936: comm syz.7.1787: Failed to acquire dquot type 1
[ 1329.272010][T14647] EXT4-fs (loop7): 1 truncate cleaned up
[ 1329.277902][T14093] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1329.331548][T14647] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1329.376499][T12914] ocfs2: Unmounting device (7,6) on (node local)
[ 1329.526135][T14093] usb 9-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1329.593741][T14093] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1329.704055][T14093] usb 9-1: config 0 descriptor??
[ 1329.756474][T14093] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1329.947249][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1330.418807][T14093] gspca_cpia1: usb_control_msg 01, error -71
[ 1330.473120][T14093] cpia1 9-1:0.0: only firmware version 1 is supported (got: 0)
[ 1330.532057][T14093] usb 9-1: USB disconnect, device number 5
[ 1330.889721][T14678] loop0: detected capacity change from 0 to 512
[ 1330.986725][T14678] EXT4-fs: Ignoring removed oldalloc option
[ 1331.030066][T14678] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1331.117444][T14678] EXT4-fs (loop0): 1 truncate cleaned up
[ 1331.148258][T14683] syzkaller1: entered promiscuous mode
[ 1331.167989][T14678] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1331.177933][T14683] syzkaller1: entered allmulticast mode
[ 1331.626627][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1331.931535][ T5835] Bluetooth: Wrong link type (-57)
[ 1332.271566][T14658] loop4: detected capacity change from 0 to 40427
[ 1332.600154][T14699] loop0: detected capacity change from 0 to 256
[ 1333.276787][T14708] loop0: detected capacity change from 0 to 1024
[ 1333.286591][T14708] EXT4-fs: Ignoring removed orlov option
[ 1333.292362][T14708] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1333.987749][T14708] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1333.995988][T14708] System zones: 0-1, 3-36
[ 1334.002205][T14708] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1334.015351][T11290] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1334.253060][T11290] usb 7-1: Using ep0 maxpacket: 8
[ 1334.299863][T11290] usb 7-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[ 1334.315028][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1334.350796][T11290] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1334.402168][T11290] usb 7-1: Product: syz
[ 1334.443260][T11290] usb 7-1: Manufacturer: syz
[ 1334.493486][T11290] usb 7-1: SerialNumber: syz
[ 1334.504523][T11290] usb 7-1: config 0 descriptor??
[ 1334.576195][T14717] loop7: detected capacity change from 0 to 64
[ 1334.768652][T11290] gspca_main: sunplus-2.14.0 probing 04a5:3003
[ 1335.123568][T14723] loop4: detected capacity change from 0 to 512
[ 1335.261556][T14723] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1335.279937][T14731] mac80211_hwsim hwsim44 wlan1: entered promiscuous mode
[ 1335.360297][T14731] mac80211_hwsim hwsim44 wlan1: entered allmulticast mode
[ 1335.381377][T11290] gspca_sunplus: reg_w_riv err -71
[ 1335.387291][T11290] sunplus 7-1:0.0: probe with driver sunplus failed with error -71
[ 1335.398286][T14723] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1335.453546][T11290] usb 7-1: USB disconnect, device number 3
[ 1335.576172][T14723] EXT4-fs warning (device loop4): ext4_group_add:1716: Can't resize non-sparse filesystem further
[ 1335.824133][T14737] loop0: detected capacity change from 0 to 736
[ 1335.834173][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1336.232784][T14743] loop4: detected capacity change from 0 to 1764
[ 1336.606024][T14751] loop0: detected capacity change from 0 to 1024
[ 1336.646921][T14751] hfsplus: Unknown parameter 'ÿÿ'
[ 1336.688108][T14755] 9pnet_fd: Insufficient options for proto=fd
[ 1336.733513][T11290] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1337.125296][T11290] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1337.330034][T11290] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1337.417962][T11290] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1337.437521][T11290] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1337.523729][T11290] usb 7-1: Product: syz
[ 1337.527985][T11290] usb 7-1: Manufacturer: syz
[ 1337.583083][T11290] usb 7-1: SerialNumber: syz
[ 1337.600567][T14768] loop8: detected capacity change from 0 to 64
[ 1337.603327][T14766] vlan2: entered allmulticast mode
[ 1337.620379][T11290] cdc_mbim 7-1:1.0: skipping garbage
[ 1337.644232][T14766] bond0: entered allmulticast mode
[ 1337.649422][T14766] bond_slave_0: entered allmulticast mode
[ 1337.887352][T14749] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1338.342652][T14735] loop7: detected capacity change from 0 to 32768
[ 1338.370786][T14766] bond_slave_1: entered allmulticast mode
[ 1338.573868][T14735] workqueue: Failed to create a rescuer kthread for wq "xfs-reclaim/loop7": -EINTR
[ 1338.624853][T14766] bond0: left allmulticast mode
[ 1338.697128][T14766] bond_slave_0: left allmulticast mode
[ 1338.733924][T14766] bond_slave_1: left allmulticast mode
[ 1338.872017][T14781] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1826'.
[ 1338.993641][T14749] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1339.034810][T11290] cdc_mbim 7-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[ 1339.042375][T11290] cdc_mbim 7-1:1.0: setting rx_max = 2048
[ 1339.227136][T11290] cdc_mbim 7-1:1.0: setting tx_max = 184
[ 1339.270146][T11290] cdc_mbim 7-1:1.0: cdc-wdm0: USB WDM device
[ 1339.310535][T11290] wwan wwan0: port wwan0mbim0 attached
[ 1339.357772][T11290] cdc_mbim 7-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.6-1, CDC MBIM, 76:c4:2b:fc:7f:0d
[ 1339.412794][T11290] usb 7-1: USB disconnect, device number 4
[ 1339.440890][T11290] cdc_mbim 7-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.6-1, CDC MBIM
[ 1339.520917][T14796] loop8: detected capacity change from 0 to 4096
[ 1339.638660][T11290] wwan wwan0: port wwan0mbim0 disconnected
[ 1340.061617][T14814] loop0: detected capacity change from 0 to 256
[ 1340.107009][T14815] loop4: detected capacity change from 0 to 1024
[ 1340.150913][T14815] hfsplus: Unknown parameter 'ÿÿ'
[ 1340.394702][T14819] netlink: 'syz.9.1836': attribute type 10 has an invalid length.
[ 1341.175701][T14819] netlink: 2 bytes leftover after parsing attributes in process `syz.9.1836'.
[ 1341.197967][T14819] team0: entered promiscuous mode
[ 1341.206140][T14819] team_slave_0: entered promiscuous mode
[ 1341.212220][T14819] team_slave_1: entered promiscuous mode
[ 1341.218564][T14819] bridge0: port 3(team0) entered blocking state
[ 1341.226006][T14819] bridge0: port 3(team0) entered disabled state
[ 1341.232600][T14819] team0: entered allmulticast mode
[ 1341.422155][T14819] team_slave_0: entered allmulticast mode
[ 1341.462172][T14819] team_slave_1: entered allmulticast mode
[ 1341.526007][T14819] bridge0: port 3(team0) entered blocking state
[ 1341.532452][T14819] bridge0: port 3(team0) entered forwarding state
[ 1341.740613][T14830] loop8: detected capacity change from 0 to 1024
[ 1341.790500][T14830] hfsplus: Unknown parameter 'ÿÿ'
[ 1344.059458][T14853] loop7: detected capacity change from 0 to 256
[ 1345.756906][T14843] loop6: detected capacity change from 0 to 32768
[ 1345.821468][T14843] ocfs2: Slot 0 on device (7,6) was already allocated to this node!
[ 1345.837286][T14885] netlink: 32 bytes leftover after parsing attributes in process `syz.9.1850'.
[ 1345.886891][T14883] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1849'.
[ 1345.923351][T14843] JBD2: journal reset failed
[ 1345.927983][T14843] (syz.6.1840,14843,0):ocfs2_journal_load:1145 ERROR: Failed to load journal!
[ 1346.015752][T14843] (syz.6.1840,14843,0):ocfs2_check_volume:2428 ERROR: ocfs2 journal load failed! -4
[ 1346.079466][T14890] loop7: detected capacity change from 0 to 256
[ 1346.982482][T14894] loop8: detected capacity change from 0 to 4096
[ 1347.253267][T14901] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1347.443240][   T29] audit: type=1800 audit(1736398903.916:88): pid=14894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1852" name="bus" dev="loop8" ino=18 res=0 errno=0
[ 1348.255263][T14909] loop6: detected capacity change from 0 to 1024
[ 1348.328053][T14909] EXT4-fs: Ignoring removed i_version option
[ 1348.484344][T14909] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1348.759395][ T5952] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[ 1348.843938][ T5952] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1348.886789][T14921] loop0: detected capacity change from 0 to 1024
[ 1348.919454][T14924] loop4: detected capacity change from 0 to 256
[ 1348.948059][T14921] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1349.028579][T14921] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1349.381235][T14926] loop8: detected capacity change from 0 to 512
[ 1349.433579][T14921] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1349.554054][T14926] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1349.838518][ T9012] kernel write not supported for file /uhid (pid: 9012 comm: kworker/1:1)
[ 1349.879494][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1349.921619][T14926] EXT4-fs (loop8): 1 truncate cleaned up
[ 1349.968165][T14926] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1350.214860][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1350.260629][T14926] EXT4-fs error (device loop8): mb_free_blocks:1945: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[ 1350.307029][T14936] loop6: detected capacity change from 0 to 512
[ 1350.321947][T14940] EXT4-fs error (device loop8): ext4_ext_remove_space:2951: inode #15: comm syz.8.1860: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[ 1351.020899][T14936] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1351.063381][T14939] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1865'.
[ 1351.145840][T14936] ext4 filesystem being mounted at /90/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1351.317506][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1351.593424][ T9012] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1351.766659][T14952] loop4: detected capacity change from 0 to 1024
[ 1351.789497][ T9012] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1351.838879][T14952] hfsplus: Unknown parameter 'ÿÿ'
[ 1351.857595][ T9012] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1351.959037][ T9012] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1352.951755][ T9012] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1352.961451][ T9012] usb 7-1: SerialNumber: syz
[ 1353.211251][T14964] loop7: detected capacity change from 0 to 64
[ 1354.318617][ T9012] usb 7-1: 0:2 : does not exist
[ 1354.451066][ T9012] usb 7-1: USB disconnect, device number 5
[ 1354.547403][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1355.794902][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:2. Sending cookies.
[ 1355.943137][ T3068] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1356.071914][T14994] loop8: detected capacity change from 0 to 512
[ 1356.122630][T14994] EXT4-fs: Ignoring removed oldalloc option
[ 1356.174045][T14998] loop9: detected capacity change from 0 to 7
[ 1356.183678][ T3068] usb 5-1: Using ep0 maxpacket: 8
[ 1356.195044][ T3068] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1356.223264][T14998] Dev loop9: unable to read RDB block 7
[ 1356.227262][T14994] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1356.229170][ T3068] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1356.261245][ T3068] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1356.261727][T14998]  loop9: AHDI p1
[ 1356.271095][ T3068] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1356.271150][ T3068] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1356.271224][ T3068] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1356.271274][ T3068] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1356.351732][T14994] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1356.443946][T14998] loop9: partition table partially beyond EOD, truncated
[ 1356.493244][ T3068] usb 5-1: usb_control_msg returned -32
[ 1356.519575][ T3068] usbtmc 5-1:16.0: can't read capabilities
[ 1356.539625][T14994] EXT4-fs error (device loop8): ext4_empty_dir:3094: inode #12: comm syz.8.1880: invalid size
[ 1356.766138][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1356.967051][T14980] loop0: detected capacity change from 0 to 32768
[ 1357.009003][T15018] loop8: detected capacity change from 0 to 1024
[ 1357.050695][T14990] loop6: detected capacity change from 0 to 32768
[ 1357.070415][T15018] hfsplus: Unknown parameter 'ÿÿ'
[ 1357.081456][T14980] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1357.297041][T14990] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[ 1357.714377][T14980] XFS (loop0): Ending clean mount
[ 1357.794656][T14980] XFS (loop0): Quotacheck needed: Please wait.
[ 1357.897112][T14980] XFS (loop0): Quotacheck: Done.
[ 1358.064686][T12947] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1358.183315][T12914] ocfs2: Unmounting device (7,6) on (node local)
[ 1358.588243][T14093] usb 5-1: USB disconnect, device number 16
[ 1358.808862][T15068] loop4: detected capacity change from 0 to 1024
[ 1358.821648][T15071] loop6: detected capacity change from 0 to 1024
[ 1358.832743][T15068] EXT4-fs: Ignoring removed orlov option
[ 1358.839785][T15067] loop8: detected capacity change from 0 to 1024
[ 1358.840346][T15071] hfsplus: Unknown parameter 'ÿÿ'
[ 1358.853262][T15068] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1358.860701][T15068] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 1358.872356][T15069] loop0: detected capacity change from 0 to 1024
[ 1358.879954][T15069] hfsplus: Unknown parameter 'ÿÿ'
[ 1358.883952][T15067] hfsplus: Unknown parameter 'ÿÿ'
[ 1359.593510][T15068] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1360.133192][T15081] random: crng reseeded on system resumption
[ 1360.203499][T15068] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2"
[ 1360.339072][T15094] loop0: detected capacity change from 0 to 1024
[ 1360.359888][T15094] hfsplus: Unknown parameter 'ÿÿ'
[ 1360.398852][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1362.042440][T15128] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[ 1362.137624][T15130] netlink: 'syz.7.1911': attribute type 4 has an invalid length.
[ 1362.191919][T15134] netlink: 'syz.7.1911': attribute type 4 has an invalid length.
[ 1362.249030][T15134] syz.7.1911 (15134) used greatest stack depth: 20768 bytes left
[ 1362.380812][T15138] loop6: detected capacity change from 0 to 1024
[ 1362.393805][T15138] hfsplus: Unknown parameter 'ÿÿ'
[ 1362.552154][T15142] loop4: detected capacity change from 0 to 1024
[ 1362.606661][T15142] hfsplus: Unknown parameter 'ÿÿ'
[ 1363.563113][T15155] can0: slcan on ptm0.
[ 1363.714232][T15154] can0 (unregistered): slcan off ptm0.
[ 1364.053612][T15170] loop0: detected capacity change from 0 to 4096
[ 1364.156673][T15180] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1364.218233][   T29] audit: type=1800 audit(1736398920.726:89): pid=15170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1921" name="bus" dev="loop0" ino=18 res=0 errno=0
[ 1364.673814][T15157] loop4: detected capacity change from 0 to 32768
[ 1364.713168][T13509] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1364.716120][T15157] bcachefs (/dev/loop4): error reading default superblock: checksum error, type none: got  should be 
[ 1364.799124][T15193] syzkaller1: entered promiscuous mode
[ 1364.818570][T15193] syzkaller1: entered allmulticast mode
[ 1364.833511][T15196] loop0: detected capacity change from 0 to 1024
[ 1364.839375][T15198] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1364.853751][T15196] hfsplus: Unknown parameter 'ÿÿ'
[ 1364.873068][T13509] usb 9-1: Using ep0 maxpacket: 16
[ 1364.880347][T13509] usb 9-1: config 0 has an invalid interface number: 41 but max is 0
[ 1364.892844][T13509] usb 9-1: config 0 has no interface number 0
[ 1364.926266][T13509] usb 9-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1365.008128][T13509] usb 9-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1365.079778][T13509] usb 9-1: config 0 interface 41 has no altsetting 0
[ 1365.141720][T13509] usb 9-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 1365.235303][T13509] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1365.279308][T13509] usb 9-1: Product: syz
[ 1365.306665][T15157] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,version_upgrade=none
[ 1365.336532][T13509] usb 9-1: Manufacturer: syz
[ 1365.371799][T13509] usb 9-1: SerialNumber: syz
[ 1365.420344][T13509] usb 9-1: config 0 descriptor??
[ 1365.447558][T15157] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[ 1365.477387][T15187] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1365.534892][T15157] bcachefs (loop4): insufficient writeable journal devices available: have 0, need 1
[ 1365.534892][T15157] rw journal devs:
[ 1365.555524][T15187] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1365.728644][T15157] bcachefs (loop4): accounting_read...
[ 1365.753285][T15215] loop7: detected capacity change from 0 to 1024
[ 1365.766128][T15215] hfsplus: Unknown parameter 'ÿÿ'
[ 1365.773992][T15157]  done
[ 1365.776834][T15157] bcachefs (loop4): alloc_read... done
[ 1365.818352][T15157] bcachefs (loop4): stripes_read... done
[ 1365.869039][T15157] bcachefs (loop4): snapshots_read... done
[ 1365.886843][T15157] bcachefs (loop4): journal_replay... done
[ 1365.892772][T15157] bcachefs (loop4): resume_logged_ops... done
[ 1365.918728][T15187] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1365.934731][T15157] bcachefs (loop4): delete_dead_inodes... done
[ 1365.942058][T15157] bcachefs (loop4): going read-write
[ 1365.983113][T15187] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1366.044259][T15157] bcachefs (loop4): bch2_copygc_start(): error creating copygc thread EINTR
[ 1366.074904][T15157] bcachefs (loop4): error starting copygc thread
[ 1366.094851][T15157] bcachefs (loop4): going read-only
[ 1366.111611][T15157] bcachefs (loop4): finished waiting for writes to stop
[ 1366.157387][T15157] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10
[ 1366.222468][T15223] loop7: detected capacity change from 0 to 512
[ 1366.231386][T15157] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10
[ 1366.286604][T15223] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1366.319443][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1366.323291][T15157] bcachefs (loop4): shutdown complete, journal seq 10
[ 1366.326463][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1366.375081][T15223] EXT4-fs (loop7): 1 truncate cleaned up
[ 1366.383663][T15157] bcachefs (loop4): marking filesystem clean
[ 1366.420566][T15223] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1366.459012][T15157] bcachefs (loop4): bch2_fs_start(): error starting filesystem EINTR
[ 1366.484364][T15157] bcachefs (loop4): shutting down
[ 1366.566873][T15157] bcachefs (loop4): shutdown complete
[ 1366.700119][T15238] rdma_op ffff88805597a9f0 conn xmit_rdma 0000000000000000
[ 1366.714216][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1366.839046][T13509] CoreChips 9-1:0.41: probe with driver CoreChips failed with error -71
[ 1366.890238][T13509] usb 9-1: USB disconnect, device number 6
[ 1368.040599][T15255] loop7: detected capacity change from 0 to 1024
[ 1368.091984][T15255] EXT4-fs: Ignoring removed i_version option
[ 1368.208628][T15255] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1368.686274][T15265] loop8: detected capacity change from 0 to 256
[ 1369.300867][T15274] loop8: detected capacity change from 0 to 1024
[ 1369.311090][T15274] EXT4-fs: Ignoring removed orlov option
[ 1369.316971][T15274] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1369.389722][T15274] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1369.398348][T15274] System zones: 0-1, 3-36
[ 1369.421024][T15274] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1369.743534][T15272] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1369.891092][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1370.014553][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1370.078969][T15285] loop0: detected capacity change from 0 to 1024
[ 1370.119556][T15285] hfsplus: Unknown parameter 'ÿÿ'
[ 1370.584309][T15293] loop8: detected capacity change from 0 to 4096
[ 1371.462389][T15323] syzkaller1: entered promiscuous mode
[ 1371.481846][T15323] syzkaller1: entered allmulticast mode
[ 1371.984243][T15334] netlink: 178660 bytes leftover after parsing attributes in process `syz.8.1958'.
[ 1371.993774][T15334] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1958'.
[ 1372.168161][T15340] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1959'.
[ 1372.232199][T15157] bcachefs: bch2_fs_get_tree() error: EINTR
[ 1372.490477][T15346] loop0: detected capacity change from 0 to 256
[ 1372.655748][T15348] loop8: detected capacity change from 0 to 1024
[ 1372.702573][T15348] hfsplus: Unknown parameter 'ÿÿ'
[ 1373.076396][T15352] loop0: detected capacity change from 0 to 1024
[ 1373.084028][T15352] EXT4-fs: Ignoring removed orlov option
[ 1373.089819][T15352] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1373.173786][T15352] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1373.182529][T15352] System zones: 0-1, 3-36
[ 1373.200865][T15352] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1374.020530][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1374.622460][T15375] loop4: detected capacity change from 0 to 256
[ 1375.144356][T15381] loop4: detected capacity change from 0 to 1024
[ 1375.154648][T15381] EXT4-fs: Ignoring removed orlov option
[ 1375.160439][T15381] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1375.321456][T15381] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1375.330340][T15381] System zones: 0-1, 3-36
[ 1375.351084][T15381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1375.693060][T15386] loop7: detected capacity change from 0 to 512
[ 1375.754543][T15386] EXT4-fs: Ignoring removed oldalloc option
[ 1375.801514][T15386] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1375.860542][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1375.861272][T15386] EXT4-fs (loop7): 1 truncate cleaned up
[ 1375.878514][T15386] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1376.056197][T15386] loop7: detected capacity change from 512 to 64
[ 1376.358672][ T6937] EXT4-fs error (device loop7): mb_free_blocks:1945: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt.
[ 1376.430571][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1380.320692][T15442] loop8: detected capacity change from 0 to 1024
[ 1380.364171][T15442] hfsplus: Unknown parameter 'ÿÿ'
[ 1380.479548][T15450] loop6: detected capacity change from 0 to 256
[ 1380.974617][T15455] loop6: detected capacity change from 0 to 1024
[ 1380.984425][T15455] EXT4-fs: Ignoring removed orlov option
[ 1380.990249][T15455] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1381.263756][T15455] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1381.272583][T15455] System zones: 0-1, 3-36
[ 1381.338173][T15455] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1381.785364][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1382.398944][T15461] Process accounting resumed
[ 1382.511904][T15465] loop0: detected capacity change from 0 to 1024
[ 1382.520568][T15465] hfsplus: Unknown parameter 'ÿÿ'
[ 1382.545075][T15463] loop6: detected capacity change from 0 to 512
[ 1382.739818][T15463] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1384.276795][T15463] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1384.566609][   T29] audit: type=1800 audit(1736398941.066:90): pid=15488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1986" name="file2" dev="loop6" ino=16 res=0 errno=0
[ 1384.862350][   T29] audit: type=1800 audit(1736398941.096:91): pid=15463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1986" name="file1" dev="loop6" ino=15 res=0 errno=0
[ 1386.053864][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1386.070678][T15500] loop7: detected capacity change from 0 to 1024
[ 1386.179671][T15500] hfsplus: Unknown parameter 'ÿÿ'
[ 1386.804001][T15510] loop6: detected capacity change from 0 to 1024
[ 1386.853787][T15510] EXT4-fs: Ignoring removed orlov option
[ 1386.933511][T15510] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1387.137977][   T29] audit: type=1804 audit(1736398943.616:92): pid=15510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1995" name="/newroot/111/bus/bus" dev="loop6" ino=18 res=1 errno=0
[ 1387.904087][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1389.126132][T15523] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1389.549022][T15523] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1389.685669][T15536] loop0: detected capacity change from 0 to 1024
[ 1389.725790][T15536] hfsplus: Unknown parameter 'ÿÿ'
[ 1389.836169][T15540] loop4: detected capacity change from 0 to 1024
[ 1389.872518][T15540] hfsplus: Unknown parameter 'ÿÿ'
[ 1390.050514][T15523] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1390.057623][T15546] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2005'.
[ 1390.399914][T15523] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1390.681351][T15523] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1390.695472][T15563] loop4: detected capacity change from 0 to 256
[ 1390.754260][T15563] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[ 1390.797539][T15563] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1390.802328][T15523] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1390.896253][T15523] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1390.919219][T15563] exFAT-fs (loop4): valid_size(150994954) is greater than size(10)
[ 1390.953870][T15523] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1391.016474][T15568] loop0: detected capacity change from 0 to 1024
[ 1391.043957][T15568] hfsplus: Unknown parameter 'ÿÿ'
[ 1392.054401][T15591] loop7: detected capacity change from 0 to 1024
[ 1392.083889][T15591] hfsplus: Unknown parameter 'ÿÿ'
[ 1393.155292][ T7853] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1393.289448][T15604] loop4: detected capacity change from 0 to 1024
[ 1393.376194][T15576] loop8: detected capacity change from 0 to 32768
[ 1393.388460][T15604] hfsplus: Unknown parameter 'ÿÿ'
[ 1393.413392][T15576] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.2013 (15576)
[ 1393.476752][T15576] BTRFS info (device loop8): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1393.521152][T15576] BTRFS info (device loop8): using sha256 (sha256-ni) checksum algorithm
[ 1393.553015][T15576] BTRFS info (device loop8): using free-space-tree
[ 1393.732061][ T7853] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1394.081234][T15576] BTRFS info (device loop8): rebuilding free space tree
[ 1394.698257][ T7853] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1394.815625][T13644] BTRFS info (device loop8): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1395.127772][ T7853] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1395.856130][ T7853] bridge_slave_1: left allmulticast mode
[ 1395.896056][ T7853] bridge_slave_1: left promiscuous mode
[ 1395.926642][ T7853] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1396.051402][ T7853] bridge_slave_0: left allmulticast mode
[ 1396.084958][ T7853] bridge_slave_0: left promiscuous mode
[ 1396.117276][ T7853] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1397.218127][T15654] loop0: detected capacity change from 0 to 256
[ 1397.244208][T15656] netlink: 'syz.4.2026': attribute type 1 has an invalid length.
[ 1397.278268][T15654] exfat: Deprecated parameter 'utf8'
[ 1397.289696][T15654] exfat: Deprecated parameter 'utf8'
[ 1397.297309][T15654] exfat: Deprecated parameter 'utf8'
[ 1397.387959][T15654] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[ 1398.514828][T15652] loop8: detected capacity change from 0 to 32768
[ 1398.575562][T15652] XFS (loop8): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1398.692822][ T7853] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1398.708420][T15652] XFS (loop8): Ending clean mount
[ 1398.746651][ T7853] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1398.774941][   T29] audit: type=1800 audit(1736398955.286:93): pid=15652 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2023" name="bus" dev="loop8" ino=6153 res=0 errno=0
[ 1398.837740][ T7853] bond0 (unregistering): Released all slaves
[ 1398.867787][   T29] audit: type=1800 audit(1736398955.366:94): pid=15652 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2023" name="bus" dev="loop8" ino=6153 res=0 errno=0
[ 1399.017995][T13644] XFS (loop8): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1399.171150][T15656] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1399.776667][T15701] loop8: detected capacity change from 0 to 1024
[ 1399.806384][T15701] hfsplus: Unknown parameter 'ÿÿ'
[ 1399.939135][ T7853] hsr_slave_0: left promiscuous mode
[ 1400.105779][ T7853] hsr_slave_1: left promiscuous mode
[ 1400.213846][ T7853] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1400.222724][ T7853] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1400.262800][ T7853] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1400.290068][ T7853] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1400.366465][T15712] loop0: detected capacity change from 0 to 1024
[ 1400.422162][T15712] hfsplus: Unknown parameter 'ÿÿ'
[ 1400.436762][ T7853] veth1_macvtap: left promiscuous mode
[ 1400.463267][ T7853] veth1_vlan: left promiscuous mode
[ 1400.515710][ T7853] veth0_vlan: left promiscuous mode
[ 1400.787489][T15718] loop4: detected capacity change from 0 to 256
[ 1401.389692][T15726] loop4: detected capacity change from 0 to 1024
[ 1401.406088][T15726] EXT4-fs: Ignoring removed orlov option
[ 1401.411882][T15726] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1401.549469][T15726] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1401.558187][T15726] System zones: 0-1, 3-36
[ 1401.587565][T15726] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1402.041979][T15731] loop7: detected capacity change from 0 to 1024
[ 1402.169020][T15731] hfsplus: Unknown parameter 'ÿÿ'
[ 1402.244558][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1402.831703][T15739] loop4: detected capacity change from 0 to 256
[ 1403.476803][T15743] loop4: detected capacity change from 0 to 1024
[ 1403.487081][T15743] EXT4-fs: Ignoring removed orlov option
[ 1403.492891][T15743] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1403.562158][T15743] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1403.570971][T15743] System zones: 0-1, 3-36
[ 1403.664083][T15743] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1404.222663][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1404.267249][T15747] overlayfs: failed to clone upperpath
[ 1404.484997][T15750] loop4: detected capacity change from 0 to 8
[ 1404.587914][T15750] SQUASHFS error: Failed to read block 0x4de: -5
[ 1404.618182][T15750] SQUASHFS error: Failed to read block 0x4de: -5
[ 1404.648193][   T29] audit: type=1800 audit(1736398961.146:95): pid=15750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2044" name="file1" dev="loop4" ino=5 res=0 errno=0
[ 1404.694594][T15750] SQUASHFS error: Failed to read block 0x4de: -5
[ 1404.702278][T15750] SQUASHFS error: Failed to read block 0x4de: -5
[ 1404.762252][T15755] SQUASHFS error: zlib decompression failed, data probably corrupt
[ 1404.803432][T15755] SQUASHFS error: Failed to read block 0x4de: -5
[ 1405.356238][T15765] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2046'.
[ 1405.566432][T15768] loop8: detected capacity change from 0 to 128
[ 1405.594736][T15768] EXT4-fs: Ignoring removed nobh option
[ 1405.636929][T15768] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1405.674975][T15768] ext4 filesystem being mounted at /65/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1405.718818][T15772] loop0: detected capacity change from 0 to 1024
[ 1405.738066][T15772] hfsplus: Unknown parameter 'ÿÿ'
[ 1405.993651][ T7853] team0 (unregistering): Port device team_slave_1 removed
[ 1406.040370][T13644] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1406.205556][ T7853] team0 (unregistering): Port device team_slave_0 removed
[ 1407.429840][T15788] loop8: detected capacity change from 0 to 256
[ 1407.918620][T15790] loop8: detected capacity change from 0 to 1024
[ 1407.929428][T15790] EXT4-fs: Ignoring removed orlov option
[ 1407.935439][T15790] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1408.048516][T15790] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1408.057423][T15790] System zones: 0-1, 3-36
[ 1408.078068][T15790] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1408.606186][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1408.757241][T15793] loop0: detected capacity change from 0 to 256
[ 1408.794551][T15793] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1408.808634][T15793] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1408.836029][T15793] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1408.975374][T11306] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1409.162300][T11306] usb 9-1: Using ep0 maxpacket: 8
[ 1409.162406][T15803] loop4: detected capacity change from 0 to 256
[ 1409.175854][T11306] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1409.221512][T11306] usb 9-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1409.241324][T11306] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1409.284222][T11306] usb 9-1: config 0 descriptor??
[ 1409.302661][T11306] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1409.546902][T15808] loop7: detected capacity change from 0 to 1024
[ 1409.671608][T15811] loop4: detected capacity change from 0 to 1024
[ 1409.680775][T15811] EXT4-fs: Ignoring removed orlov option
[ 1409.686666][T15811] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1409.889374][T15811] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1409.898057][T15811] System zones: 0-1, 3-36
[ 1409.947075][T15811] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1410.192833][T15808] hfsplus: Unknown parameter 'ÿÿ'
[ 1410.227382][T15814] loop0: detected capacity change from 0 to 256
[ 1410.497856][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1410.571064][ T7853] IPVS: stop unused estimator thread 0...
[ 1411.105422][T15822] loop0: detected capacity change from 0 to 1024
[ 1411.115184][T15822] EXT4-fs: Ignoring removed orlov option
[ 1411.120948][T15822] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1411.424642][T15822] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1411.433600][T15822] System zones: 0-1, 3-36
[ 1411.455303][T15822] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1411.753710][T15211] usb 9-1: USB disconnect, device number 7
[ 1411.904341][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1411.969035][T15827] loop4: detected capacity change from 0 to 1024
[ 1412.009357][T15827] hfsplus: Unknown parameter 'ÿÿ'
[ 1412.444178][T15835] loop0: detected capacity change from 0 to 1024
[ 1412.461901][T15835] hfsplus: Unknown parameter 'ÿÿ'
[ 1413.538845][T15851] loop8: detected capacity change from 0 to 256
[ 1414.077494][T15861] loop8: detected capacity change from 0 to 1024
[ 1414.084759][T15861] EXT4-fs: Ignoring removed orlov option
[ 1414.090437][T15861] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1414.183911][T15861] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1414.192441][T15861] System zones: 0-1, 3-36
[ 1414.210618][T15861] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1414.467935][T15855] loop6: detected capacity change from 0 to 1024
[ 1414.520047][T15855] hfsplus: Unknown parameter 'ÿÿ'
[ 1414.929101][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1416.272616][T15892] loop8: detected capacity change from 0 to 2048
[ 1416.366088][T15898] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1416.620900][T15892] overlayfs: upper fs does not support tmpfile.
[ 1416.672130][T15892] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1416.712610][T15892] overlayfs: failed to set xattr on upper
[ 1416.731739][T15892] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1416.770888][T15892] overlayfs: ...falling back to index=off.
[ 1416.800188][T15892] overlayfs: ...falling back to uuid=null.
[ 1416.910712][T15892] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1416.969448][T15892] Remounting filesystem read-only
[ 1416.995444][T15892] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1417.063256][T15892] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1417.123251][T15892] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1417.148191][T15892] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1417.179549][T15892] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1417.217431][T15892] overlayfs: cleanup of 'work/#47' failed (-30)
[ 1417.276009][   T29] audit: type=1326 audit(1736398973.776:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa452385d29 code=0x7ffc0000
[ 1417.310223][   T29] audit: type=1326 audit(1736398973.786:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa452385d29 code=0x7ffc0000
[ 1417.376788][T15892] syz.8.2075 (15892) used greatest stack depth: 19856 bytes left
[ 1417.403489][   T29] audit: type=1326 audit(1736398973.806:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa452384690 code=0x7ffc0000
[ 1417.472580][T13644] NILFS (loop8): disposed unprocessed dirty file(s) when detaching log writer
[ 1417.493664][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1417.504608][   T29] audit: type=1326 audit(1736398973.806:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa452387557 code=0x7ffc0000
[ 1417.615528][   T29] audit: type=1326 audit(1736398973.806:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa452385d29 code=0x7ffc0000
[ 1417.703809][   T29] audit: type=1326 audit(1736398973.806:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa452387557 code=0x7ffc0000
[ 1417.781890][   T29] audit: type=1326 audit(1736398973.806:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa45238498a code=0x7ffc0000
[ 1417.862632][   T29] audit: type=1326 audit(1736398973.806:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa452385d29 code=0x7ffc0000
[ 1417.960614][T15933] loop4: detected capacity change from 0 to 1024
[ 1417.971042][   T29] audit: type=1326 audit(1736398973.806:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa452385d29 code=0x7ffc0000
[ 1417.979261][T15933] hfsplus: Unknown parameter 'ÿÿ'
[ 1418.070820][   T29] audit: type=1326 audit(1736398973.816:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15911 comm="syz.4.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa452385d29 code=0x7ffc0000
[ 1418.502729][T15947] loop0: detected capacity change from 0 to 1024
[ 1418.530819][T15947] EXT4-fs: Ignoring removed orlov option
[ 1418.563174][T15947] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1418.631159][T15947] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c118, mo2=0002]
[ 1418.697128][T15947] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1418.963832][T15965] loop8: detected capacity change from 0 to 256
[ 1419.282761][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1419.518941][T15971] loop8: detected capacity change from 0 to 1024
[ 1419.528988][T15971] EXT4-fs: Ignoring removed orlov option
[ 1419.534979][T15971] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1419.968233][T15971] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1419.977095][T15971] System zones: 0-1, 3-36
[ 1419.997133][T15971] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1420.389345][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1420.545689][T15977] loop0: detected capacity change from 0 to 1024
[ 1420.583939][T15977] hfsplus: Unknown parameter 'ÿÿ'
[ 1420.773994][T15987] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2097'.
[ 1421.502218][T15996] loop8: detected capacity change from 0 to 1024
[ 1421.543964][T15996] hfsplus: Unknown parameter 'ÿÿ'
[ 1423.724735][T16038] loop7: detected capacity change from 0 to 256
[ 1423.830508][T16038] exFAT-fs (loop7): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[ 1424.123126][ T5893] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1424.303001][ T5893] usb 5-1: Using ep0 maxpacket: 16
[ 1424.321787][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1424.689110][ T9186] Bluetooth: hci4: command 0x0406 tx timeout
[ 1425.035144][ T5893] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1425.047473][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1425.056422][ T5893] usb 5-1: Product: syz
[ 1425.060630][ T5893] usb 5-1: Manufacturer: syz
[ 1425.065334][ T5893] usb 5-1: SerialNumber: syz
[ 1425.083149][ T5893] usb 5-1: config 0 descriptor??
[ 1425.103863][ T5893] hub 5-1:0.0: bad descriptor, ignoring hub
[ 1425.109851][ T5893] hub 5-1:0.0: probe with driver hub failed with error -5
[ 1425.145175][ T5893] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input13
[ 1425.417663][T11977] usb 5-1: USB disconnect, device number 17
[ 1425.437983][T16069] loop0: detected capacity change from 0 to 256
[ 1425.959398][T16078] loop0: detected capacity change from 0 to 1024
[ 1425.969664][T16078] EXT4-fs: Ignoring removed orlov option
[ 1425.975543][T16078] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1426.097222][T16078] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1426.105917][T16078] System zones: 0-1, 3-36
[ 1426.128864][T16078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1426.661538][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1426.913275][T16086] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2111'.
[ 1427.660032][T16092] loop8: detected capacity change from 0 to 1024
[ 1427.689123][T16092] hfsplus: Unknown parameter 'ÿÿ'
[ 1427.728739][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1427.735483][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1428.173797][T16098] loop7: detected capacity change from 0 to 2048
[ 1428.252567][T16098] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1428.321207][T16104] loop0: detected capacity change from 0 to 1024
[ 1428.375287][T16104] hfsplus: Unknown parameter 'ÿÿ'
[ 1428.707303][T13595] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1428.721569][T16108] loop6: detected capacity change from 0 to 1024
[ 1428.782560][T16108] hfsplus: Unknown parameter 'ÿÿ'
[ 1429.134352][T13595] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1429.151710][T13595] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1429.162029][T13595] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1429.171139][T13595] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[ 1429.182994][T13595] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1429.223261][T13595] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 17911, setting to 1024
[ 1429.287557][T13595] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1429.356199][T13595] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1429.400213][T13595] usb 5-1: Product: syz
[ 1429.424361][T13595] usb 5-1: Manufacturer: syz
[ 1429.488219][T16102] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1429.557739][T13595] cdc_wdm 5-1:1.0: skipping garbage
[ 1429.602806][T13595] cdc_wdm 5-1:1.0: skipping garbage
[ 1429.633479][T13595] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1429.639456][T13595] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1430.025398][T11306] usb 5-1: USB disconnect, device number 18
[ 1433.425722][T16162] loop7: detected capacity change from 0 to 1024
[ 1433.472244][T16162] hfsplus: Unknown parameter 'ÿÿ'
[ 1433.809649][T16164] loop8: detected capacity change from 0 to 1024
[ 1433.858191][T16164] hfsplus: Unknown parameter 'ÿÿ'
[ 1433.867531][T16166] loop0: detected capacity change from 0 to 256
[ 1434.273437][T16169] loop6: detected capacity change from 0 to 40427
[ 1434.281276][T16169] F2FS-fs (loop6): build fault injection attr: rate: 0, type: 0x7
[ 1434.293848][T16169] F2FS-fs (loop6): invalid crc value
[ 1434.329095][T16169] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1434.593057][T16169] F2FS-fs (loop6): Start checkpoint disabled!
[ 1434.614316][T16169] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[ 1434.750562][T16177] loop0: detected capacity change from 0 to 1024
[ 1434.760987][T16177] EXT4-fs: Ignoring removed orlov option
[ 1434.766930][T16177] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1435.568356][T16177] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1435.576712][T16177] System zones: 0-1, 3-36
[ 1435.603634][T16177] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1435.918615][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1436.505895][ T3438] kworker/u8:7: attempt to access beyond end of device
[ 1436.505895][ T3438] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 1436.563088][ T3438] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1436.572477][ T3438] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1438.814629][T16205] loop8: detected capacity change from 0 to 512
[ 1438.853033][T16205] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1438.892098][T16205] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1438.923213][T16205] EXT4-fs (loop8): 1 truncate cleaned up
[ 1438.930697][T16205] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1439.342041][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1441.899601][T16221] loop0: detected capacity change from 0 to 1024
[ 1441.920551][T16224] loop4: detected capacity change from 0 to 1024
[ 1441.941745][T16227] loop7: detected capacity change from 0 to 1024
[ 1441.973959][T16227] hfsplus: Unknown parameter 'ÿÿ'
[ 1441.979970][T16224] hfsplus: Unknown parameter 'ÿÿ'
[ 1441.986444][T16221] hfsplus: Unknown parameter 'ÿÿ'
[ 1443.364051][T16244] netlink: 'syz.6.2145': attribute type 1 has an invalid length.
[ 1443.523811][T16244] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1443.629877][T16246] bond1: (slave gretap1): making interface the new active one
[ 1443.683303][T16246] bond1: (slave gretap1): Enslaving as an active interface with an up link
[ 1449.638112][T16301] loop8: detected capacity change from 0 to 256
[ 1450.129310][T16306] loop8: detected capacity change from 0 to 1024
[ 1450.139349][T16306] EXT4-fs: Ignoring removed orlov option
[ 1450.145157][T16306] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1450.994529][T16306] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1451.003056][T16306] System zones: 0-1, 3-36
[ 1451.022577][T16306] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1451.323335][T16312] loop0: detected capacity change from 0 to 1024
[ 1451.355485][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1451.376060][T16312] hfsplus: Unknown parameter 'ÿÿ'
[ 1452.775526][T16338] netlink: 'syz.7.2165': attribute type 10 has an invalid length.
[ 1453.606390][T16348] loop7: detected capacity change from 0 to 1024
[ 1453.651698][T16348] hfsplus: Unknown parameter 'ÿÿ'
[ 1454.785677][T16356] loop6: detected capacity change from 0 to 256
[ 1455.273248][T16359] loop6: detected capacity change from 0 to 1024
[ 1455.284361][T16359] EXT4-fs: Ignoring removed orlov option
[ 1455.290183][T16359] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1456.081762][T16359] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1456.090175][T16359] System zones: 0-1, 3-36
[ 1456.117186][T16359] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1456.442811][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1456.859368][T16367] loop6: detected capacity change from 0 to 1024
[ 1456.928646][T16367] hfsplus: Unknown parameter 'ÿÿ'
[ 1457.056199][T16350] loop4: detected capacity change from 0 to 32768
[ 1458.014137][T16383] loop0: detected capacity change from 0 to 256
[ 1458.546002][T16389] loop0: detected capacity change from 0 to 1024
[ 1458.555799][T16389] EXT4-fs: Ignoring removed orlov option
[ 1458.561563][T16389] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1459.427100][T16389] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1459.435666][T16389] System zones: 0-1, 3-36
[ 1459.454656][T16389] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1459.759287][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1460.388262][T16401] loop0: detected capacity change from 0 to 128
[ 1460.551943][T16403] syz.0.2176: attempt to access beyond end of device
[ 1460.551943][T16403] loop0: rw=2049, sector=145, nr_sectors = 88 limit=128
[ 1460.821600][T16407] loop6: detected capacity change from 0 to 1024
[ 1460.828964][T16407] hfsplus: Unknown parameter 'ÿÿ'
[ 1461.583761][T16421] loop0: detected capacity change from 0 to 256
[ 1461.980749][T16424] loop0: detected capacity change from 0 to 1024
[ 1461.988135][T16424] EXT4-fs: Ignoring removed orlov option
[ 1461.993874][T16424] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1462.996701][T16424] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1463.005349][T16424] System zones: 0-1, 3-36
[ 1463.022194][T16424] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1463.291475][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1463.728615][T16440] loop8: detected capacity change from 0 to 1024
[ 1463.766662][T16440] hfsplus: Unknown parameter 'ÿÿ'
[ 1463.853229][ T5893] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 1464.093157][ T5893] usb 1-1: Using ep0 maxpacket: 8
[ 1464.131344][ T5893] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1464.214336][T16447] loop4: detected capacity change from 0 to 256
[ 1464.232498][ T5893] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1464.282982][ T5893] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1464.524262][ T5893] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1464.538333][ T5893] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1464.552990][ T5893] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1464.766834][T16451] loop4: detected capacity change from 0 to 1024
[ 1464.778053][T16451] EXT4-fs: Ignoring removed orlov option
[ 1464.783898][T16451] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1465.552759][ T5893] usb 1-1: GET_CAPABILITIES returned 0
[ 1465.561167][T16451] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1465.569912][T16451] System zones: 0-1, 3-36
[ 1465.596121][T16451] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1465.626333][ T5893] usbtmc 1-1:16.0: can't read capabilities
[ 1465.889046][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1465.904613][T16458] loop6: detected capacity change from 0 to 256
[ 1466.010709][ T5885] usb 1-1: USB disconnect, device number 6
[ 1466.429054][T16463] loop6: detected capacity change from 0 to 1024
[ 1466.439059][T16463] EXT4-fs: Ignoring removed orlov option
[ 1466.445013][T16463] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1467.254541][T16463] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1467.262791][T16463] System zones: 0-1, 3-36
[ 1467.280078][T16463] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1467.521404][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1468.344676][T16479] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1468.354037][T16479] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1468.362817][T16479] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1468.371905][T16479] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1468.391605][T16481] syz.4.2198[16481] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1468.391711][T16481] syz.4.2198[16481] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1468.421210][T16481] syz.4.2198[16481] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1468.683872][T16484] syz.4.2198[16484] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1468.729268][T16484] syz.4.2198[16484] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1468.743245][T16479] vxlan0: entered promiscuous mode
[ 1468.769336][T16484] syz.4.2198[16484] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1468.796296][T16479] vxlan0: entered allmulticast mode
[ 1468.943358][T16479] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1468.952493][T16479] netdevsim netdevsim8 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1468.961561][T16479] netdevsim netdevsim8 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1468.970525][T16479] netdevsim netdevsim8 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1469.077925][T16492] loop4: detected capacity change from 0 to 256
[ 1469.587566][T16496] loop4: detected capacity change from 0 to 1024
[ 1469.598004][T16496] EXT4-fs: Ignoring removed orlov option
[ 1469.603858][T16496] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1469.752606][T16496] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1469.761305][T16496] System zones: 0-1, 3-36
[ 1469.783405][T16496] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1470.278350][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1470.617012][T16501] dccp_close: ABORT with 136 bytes unread
[ 1470.769856][T16511] loop8: detected capacity change from 0 to 1024
[ 1470.803955][T16511] hfsplus: Unknown parameter 'ÿÿ'
[ 1470.969199][T16517] loop4: detected capacity change from 0 to 1024
[ 1470.997262][T16517] hfsplus: Unknown parameter 'ÿÿ'
[ 1471.593013][T16528] bond0: entered promiscuous mode
[ 1471.603289][T16528] bond_slave_0: entered promiscuous mode
[ 1471.643083][T16528] bond_slave_1: entered promiscuous mode
[ 1471.715995][T16533] bond0: (slave macvlan2): Error -98 calling set_mac_address
[ 1472.465605][T16527] bond0: left promiscuous mode
[ 1472.470947][T16527] bond_slave_0: left promiscuous mode
[ 1472.559948][T16527] bond_slave_1: left promiscuous mode
[ 1474.265264][T16567] loop7: detected capacity change from 0 to 256
[ 1474.887555][T16572] loop7: detected capacity change from 0 to 1024
[ 1474.897353][T16572] EXT4-fs: Ignoring removed orlov option
[ 1474.903197][T16572] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1475.738137][T16572] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1475.746402][T16572] System zones: 0-1, 3-36
[ 1475.756663][T16572] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1476.033819][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1476.554865][T16583] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2220'.
[ 1476.767938][T16587] netlink: 'syz.7.2220': attribute type 2 has an invalid length.
[ 1477.498279][T16591] netlink: 76 bytes leftover after parsing attributes in process `syz.7.2222'.
[ 1479.275037][T16607] loop4: detected capacity change from 0 to 256
[ 1479.286441][T16603] loop6: detected capacity change from 0 to 1024
[ 1479.322356][T16603] hfsplus: Unknown parameter 'ÿÿ'
[ 1479.361935][T16607] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[ 1480.639739][T16625] loop8: detected capacity change from 0 to 1024
[ 1480.642456][T16626] loop4: detected capacity change from 0 to 256
[ 1480.673898][T16625] hfsplus: Unknown parameter 'ÿÿ'
[ 1480.739783][T16630] loop0: detected capacity change from 0 to 256
[ 1483.541966][T16632] loop4: detected capacity change from 0 to 1024
[ 1483.563033][T16632] EXT4-fs: Ignoring removed orlov option
[ 1483.569154][T16632] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1483.683617][T16636] loop0: detected capacity change from 0 to 1024
[ 1483.694167][T16636] EXT4-fs: Ignoring removed orlov option
[ 1483.699936][T16636] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1483.909320][T16632] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1483.918199][T16632] System zones: 0-1, 3-36
[ 1483.926851][T16632] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1483.935692][T16636] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1483.947726][T16636] System zones: 0-1, 3-36
[ 1483.956371][T16636] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1484.264185][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1484.297214][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1485.642191][T16662] loop6: detected capacity change from 0 to 1024
[ 1485.715538][T16662] hfsplus: Unknown parameter 'ÿÿ'
[ 1486.579042][T16690] loop4: detected capacity change from 0 to 256
[ 1486.849087][T16698] loop8: detected capacity change from 0 to 256
[ 1487.132472][T16700] loop4: detected capacity change from 0 to 1024
[ 1487.142584][T16700] EXT4-fs: Ignoring removed orlov option
[ 1487.148421][T16700] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1487.265262][T16700] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1487.274395][T16700] System zones: 0-1, 3-36
[ 1489.844744][T16700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1489.853594][T16703] loop8: detected capacity change from 0 to 1024
[ 1489.863670][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1489.863755][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1489.878157][T16703] EXT4-fs: Ignoring removed orlov option
[ 1489.884048][T16703] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1490.015097][T16703] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1490.023451][T16703] System zones: 0-1, 3-36
[ 1490.030194][T16703] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1490.123658][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1490.343715][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1490.436486][T16713] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2253'.
[ 1490.713601][T16720] loop4: detected capacity change from 0 to 1024
[ 1490.804684][T16720] hfsplus: Unknown parameter 'ÿÿ'
[ 1494.424581][T16754] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2262'.
[ 1496.495872][T16769] loop8: detected capacity change from 0 to 256
[ 1496.649427][T16772] loop6: detected capacity change from 0 to 1024
[ 1496.914361][T16772] hfsplus: Unknown parameter 'ÿÿ'
[ 1497.063206][T16776] loop8: detected capacity change from 0 to 1024
[ 1497.073320][T16776] EXT4-fs: Ignoring removed orlov option
[ 1497.079090][T16776] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1497.209221][T16776] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1497.218027][T16776] System zones: 0-1, 3-36
[ 1499.799068][T16776] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1500.132394][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1501.217361][T16806] binder: 16802:16806 unknown command 0
[ 1501.335219][T16806] binder: 16802:16806 ioctl c0306201 200001c0 returned -22
[ 1502.409090][T16818] loop0: detected capacity change from 0 to 1024
[ 1502.456948][T16818] hfsplus: Unknown parameter 'ÿÿ'
[ 1503.365040][T16827] vlan2: entered allmulticast mode
[ 1507.224659][T16848] loop7: detected capacity change from 0 to 256
[ 1507.350691][T16852] loop6: detected capacity change from 0 to 1024
[ 1507.666119][T16852] EXT4-fs: Ignoring removed orlov option
[ 1507.860525][T16859] loop7: detected capacity change from 0 to 1024
[ 1507.871247][T16859] EXT4-fs: Ignoring removed orlov option
[ 1507.877174][T16859] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1508.653958][T16852] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1508.709944][T16859] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1508.718237][T16859] System zones: 0-1, 3-36
[ 1508.727893][T16859] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1508.777298][T16852] EXT4-fs (loop6): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 1508.936945][T16852] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1509.052058][ T6937] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1509.811177][T12914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1509.861322][T16876] syzkaller1: entered promiscuous mode
[ 1509.906456][T16876] syzkaller1: entered allmulticast mode
[ 1510.082155][T16878] loop4: detected capacity change from 0 to 64
[ 1512.577490][T16904] syz.4.2296[16904] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1512.577636][T16904] syz.4.2296[16904] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1512.988733][T16898] syz.4.2296[16898] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1513.035243][T16904] syz.4.2296[16904] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1513.073291][T16898] syz.4.2296[16898] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1513.118096][T16903] loop8: detected capacity change from 0 to 1024
[ 1513.203115][T16898] syz.4.2296[16898] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1513.364996][T16903] hfsplus: Unknown parameter 'ÿÿ'
[ 1514.315782][T16915] loop0: detected capacity change from 0 to 256
[ 1514.426431][T16918] can0: slcan on ptm0.
[ 1514.917134][T16923] loop0: detected capacity change from 0 to 1024
[ 1514.927465][T16923] EXT4-fs: Ignoring removed orlov option
[ 1514.933450][T16923] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1515.746821][T16923] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1515.755555][T16923] System zones: 0-1, 3-36
[ 1515.779835][T16923] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1516.114091][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1516.553861][T16916] can0 (unregistered): slcan off ptm0.
[ 1516.947236][T16932] loop0: detected capacity change from 0 to 1024
[ 1516.999083][T16932] EXT4-fs: Ignoring removed orlov option
[ 1517.086210][T16932] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1517.139219][T16932] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 1517.414677][T16932] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1518.670976][T16957] loop7: detected capacity change from 0 to 1024
[ 1518.687070][T16957] hfsplus: Unknown parameter 'ÿÿ'
[ 1518.706827][T12947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1518.922516][T16959] netlink: 'syz.9.2311': attribute type 4 has an invalid length.
[ 1518.994668][T16960] netlink: 'syz.9.2311': attribute type 4 has an invalid length.
[ 1521.745912][T16981] loop4: detected capacity change from 0 to 256
[ 1523.422204][T16994] loop4: detected capacity change from 0 to 1024
[ 1523.432202][T16994] EXT4-fs: Ignoring removed orlov option
[ 1523.438077][T16994] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1524.287480][T16994] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1524.295845][T16994] System zones: 0-1, 3-36
[ 1524.333059][T16994] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1524.437672][T16991] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1524.506380][T17000] loop0: detected capacity change from 0 to 1024
[ 1524.533759][T17000] hfsplus: Unknown parameter 'ÿÿ'
[ 1524.624092][T11568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1524.717350][T17008] netlink: 40 bytes leftover after parsing attributes in process `syz.8.2322'.
[ 1526.247985][T16991] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.536787][T17016] loop6: detected capacity change from 0 to 40427
[ 1526.564189][T17016] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x1fffff
[ 1526.572683][T17016] F2FS-fs (loop6): Image doesn't support compression
[ 1526.579512][T17016] F2FS-fs (loop6): Image doesn't support compression
[ 1526.586314][T17016] F2FS-fs (loop6): build fault injection attr: rate: 0, type: 0x4
[ 1526.588738][T17018] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2324'.
[ 1526.613261][T17016] F2FS-fs (loop6): invalid crc value
[ 1526.641929][T17016] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1526.703565][T17025] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2324'.
[ 1526.713160][T17016] F2FS-fs (loop6): Start checkpoint disabled!
[ 1526.730973][T17016] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[ 1529.104669][T16991] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1529.341952][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1529.341952][ T3405] loop6: rw=1, sector=77824, nr_sectors = 2048 limit=40427
[ 1529.462715][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1529.462715][ T3405] loop6: rw=1, sector=79872, nr_sectors = 2048 limit=40427
[ 1529.483214][T11977] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1529.542446][T16991] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1529.558994][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1529.558994][ T3405] loop6: rw=1, sector=49152, nr_sectors = 4096 limit=40427
[ 1529.676611][T11977] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1529.697126][T11977] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1529.733204][T17049] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1529.734542][T11977] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1529.770468][T17049] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1529.782981][T11977] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1529.791921][T17054] block nbd8: NBD_DISCONNECT
[ 1529.816260][T17054] block nbd8: Disconnected due to user request.
[ 1529.824004][T11977] usb 5-1: SerialNumber: syz
[ 1529.847305][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1529.847305][ T3405] loop6: rw=1, sector=57344, nr_sectors = 12112 limit=40427
[ 1529.878991][T17054] block nbd8: shutting down sockets
[ 1529.937121][T16991] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.983578][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1529.983578][ T3405] loop6: rw=1, sector=69456, nr_sectors = 176 limit=40427
[ 1530.007794][T16991] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1530.055269][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1530.055269][ T3405] loop6: rw=1, sector=69632, nr_sectors = 8 limit=40427
[ 1530.071658][T16991] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1530.099778][T11977] usb 5-1: 0:2 : does not exist
[ 1530.109721][T16991] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1530.119018][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1530.119018][ T3405] loop6: rw=1, sector=69640, nr_sectors = 8 limit=40427
[ 1530.144505][T11977] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[ 1530.163695][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1530.163695][ T3405] loop6: rw=1, sector=69648, nr_sectors = 8 limit=40427
[ 1530.208355][T11977] usb 5-1: USB disconnect, device number 19
[ 1530.223155][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1530.223155][ T3405] loop6: rw=1, sector=69656, nr_sectors = 8 limit=40427
[ 1530.276992][ T3405] kworker/u8:6: attempt to access beyond end of device
[ 1530.276992][ T3405] loop6: rw=1, sector=69664, nr_sectors = 8 limit=40427
[ 1530.363792][T17061] loop8: detected capacity change from 0 to 256
[ 1530.878853][T17069] loop8: detected capacity change from 0 to 1024
[ 1530.889106][T17069] EXT4-fs: Ignoring removed orlov option
[ 1530.894944][T17069] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1531.028378][T17069] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[ 1531.037278][T17069] System zones: 0-1, 3-36
[ 1531.082633][T17069] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1531.490157][   T29] kauditd_printk_skb: 19 callbacks suppressed
[ 1531.490186][   T29] audit: type=1800 audit(1736399087.996:125): pid=17074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2340" name="/" dev="9p" ino=2 res=0 errno=0
[ 1531.583747][T17074] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI
[ 1531.596583][T17074] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[ 1531.596778][T13644] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1531.604997][T17074] CPU: 0 UID: 0 PID: 17074 Comm: syz.0.2340 Not tainted 6.13.0-rc6-syzkaller-00046-g0b7958fa05d5 #0
[ 1531.605050][T17074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1531.605075][T17074] RIP: 0010:iter_file_splice_write+0xa2d/0x10b0
[ 1531.605147][T17074] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 b1 04 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 1a 05 00 00 49 8b 54 24 08 4c 89 ee 4c 89 ff 83
[ 1531.605188][T17074] RSP: 0018:ffffc9000ce5f938 EFLAGS: 00010212
[ 1531.666852][T17074] RAX: 00000000000012c6 RBX: dffffc0000000000 RCX: ffffc9002300e000
[ 1531.674853][T17074] RDX: 0000000000000001 RSI: ffffffff821dc2c5 RDI: 0000000000000008
[ 1531.682848][T17074] RBP: 0000000000000001 R08: 0000000000000006 R09: 0000000000000000
[ 1531.690840][T17074] R10: 7ffffffffffffffe R11: 0000000000000000 R12: 0000000000000000
[ 1531.698834][T17074] R13: ffff88806ea77828 R14: 7ffffffffffffffe R15: ffff88807a7f3800
[ 1531.706834][T17074] FS:  00007f1e125c26c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1531.715792][T17074] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1531.722405][T17074] CR2: 00007ffcabb3dff8 CR3: 0000000067050000 CR4: 0000000000350ef0
[ 1531.730398][T17074] Call Trace:
[ 1531.733687][T17074]  <TASK>
[ 1531.736628][T17074]  ? die_addr+0x3b/0xa0
[ 1531.740833][T17074]  ? exc_general_protection+0x155/0x230
[ 1531.746418][T17074]  ? asm_exc_general_protection+0x26/0x30
[ 1531.752192][T17074]  ? iter_file_splice_write+0x9f5/0x10b0
[ 1531.757870][T17074]  ? iter_file_splice_write+0xa2d/0x10b0
[ 1531.763551][T17074]  ? iter_file_splice_write+0x9f5/0x10b0
[ 1531.769237][T17074]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1531.774894][T17074]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1531.780833][T17074]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1531.786495][T17074]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1531.792165][T17074]  ? splice_direct_to_actor+0x349/0xa40
[ 1531.797756][T17074]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1531.803421][T17074]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1531.809366][T17074]  direct_splice_actor+0x192/0x6c0
[ 1531.814526][T17074]  splice_direct_to_actor+0x349/0xa40
[ 1531.819946][T17074]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1531.825627][T17074]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1531.831564][T17074]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1531.837226][T17074]  ? __fget_files+0x1fc/0x3a0
[ 1531.841953][T17074]  do_splice_direct+0x178/0x250
[ 1531.846852][T17074]  ? __pfx_do_splice_direct+0x10/0x10
[ 1531.852266][T17074]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1531.858202][T17074]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1531.863867][T17074]  do_sendfile+0xaed/0xe30
[ 1531.868327][T17074]  ? __pfx_do_sendfile+0x10/0x10
[ 1531.873308][T17074]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1531.878967][T17074]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1531.884623][T17074]  ? __x64_sys_futex+0x1ea/0x4c0
[ 1531.889587][T17074]  __x64_sys_sendfile64+0x1da/0x220
[ 1531.894822][T17074]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1531.900571][T17074]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1531.906236][T17074]  do_syscall_64+0xcd/0x250
[ 1531.910784][T17074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1531.916748][T17074] RIP: 0033:0x7f1e11785d29
[ 1531.921194][T17074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1531.940836][T17074] RSP: 002b:00007f1e125c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1531.949279][T17074] RAX: ffffffffffffffda RBX: 00007f1e11975fa0 RCX: 00007f1e11785d29
[ 1531.957270][T17074] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[ 1531.965259][T17074] RBP: 00007f1e11801b08 R08: 0000000000000000 R09: 0000000000000000
[ 1531.973247][T17074] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1531.981247][T17074] R13: 0000000000000000 R14: 00007f1e11975fa0 R15: 00007ffe59e0b698
[ 1531.989285][T17074]  </TASK>
[ 1531.992315][T17074] Modules linked in:
[ 1531.996771][T17074] ---[ end trace 0000000000000000 ]---
[ 1532.017559][T17050] Bluetooth: hci4: command 0x0406 tx timeout
[ 1532.040285][T17074] RIP: 0010:iter_file_splice_write+0xa2d/0x10b0
[ 1532.062935][T17074] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 b1 04 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 1a 05 00 00 49 8b 54 24 08 4c 89 ee 4c 89 ff 83
[ 1532.272730][T17074] RSP: 0018:ffffc9000ce5f938 EFLAGS: 00010212
[ 1532.581359][T17074] RAX: 00000000000012c6 RBX: dffffc0000000000 RCX: ffffc9002300e000
[ 1532.658335][T17074] RDX: 0000000000000001 RSI: ffffffff821dc2c5 RDI: 0000000000000008
[ 1532.666468][T17074] RBP: 0000000000000001 R08: 0000000000000006 R09: 0000000000000000
[ 1532.674520][T17074] R10: 7ffffffffffffffe R11: 0000000000000000 R12: 0000000000000000
[ 1532.682528][T17074] R13: ffff88806ea77828 R14: 7ffffffffffffffe R15: ffff88807a7f3800
[ 1532.690695][T17074] FS:  00007f1e125c26c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1532.699757][T17074] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1532.812932][T17074] CR2: 00000000fffffc40 CR3: 0000000067050000 CR4: 0000000000350ef0
[ 1532.820999][T17074] Kernel panic - not syncing: Fatal exception
[ 1532.827347][T17074] Kernel Offset: disabled
[ 1532.831674][T17074] Rebooting in 86400 seconds..