last executing test programs:

6m12.439760014s ago: executing program 2 (id=774):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8041, 0x0)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x1, 0x0, 0x0, 0x9, "00629a7d82090100000000000000f7fffffb00"})
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x402c542c, 0x0)
readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000e00)=""/4096, 0x1000}], 0x1)

6m12.1080685s ago: executing program 4 (id=779):
r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
writev(r0, &(0x7f00000011c0)=[{&(0x7f0000000d00)="a9", 0x1}], 0x1)

6m11.401992001s ago: executing program 4 (id=781):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0, 0x0, 0x6}, 0x18)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, &(0x7f0000000080)='wg2\x00', 0x4)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r6, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_RCVMTU(r6, 0x112, 0xd, &(0x7f0000000180)=0x9, 0x2)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)

6m10.675920043s ago: executing program 2 (id=784):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002180), 0xa0002, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_GET_MP_STATE(0xffffffffffffffff, 0x8004ae98, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000040)=@gcm_128={{0x304}, "e1cacdf40bcf5620", "6b05ca9767ffd4cbdb0ad962f824fdf9", "82586325", "90f8478e11467cf3"}, 0x28)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x262)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r5, 0xc018620c, &(0x7f0000000380))
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_open_dev$MSR(0x0, 0x1, 0x0)
syz_clone(0x10000000, 0x0, 0x0, 0x0, &(0x7f0000000500), &(0x7f0000000540)="d510041de49c905352b4f52cdfb1d6530e44b4ce339ffca92d2b45d70455d41b6c7840aa4d76608b06cbedef3801255949968d0ae1fae4a748c4fa57265fccbb6119982b2fdc89978efeb466fc89c42b27f59ac1a9fde7")
getpgrp(0x0)

6m9.915958216s ago: executing program 4 (id=787):
r0 = syz_open_dev$vcsa(0x0, 0x1, 0x40102)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x40e)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000600)}}], 0x1, 0x4000000)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDGKBDIACR(r2, 0x4bfa, &(0x7f0000000100)=""/222)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
pread64(r4, &(0x7f0000002180)=""/4105, 0x137, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
close(0x3)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r6}, 0x10)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r0, 0x28, 0x6, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x8000, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x5c}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = dup3(r0, r7, 0x80000)
write$sndseq(r8, &(0x7f0000000980)=[{0x3, 0x5, 0x7, 0x1e, @tick=0x80000000, {0xff, 0x1}, {0x5, 0x21}, @time}], 0x1c)

6m8.515487958s ago: executing program 2 (id=790):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0x6, 0x5, 0xffffffd}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000140)='./bus\x00', 0x1008040, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRESDEC], 0xd3, 0x599, &(0x7f0000000b80)="$eJzs3cFvHFcZAPDvTbzOOk3abRISQgqyBBJREZHjpA7giBLqWkKKqNXEOXDCxE5qdWNHdoqSqoIcEFz4Hzj1AhKqBFyQOMCVA9wQqsQJccWgShUgEjST2Z3djcEO6429ze8nJTs7882bNyPb0vfem/cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj46qsXJ86k3a4FAAAAMEhfv/z6xGRP/j+2W5UBAAAABuKK/n8AAAAAAAAAGHYpsvh+pLhzaCMdLL4/VL+0vPLWnfmZ2c1PG0vFmfuK+Pxf/czk2XMvTZ3/Quvzf5+/007Ea5evXBx/ZfXmrbWl9fWlxfH5leVrq4tL2y6h3/N7vVg8gPGbb761eP36+vjk6bNdh+80/rL/mWON6S++evRSK3Z+Znb2ckfMSO3/vvojjPAAAAB4uo1GFucixZWTP02HIiKL/nPhLdoOBm0sGnn+XdzE/MxscSPN5YWV2/nBuVYi3OjOiUdbOfITyMX70og4nNd1VEYPAADA9tUii09FihP3N9KzEbGvlQd/rpgYcOsCGk+gkpsYiYgjEXEqhiBnBwAAgF22P7J4PVL8qtmI58q8usj/vxIxvduVAwAAAHbESGRxPlJ8ML2RGsV4gIh4cX5mdvzS1fGvrVxf7YidS2WP+rC/H/AkGZsAAADAHlCPLA4VPf4b6fnHPvsfDx48GEi1AAAAgB00Fln8M1J89uVvF/PKRTEv/XPTXzp4YbZzhrnjW5STx56OiJPbfCe/Vs41OJfmUsoeKe3ejtwcAAAAUKinLP4cKT78Y734fqrMzdPIbtcMAAAA2DEpi+9Fii/PbaTUsy79vo71/duG/d3/wdZ/rP7K6q27a8s33ri96fED9YvfWr+9tnBt88MP1y7sGg6x1TqGAAAAsA21lMXfI8Vvm++1885yDYByBECVaL57ocpN66nnaNFu8GzRbtB+h+CZycnO7U1T1seYH69RXndf/7cNAAAAT5WUshiNFJ/5zcfLtf8PxCN90GXc7yLFhdUXyrhsNBrVXPqN4v/69eXm0kQeOxMpft5sxUYeG/vL2CNV7Jk89td5uQvdsfUy9mgRGnnsZB57P1K8sbZ57Meqcs/msWuR4ic/Gm/FHshjD5axx6rY09dWm4sDe8AAAACwB9RSFr+IFD/813j7lf/u/v+qt/3dd6r+/kcm6Psvff799v83OvbdK9sh9pftFSNbtFe8FilOPP9C636KtoLWsIKHax1U7RV/ixRr3+iOHS1jD1exZ7b9YAEAAGAPaY3///3VX7aH3Jc5cPl18/z/E73zAw4o/+9ckzC/5vrdt99caDaX1oZp47sR0bUn7ZGK2XisjfyHcA9UY2c2yl+qe3ulPv1u9PVnEAAAngp5/n81Utz54P12f3eZ/5dD5av8/8PvVPn/dG9BA8r/D3fsmy7nG6iNRNRv37xVOx5RX7/79ueXby7cWLqxtHJ26qWpiamp8+cma6Otzv1qq+9nBQAAAMMqz/8nIsVff/Dj9vv52+n/P9Bb0IDy/yMd+/JrVp1++Z4/9Xv7AAAA8FTI8/+fRYo/nHyvPY9ed/7fMf//O9V79qc+/XC0QLt1YED5/9GOfY3iulFNOggAAAAAAAAAAAAAAAAAAAAfEbWUxb8jxfv1kVRO+L+t+f8Wewsa0Pv/xzr2LcaTWf+v74cKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQyqLLJYjxSePb6SX8x3fjDjY+QkAAAAMvf8EAAD//1T3HVY=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
socket$igmp6(0xa, 0x3, 0x2)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000300)=0x3341, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r4)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r6, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r5, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000b40), r7)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000040)={'wpan0\x00', <r9=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r7, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x20, r8, 0x786b6295d7f1977, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}, @NL802154_ATTR_SEC_DEVKEY={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x18001}, 0x40040)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, 0x0)

6m8.43371779s ago: executing program 4 (id=791):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)

6m7.283930139s ago: executing program 4 (id=793):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40046f41, &(0x7f0000000440)=0x1f)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001380)={{}, &(0x7f0000001300), 0x0}, 0x20)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000013c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xf, '\x00', 0x0, r1, 0x3, 0x2, 0x4}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_ext={0x1c, 0xf, &(0x7f0000001100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff949c}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x4, 0x17, &(0x7f00000011c0)=""/23, 0x41000, 0x62, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000012c0)={0x3, 0xc, 0x10000, 0x10000}, 0x10, 0x274f8, r0, 0x4, &(0x7f0000001440)=[0xffffffffffffffff, r5], &(0x7f0000001480)=[{0x3, 0x2, 0x10, 0xa}, {0x3, 0x3, 0x2, 0x2}, {0x2, 0x1, 0x0, 0xc}, {0x0, 0x5, 0xf, 0x3}], 0x10, 0x8}, 0x94)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x1)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r6, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x2, {0x4, 0x1}, 0x3, 0x800})
mkdir(0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000020000000000f4000400000000000000"], 0x1c, 0x1)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$key(0xf, 0x3, 0x2)
getsockopt$bt_hci(r7, 0x84, 0x7f, 0x0, &(0x7f0000000000))

6m6.715238448s ago: executing program 1 (id=795):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8041, 0x0)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x1, 0x0, 0x0, 0x9, "00629a7d82090100000000000000f7fffffb00"})
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x402c542c, 0x0)
readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000e00)=""/4096, 0x1000}], 0x1)

6m5.594052507s ago: executing program 1 (id=796):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000038c0)='/proc/consoles\x00', 0x0, 0x0)
read$hiddev(r0, &(0x7f00000000c0)=""/4092, 0xffc)
r1 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
mkdir(0x0, 0x101)
syz_usb_control_io$hid(r1, &(0x7f0000000240)={0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)

6m5.535546677s ago: executing program 2 (id=797):
mknod$loop(0x0, 0x2041, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000020000000200000004000000000000002415591ebc4de0aab9f80090180500608793f2bbaef3ccb711b50b959a7402e681f4ac", @ANYRES32, @ANYBLOB='\x00'/13, @ANYRES32, @ANYBLOB='\x00'/20], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x7, 0x8000}, 0x50)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000bc0)={0xffffffffffffffff, 0xfffffffffffffe08, 0x0}, 0x10)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x555)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280), 0x0)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f00000001c0)={@hyper})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r2, 0x7a5, &(0x7f00000000c0)={{@host, 0x4}, 0x1, 0x0, 0xfffffffd})

6m5.535032227s ago: executing program 4 (id=798):
pipe2(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x60680, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x4e1, &(0x7f0000000100)={0x0, 0x1ffffd, 0x10100, 0xfffffffe, 0x9}, 0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r4, 0x468b, 0xfb96, 0x0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x110003)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5})
setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, 0x0, 0x0)

6m5.235395132s ago: executing program 2 (id=799):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_clone(0x25888200, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo(r3, 0x9, &(0x7f000000df80)={0x0, 0x0, 0xffffffc0})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
truncate(&(0x7f0000000100)='./file0/file0\x00', 0x5)

6m4.504416455s ago: executing program 2 (id=800):
mknod$loop(0x0, 0x2041, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYBLOB='\x00'/17, @ANYRES32, @ANYBLOB='\x00'/20], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x7, 0x8000}, 0x50)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000bc0)={0xffffffffffffffff, 0xfffffffffffffe08, 0x0}, 0x10)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x555)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280), 0x0)
r4 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f00000001c0)={@hyper})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r4, 0x7a5, &(0x7f00000000c0)={{@host, 0x4}, 0x1, 0x0, 0xfffffffd})

6m4.372179346s ago: executing program 1 (id=801):
r0 = syz_open_dev$vcsa(0x0, 0x1, 0x40102)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x40e)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000600)}}], 0x1, 0x4000000)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDGKBDIACR(r2, 0x4bfa, &(0x7f0000000100)=""/222)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
pread64(r4, &(0x7f0000002180)=""/4105, 0x137, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
close(0x3)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r6}, 0x10)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r0, 0x28, 0x6, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x8000, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x5c}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = dup3(r0, r7, 0x80000)
write$sndseq(r8, &(0x7f0000000980)=[{0x3, 0x5, 0x7, 0x1e, @tick=0x80000000, {0xff, 0x1}, {0x5, 0x21}, @time}], 0x1c)

6m4.015631152s ago: executing program 1 (id=802):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = socket(0x15, 0x5, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @empty=0xffffffff}, 0xc00000}, 0x1c)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
ioctl$VIDIOC_LOG_STATUS(r2, 0x5646, 0x0)
preadv(r2, 0x0, 0x0, 0x6, 0x0)
ioctl$F2FS_IOC_DECOMPRESS_FILE(r2, 0xf517, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/mem_sleep', 0x4200, 0x128)
mount(0x0, 0x0, &(0x7f00000000c0)='efs\x00', 0x208000, 0x0)
syz_io_uring_setup(0x10c, 0x0, 0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r3 = dup(0xffffffffffffffff)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22c4a65c05}, 0x20008040)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000080)={0x1})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000002200)={0x0, 0x0, &(0x7f00000021c0)={&(0x7f0000000200)={0x44, r5, 0x1, 0x70bd29, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}]}, 0x44}}, 0x0)

6m3.884644245s ago: executing program 1 (id=804):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000e1"])

6m3.448204322s ago: executing program 1 (id=805):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x44})
readv(r1, &(0x7f0000002140)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)

5m16.683056798s ago: executing program 32 (id=789):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f0000000340)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0xe}, {&(0x7f0000000740)="1cde94a0c669a3936f0b346530806b33fd9c37f34f204dbe", 0x18}], 0x2)

5m16.610035679s ago: executing program 33 (id=803):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=<r1=>0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x1, 0x60bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x4f24c}, [@IFLA_NET_NS_PID={0x8, 0x13, r1}]}, 0x28}, 0x1, 0x0, 0x0, 0x48051}, 0xc0)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
pipe2(0x0, 0x800)
write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000001440)=ANY=[], 0xffffff6a)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r3, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r4, @ANYBLOB], 0xd0}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x0, 0x0})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000040)={0x4, r6})
read$FUSE(0xffffffffffffffff, &(0x7f00000030c0)={0x2020}, 0x2020)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)

5m16.516281881s ago: executing program 34 (id=805):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x44})
readv(r1, &(0x7f0000002140)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)

5m16.371070003s ago: executing program 35 (id=800):
mknod$loop(0x0, 0x2041, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYBLOB='\x00'/17, @ANYRES32, @ANYBLOB='\x00'/20], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x7, 0x8000}, 0x50)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000bc0)={0xffffffffffffffff, 0xfffffffffffffe08, 0x0}, 0x10)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x555)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280), 0x0)
r4 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f00000001c0)={@hyper})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r4, 0x7a5, &(0x7f00000000c0)={{@host, 0x4}, 0x1, 0x0, 0xfffffffd})

5m15.790997933s ago: executing program 36 (id=798):
pipe2(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x60680, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x4e1, &(0x7f0000000100)={0x0, 0x1ffffd, 0x10100, 0xfffffffe, 0x9}, 0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r4, 0x468b, 0xfb96, 0x0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x110003)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5})
setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, 0x0, 0x0)

4m40.62507037s ago: executing program 5 (id=846):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5a20}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x34, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x27}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xb9}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x8}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xc0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

4m36.837313052s ago: executing program 5 (id=852):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000000)=0x2, 0x12)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r1, &(0x7f00000005c0)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47b07c7d], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000]}, 0x45c)
r2 = dup(r1)
ioctl$UI_DEV_CREATE(r2, 0x5501)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x3)
syz_80211_inject_frame(&(0x7f0000000840), 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000200)={0x28, 0x0, 0x0, @host}, 0x10)
r3 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r3, 0x0, 0x0)
gettid()
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
read$ptp(r4, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

4m35.024924591s ago: executing program 5 (id=854):
socket$unix(0x1, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0x5, 0xfff2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x5, 0xa}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$key(0xf, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
read(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x12, 0x10, &(0x7f00000007c0)=ANY=[@ANYRESDEC=r1, @ANYBLOB="0000000000000000b704000001000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xa3, 0x7400)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
socket$xdp(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x12, 0x2, 0x8, 0xd0eb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x1)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)
readv(r6, &(0x7f00000001c0)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1)
ioctl$UFFDIO_WAKE(r6, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000ffb000/0x3000)=nil, 0x3000})

4m32.401401864s ago: executing program 5 (id=859):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40041, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xb7)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
setrlimit(0x8, &(0x7f0000000b00)={0x6, 0x5})
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000009c0)={'batadv_slave_1\x00'})
rt_sigaction(0x3d, &(0x7f0000000740)={0x0, 0x4000007, 0x0, {[0x2]}}, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='iocharset=macgaelic,iocharset=koi8-u,nonumtail=0,iocharset=cp437\x00\x00'], 0x1, 0x257, &(0x7f0000000840)="$eJzs2s9rHGUYB/BnYn+kKemuWJUWxBc9qJehydlDg7QoBhRNhCpIp2ZSl4zZkFkCK2Jz0qt/gkcRj94E6dFLLv4FIt5yybGH4ki6qc2uQdSS7mI/n8PuA+/73X3enWF4Drv76lefrK3W+WrRi6ksi6nLsX3qThbtmIr7tuOVl6799Ny7195/c2Fx8co7KV1dWJqbTymde/7HDz777oXbvbPvfX/uh9Ox0/5wd2/+t51ndi7s/r70cadOnTqtd3upSDe63V5xoyrTSqdey1N6uyqLukyd9brcHFpfrbobG/1UrK/MzmxslnWdirtNWiv7qddNvc1+Km4WnfWU53manQkexvK3d5om9pqT16NpmjNfx9nbMftLtCJ7MmVPXc6evp49u51d2Gua1rhb5Vi4/o+3Qw/16Yjqy63lreXB+2B9YTU6UUUZl6IVd2P/Nmmm91+aQX31jcUrl9I97fiiunWQv7W1/MRwfi5a0R5kmpH83CCfhvOnY+Zwfj5acf7o/PyR+el4+cVD+Txa8fNH0Y0qVmI/+yD/+VxKr721OJK/eG8fAMD/TZ7+dOT8lucj69MHwb+ZD0fns4P58OTw55+IiyfGd24G6v6na0VVlZuPS3H/4I/sS1+/+Y82/3p+Mn6fYy1Ojd51UxPS2LEUZ2Ii2viPxfieSTw6Dy76uDsBAAAAAAAAAADg33iYfwgufRMxuhTtv24e9xkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDJ9kcAAAD//3w6ya0=")
openat$random(0xffffffffffffff9c, 0x0, 0x428e40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)

4m28.636166106s ago: executing program 5 (id=862):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5a20}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x34, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x27}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xb9}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x8}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xc0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

4m26.872719825s ago: executing program 5 (id=869):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = socket(0x15, 0x5, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @empty=0xffffffff}, 0x8}, 0x1c)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
ioctl$VIDIOC_LOG_STATUS(r2, 0x5646, 0x0)
preadv(r2, &(0x7f00000033c0)=[{&(0x7f00000031c0)=""/207, 0xcf}], 0x1, 0x6, 0x0)
ioctl$F2FS_IOC_DECOMPRESS_FILE(r2, 0xf517, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/mem_sleep', 0x4200, 0x128)
mount(0x0, 0x0, &(0x7f00000000c0)='efs\x00', 0x208000, 0x0)
syz_io_uring_setup(0x10c, 0x0, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r5 = dup(r4)
sendmsg$nl_route(r5, 0x0, 0x20008040)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/udp6\x00')
r7 = socket$inet6(0xa, 0x2, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
preadv(r6, &(0x7f0000000280)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x1f1, 0x1)

4m11.418271718s ago: executing program 37 (id=869):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = socket(0x15, 0x5, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @empty=0xffffffff}, 0x8}, 0x1c)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
ioctl$VIDIOC_LOG_STATUS(r2, 0x5646, 0x0)
preadv(r2, &(0x7f00000033c0)=[{&(0x7f00000031c0)=""/207, 0xcf}], 0x1, 0x6, 0x0)
ioctl$F2FS_IOC_DECOMPRESS_FILE(r2, 0xf517, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/mem_sleep', 0x4200, 0x128)
mount(0x0, 0x0, &(0x7f00000000c0)='efs\x00', 0x208000, 0x0)
syz_io_uring_setup(0x10c, 0x0, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r5 = dup(r4)
sendmsg$nl_route(r5, 0x0, 0x20008040)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/udp6\x00')
r7 = socket$inet6(0xa, 0x2, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
preadv(r6, &(0x7f0000000280)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x1f1, 0x1)

4m9.056286087s ago: executing program 9 (id=898):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_mr_vif\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0x0)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
pread64(r0, 0x0, 0x0, 0x37)
socket$inet_tcp(0x2, 0x1, 0x0)

4m8.801771711s ago: executing program 9 (id=900):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/diskstats\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000a80)={0x2020}, 0x2020)

4m6.673469506s ago: executing program 9 (id=903):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=<r1=>0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x1, 0x60bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x4f24c}, [@IFLA_NET_NS_PID={0x8, 0x13, r1}]}, 0x28}, 0x1, 0x0, 0x0, 0x48051}, 0xc0)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
pipe2(0x0, 0x800)
write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000001440)=ANY=[], 0xffffff6a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r3, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32, @ANYBLOB], 0xd0}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/protocols\x00')
read$FUSE(r5, &(0x7f00000030c0)={0x2020}, 0x2020)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r5}, 0x8)

4m5.443797197s ago: executing program 9 (id=908):
socket$unix(0x1, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0x5, 0xfff2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x5, 0xa}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$key(0xf, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
read(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x12, 0x10, &(0x7f00000007c0)=ANY=[@ANYRESDEC=r1, @ANYBLOB="0000000000000000b704000001000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
socket$xdp(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x12, 0x2, 0x8, 0xd0eb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
r6 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r7 = userfaultfd(0x1)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)
readv(r7, &(0x7f00000001c0)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1)
ioctl$UFFDIO_WAKE(r7, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000ffb000/0x3000)=nil, 0x3000})

4m3.559136927s ago: executing program 9 (id=915):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000100)='./file1\x00', 0x1, &(0x7f0000000780)=ANY=[], 0x0, 0x11ce, &(0x7f0000003140)="$eJzs3E9rY1UYB+C3M+NMm5nW+m90ZuNBN7q5tAVduQmSgjSgtI3QCsItTTUkJiU3i0RcFNyJCz+HuHQniF+g38JdEUQ3XXnFpFoiBa2Fpg7Ps8kLv3PgPQkE3pBzT9766pP2QZEd5IO4NTcXdxYi4jRFiltxOyaO4vXP13/9Ymtnd6Nar9c2U1qvbq++mVJaevn7Dz775pUfBvff/3bpu3txvPzhyc9rPx4/PH508tv2x60itYrU7Q1SnvZ6vUG+12mm/VbRzlJ6r9PMi2ZqdYtmfyo/6PQOD0cp7+4vVg77zaJIeXeU2s1RGvTSoD9K+Ud5q5uyLEuLleAqGl+flmUZUZZPxd0oy7JciErcjwexGEvxdCzHM/FsPBfPxwvxMF6Ml+LReNWs+wYAAAAAAAAAAAAAAAAAAIAni/v/AAAAAAAAAAAAAAAAAAAAMHvu/wMAAAAAAAAAAAAAAAAAAMDsuf8PAAAAAAAAAAAAAAAAAAAAs7e1s7tRrddrmynNR/x0NGwMG5PXcTwfEbWVNLZ8vuuX4bBxe1ytv1OvrU7yNJ3fi8pZvnZhPh+vvTrJ/8jefrf+t/xx7P9z+55EAAAAAP9Clv4yNd9/eTbfZ9nF+dnvA+P5fWV6vl/4c9XjO9d0CP6zYvRpO+90mn3FpYu7V3sP33hwI07xPy2qEXED2rjBxdzVts/4i4lrcf6hz7oTAAAAAAAAAAAALuM6/o046zMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL+zA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAqwIAAP//BUeN1g==")
wait4(r0, 0x0, 0x2, 0x0)
ptrace$cont(0x20, r0, 0x7f, 0x30a)
socket$inet6(0xa, 0x80002, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000d00))
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
fchdir(0xffffffffffffffff)

4m0.842427202s ago: executing program 9 (id=924):
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x19, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073012700000000009500008000"], &(0x7f0000003ff6)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x19, &(0x7f0000000000)={0xfffffffe, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0xfffffffc}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x80, &(0x7f0000000240), 0x1, 0x50d, &(0x7f0000000980)="$eJzs3WFrI2kdAPD/TJJed7dncypynnh3eCfdQzdpr95dEbk7QfTVgXq+79U2LaVpU5p03ZZFu/gBBBEVfOUr3wh+AEH2I4iwoO9FRRHd1Ze6I0mmum2TNrttmrX9/WCa58kzM///MzSTmczDTACX1ssR8W5EFCLitYiYzN9P82m+Xdnrzvfg/u3F9pRElr3/tySS/L39dbXrxYi41l0kxiPi61+J+GZyNG5zZ3dtoV6vbeX1amt9s9rc2b2xur6wUlupbczOzrw599bcG3PTWe5U/SxHxNtf+tMPv/ezL7/9q89+6/fzf7n+7XZaX/hY8ok8vcVTBeiju+5SZ1vsa2+jrWEEG4FC3p9SYdSZAAAwiPYx/ocj4lOd4//JKHSO5gAAAICLJHtnIv6VRGQAAADAhZVGxEQkaSUfCzARaVqpdMfwfjSupvVGs/WZ5cb2xlK7LaIcpXR5tV6bzscKl6OUtOsz+Rjb/frrh+qzEfFcRPxg8kqnXlls1JdG/eMHAAAAXBLXXjp4/v/PybRTBgAAAC6Yct8KAAAAcFE45QcAAICL786oEwAAAACG6avvvdeesv3neC/d3Nlea9y8sVRrrlXWtxcri42tzcpKo7HSuWff+knrqzcam5+Lje1b1Vat2ao2d3bn1xvbG6351QOPwAYAAADO0XMv3f1dEhF7n7/SmSK/DyDAAX8cdQLAWSqMOgFgZIrtPx+MOgtgFEonzlE8lzyA0UlOaO87eOfXZ58LAAAwHFMfP3r9fyxvO/m3AeD/mbE+AHD5uLoHl1cpCk7z4ZL7UPflmX7tj3/9//CRRZY9UWIAAMCZmehMSVrJrwVORJpWKhHPdh4LWEqWV+u16fz84LeTpWfa9ZnOksmJY4YBAAAAAAAAAAAAAAAAAAAAAAAAgK4sSyIDAAAALrSI9M9J527+EVOTr04c/HXg0FO/fvL+j24ttFpbMxFjyd8n22+NRUTrx/n7r2ceCQAAAABPge55ev46M+psAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhoHty/vbg/HWgYH27cv34xIsq94hfz0ONRioir/0ii+MhySUQUziD+3p2IeL5X/CQeZllWzrPoFf/KkOOXO5umd/w0Iq6dQXy4zO629z/v9vr8pfFy57X356+YT6fVf/+X/nf/V+iz/3l2wBgv3PtFtW/8OxEvFHvvf/bjJ934SRyK/8qA8T/4xu5uv7bspxFTPb9/kgOxqq31zWpzZ/fG6vrCSm2ltjE7O/Pm3Ftzb8xNV5dX67X8b88Y3//kLx8e1/+rfeKXD/b/yPZ/dcD+//verfsf6RZLveJff6X39+/zfeKn+Xffp/Nyu31qv7zXLT/qxZ//5sXj+r/Up//jJ/T/+oD9f+1r3/3DgLMCAOegubO7tlCv17aOKYwPMM85F955OtIYUuEp3ODDLmTf6f4/nm49p1z8SCE7zeLFOIM0xh7jc3q2hVHulQAAgGH430F/u5Ylo84HAAAAAAAAAAAAAAAAAAAALqMnvEPYeEQMPPPhmHuj6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLH+EwAA//+uy9et")
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)

3m45.67990269s ago: executing program 38 (id=924):
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x19, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073012700000000009500008000"], &(0x7f0000003ff6)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x19, &(0x7f0000000000)={0xfffffffe, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0xfffffffc}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x80, &(0x7f0000000240), 0x1, 0x50d, &(0x7f0000000980)="$eJzs3WFrI2kdAPD/TJJed7dncypynnh3eCfdQzdpr95dEbk7QfTVgXq+79U2LaVpU5p03ZZFu/gBBBEVfOUr3wh+AEH2I4iwoO9FRRHd1Ze6I0mmum2TNrttmrX9/WCa58kzM///MzSTmczDTACX1ssR8W5EFCLitYiYzN9P82m+Xdnrzvfg/u3F9pRElr3/tySS/L39dbXrxYi41l0kxiPi61+J+GZyNG5zZ3dtoV6vbeX1amt9s9rc2b2xur6wUlupbczOzrw599bcG3PTWe5U/SxHxNtf+tMPv/ezL7/9q89+6/fzf7n+7XZaX/hY8ok8vcVTBeiju+5SZ1vsa2+jrWEEG4FC3p9SYdSZAAAwiPYx/ocj4lOd4//JKHSO5gAAAICLJHtnIv6VRGQAAADAhZVGxEQkaSUfCzARaVqpdMfwfjSupvVGs/WZ5cb2xlK7LaIcpXR5tV6bzscKl6OUtOsz+Rjb/frrh+qzEfFcRPxg8kqnXlls1JdG/eMHAAAAXBLXXjp4/v/PybRTBgAAAC6Yct8KAAAAcFE45QcAAICL786oEwAAAACG6avvvdeesv3neC/d3Nlea9y8sVRrrlXWtxcri42tzcpKo7HSuWff+knrqzcam5+Lje1b1Vat2ao2d3bn1xvbG6351QOPwAYAAADO0XMv3f1dEhF7n7/SmSK/DyDAAX8cdQLAWSqMOgFgZIrtPx+MOgtgFEonzlE8lzyA0UlOaO87eOfXZ58LAAAwHFMfP3r9fyxvO/m3AeD/mbE+AHD5uLoHl1cpCk7z4ZL7UPflmX7tj3/9//CRRZY9UWIAAMCZmehMSVrJrwVORJpWKhHPdh4LWEqWV+u16fz84LeTpWfa9ZnOksmJY4YBAAAAAAAAAAAAAAAAAAAAAAAAgK4sSyIDAAAALrSI9M9J527+EVOTr04c/HXg0FO/fvL+j24ttFpbMxFjyd8n22+NRUTrx/n7r2ceCQAAAABPge55ev46M+psAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhoHty/vbg/HWgYH27cv34xIsq94hfz0ONRioir/0ii+MhySUQUziD+3p2IeL5X/CQeZllWzrPoFf/KkOOXO5umd/w0Iq6dQXy4zO629z/v9vr8pfFy57X356+YT6fVf/+X/nf/V+iz/3l2wBgv3PtFtW/8OxEvFHvvf/bjJ934SRyK/8qA8T/4xu5uv7bspxFTPb9/kgOxqq31zWpzZ/fG6vrCSm2ltjE7O/Pm3Ftzb8xNV5dX67X8b88Y3//kLx8e1/+rfeKXD/b/yPZ/dcD+//verfsf6RZLveJff6X39+/zfeKn+Xffp/Nyu31qv7zXLT/qxZ//5sXj+r/Up//jJ/T/+oD9f+1r3/3DgLMCAOegubO7tlCv17aOKYwPMM85F955OtIYUuEp3ODDLmTf6f4/nm49p1z8SCE7zeLFOIM0xh7jc3q2hVHulQAAgGH430F/u5Ylo84HAAAAAAAAAAAAAAAAAAAALqMnvEPYeEQMPPPhmHuj6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLH+EwAA//+uy9et")
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)

8.000668714s ago: executing program 6 (id=1414):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd"], 0x82)

6.554963207s ago: executing program 0 (id=1417):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/diskstats\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000a80)={0x2020}, 0x2020)

6.554257657s ago: executing program 7 (id=1418):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wg1\x00', <r0=>0x0})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fremovexattr(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
iopl(0x3)
syz_clone3(0x0, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000280)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
write$ppp(r3, &(0x7f0000000b80), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_vhci(&(0x7f0000000880)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x1fd}, {0x2, [{@none, 0x3, 0x8, "63d9ff", 0x3, 0x9f, "7dbe22ff0f00fc44ea6d1aec274c8968917697e62edc322898c618f3fb5e491f9e8adff68d373fb0734adfc545389458b825340c8c8f5c492078d00adc867641fcb0351732cefa32848d5e44c43df47371c93da4cdff225f61b624958bd6668dc99425d17452bb3e5dbe078b3a7451e54dc0c2587964a6886f01d4e5784f8f72466d7b66c8f914cf3a4b3b61cd721e36df2e08fec18c94317d8bb53ef342ff391f7034a4f3639116e19551aac5539c313ea03737d2c1404121a85b892b08815abf97626ad4e6a9b0d00d9a74e409486f8ea349fdba0cb4757dbcea513381c76a1c3d6e79f0d14e3a27d93b600168eebe"}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xd2, 0x9, "8a54c3", 0x33, 0x0, "dba74559adde41e078484e9f387a109a0520c9f59f1d3c9fac7a118a24988d673e37ce8ccef7862cdffa1d7d6066471ca7831aeb3d20e729b78a4adeac6c80e8933e4a011072d15fcfe4620aacd245cc5e5b50016ede784d559561b836e5c308740b523d9024b9b77f9d51db558ee477509a28b06bc2f0787bb8dbeda3e4aa3d1762352c5c15886251caea2fb1af87e76e9729578474233bf840c98d40147e5b9739727ee5956ab2f56bb12147ed75fcccb20c8d9345679c0ca03ad687d80cb2c18ef347722461d189b1f1486d43ea431403af86d22a25140beafb7169473d849429ca7e5d006d6b2dcf600e469486a4"}]}}}, 0x200)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r0, {0x0, 0xc}, {0xffff, 0xffff}, {0xd, 0xfff3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_INGRESS={0x8, 0xf, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44004}, 0x4000)

6.553634957s ago: executing program 8 (id=1419):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x81ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x38)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0xe, 0x0, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000540)={0x0, r2, 0x0, 0xe, &(0x7f0000000500)=':[^%\'\x9f-@})})\'\x00'}, 0x30)

6.504020438s ago: executing program 6 (id=1420):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4000, &(0x7f00000000c0)=ANY=[], 0xff, 0x5fc4, &(0x7f0000006400)="$eJzs3U9vHGcdB/Df/vHacds0qlAVIg5uyp+W0vxPoPxryoEDHEBCPZPIdauUFFASEK0i4soHxAV4CXDphUPfAi+grwHxAoiU9NQDZdDYz+OMN+usTeKZXT+fj7SZ+c2z430m3x3PrGdmJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+NEPf3a2FxFXfpsmHIt4OgYR/Ygjdb0S9cjl/PxhRByPzeZ4PiIGixH1/Jv/PBtxISI+ORpx7/7t1XryuT324+KZWzc+//EP/vmHP28cf/etn3803v7TL5z/+I93Io795LWPP7/zZJYdAAAASlFVVdVLH/NPpM/3/a47BQC0Im//qyRPV6vVavUTrf/U38/zn36q6/6qD2ndVE12p1lExHpznnqfweF4AJgz6/FZ112gQ/Iv2jAinuq6E8BM63XdAQ7Evfu3V3sp315ze7Cy1Z7/Trkj//Xe9vUduw2nGT/HpK3310YM4rld+nOkpT7Mkpx/fzz/K1vto/S8g86/LbvlP9q69Kk4Of/BeP5jduT/l4iY2/z7E/MvVc5/uJ/81wdzvP7LHwAAAACAwy///f9Yx8d/Fx9/UfbkUcd/V1rqAwAAAAAAAAA8aY97/79t7v8HAAAAM6v+rF7769EH03b7LrZ6+pu9iGfGng8UZqXx5YAAAAAAAAAAAAAAQDuGEcvpvP6FiHhmebmqqvrRNF7v1+POP+9KX34oWde/5AEAYMsnR8eu5e9FLEXEm+m7/haWl5eraiEilqsji3l/drS4VB1pfK7Nw3ra4mgPO8TDUVX/sKXGfE3TPi9Pax//efVrjarBHjrWjg4DB4CI2Noa3bNFOmSq6tnoei+H+WD9P3ys/+xF1+9TAAAA4OBVVVX10td5n0jH/PtddwoAaEXe/o8fF1Cr1epi6k+3Js5Mf9TqA6ybqsnuNIuIWG/OU+8zuB0/AMyZ9fis6y7QIfkXbRgRx7vuBDDTel13gANx7/7t1V7Kt9fcHqxstedzQXbkv97bnC/PP2k4zfg5Jm29vzZiEM/t0p/nW+rDLMn598fzv7LVnm/xv53P0sHk35bd8q+X81gH/elazn8wnv+Yg17/27IR/Yn5lyrnP9xX/gP5AwAAAADADMt//z/m+G9eZAAAAAAAAACYO/fu317N173m4/9fmvC8XnPM9Z+HRs6/t+f8Xf97mOT8++P5j52QM2iM333jQf6f3r+9+tGtf38xD2c+/4XBqH7thV5/MEzn/FQLb8e1uB5rceah5w93tJ99qH1hR/u5Ke3nH2of1e1HcvupWI1fxfV4a7t9ccqJUUtT2qsp7Tn/gfW/SDn/YeNR57+c2ntjw9rdD/sPrffN4aTXufz3/3z14bWrDcMd1UYMtpet4Wj9z8nW+vTA5v/JU6P4zc21G6d+d/XWrRtnIw12TD0XafCE5fwX0iPn/9KLW+35935zfb374Wjf+c+KjRhOyn/z/f1iY7xe3pdb7lsXcv6j9Mj55y3Q5PV/nvOfuP5vLt8rHfQHAAAAAAAAAAAAAAAAHqWqqs1LRC9HxKV0/U9X12YCAO3K2/8qydPVarVarVYfvrqpmuz1ZhER/2jOU+8z/H7SDwMAZtl/I+JfXXeCzsi/YPn7/urhl7vuDNCqm+9/8Iur16+v3bjZdU8AAAAAAAAAgP9Xvv/nSuP+z5vnAY3dN3rH/V/fiJW5vf9nfzTYvNd5WqAX4tH3/z4Zj77/93DK6y1MaR9NaV+c0r40pX3ihR4NOf8XUsY5/xNpwUq6/+tLHfSnazn/k+lezzn/r409r5l/9bd5zr+/I//Tt9779emb73/w6rX3rr6z9s7aL8+euXTh/MUL5y9ePP32tetrZ7b+7bDHByvnn+997TzQsuT8c+byL0vO/yupln9ZUv7bu6HyL0te//P+nvzLkvPPn33kX5ac/8upln9Zcv5fT7X8y5LzfyXV8i9Lzv8bqZZ/WXL+r6Za/mXJ+Z9KtfzLkvM/nWr5lyXnn49wyb8sOf98ZoP8y5LzP5dq+Zcl538+1fIvS87/QqrlX5ac/8VUy78sOf9LqZZ/WXL+30y1/MuS8/9WquVflpz/a6mWf1ly/t9OtfzLkvP/TqrlX5ac/3dT/aj8322xX7Qj5/+9VFv/y5Lz/36q5V+WnP/rqZZ/WR58/7+RfY8sz0Y3jBh58iNd/2YCAAAAAAAAAAAAAMa1cTpx18sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb17jZGrvO8HfvZmrw0B/8OdOGCbm4GF3fUNHGIwScifkl4oCWnTkhrHXhsnvtW7TgChsim0JQpSkdoX9EXTJEqiSG0FqiI1lWiE1Ejtm6p51QhVilopUl0JKgcllVIFtjpznufZmdnZmbW9a5855/OJ8M/eOWfmmTNnZve70XcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2cYPT/3RQJZl+X+NP9Zl2cX539dku/N/zu640CsEAAAAztU7jT//6tL0hd1L2Klpm3+87l++Mzc3N5d95u1T7/7J3Fy6YEOWDa3OssZl0T/9/GdzzdsEz2WjA4NN/x7scfNDPS4f7nH5SI/LV/W4fHWPy0d7XL7gACywpvh9TOPKbmz8dV1xSLPLs5HGZTd22Ou5gdWDg/F3OQ0DjX3mRg5kh7LD2VQ2sWCfgcb/suy1jfltPZjF2xpsuq31WZad/skz++IaBsIxvjFrubGG5sfurfuzDW//5Jl935p585pOs+dhWLDSLNu8KV/n81k2/+uqbCBbnY5JXOdg0zrXd1jnUMs6Bxr75X9vX+fpJa4z3u/RsM4fdFnn+vC1J2/Ismw2W3Sbds9lg9natltNx3u0OCPy68gfyvdmw2d0nmxcwnmS7/PjG1rPk/ZzMh7/jeGYDC+yhuaH460vrlpw3M/2PMnvdRnO1fy6H85vdHS0+VerLedqvs0zNy1+DnR87DqcA+lcbjoHNvU6BwZXDTXOgcH5NW9qOQcmF+wzmA00buvUTd3PgfGZI8fHp596+o5DR/YenDo4dXRyYse2rdu3bd2+ffzAocNTE8WfZ3ZI+8jabDCdg5vCa008B29p27b5lJz72vI9D0ZL8jzI7/snbs4XdPFgtsg5nm/z/OZzfx6k7/tNz4PhpudBx9fUDs+D4SU8D/JtTm9e2vfM4ab/Oq1hpV4L1zWdAxfy+2F+m4/duvhr4fqwrhduO9Pvh0MLzoF4twbCcy//Svp5b/TucFwWnhfX5hdctCo7OT114s4n987MnJjMwjgvLmt6rNrPl7VN9ylbcL4MnvH5svsvf3HztR2+vi4cq9Hb5x+rVR0eh3ybbWPdH6vGq3vn49ny1S1ZGMvsfB/PTt/N8uOZskSXcz/f5vk7zv1nwZRLml7/Rnq9/g2NDBevf0PpaIy0vP4tfGiGGivLstN3LO31byT8d75f/y4vyetffqweu7P7OZBv88L4mZ4Dw11f/24IcyCs59aQGEabcv+7jctni9O06bHsed4MD4+E82Y43mLrebN1wT75teW3vXni7M6bzTe0PlYtP7dU8LzJj9WfTnQ/b/JtXp8899eONfGvTa8dq3qdAyNDq/L1jqSToHi9m1sTz4E7s33Zsexwtj/tkz/K+W2NbVnaObAq/He+XzuuLsk5kB+rl7d0Pwfybb6/dXl/dtocvpK2afrZqf33C4tl/muH56+v/bAtd+bP1/mRbd1/N5Rv8+a2M80Z3Y/T7eErF3U4Tu3Pn8XO6f3Z+TlOV4d1Ht7e/XdT+TaX71ji+bQ7y7I3Jt9o/L4r/H73b07+63dafu/b6XfKb0y+8dD4Iz88k/UDAHD23m38Obuq+Fmz6f+xXsr//w8AAAD0hZj7B8NM5H8AAACojJj7h8JM5H8AAACojJj7h8NMapL/n7h75yvvPJuldwOcC+Ll8TA8fG+xXex4z4Z/b5ibl3/9Q98YeeVLzy7ttgezLPvFQ+/ruP0T98Z1FY7HdX6g9esLXH39km7/8Ufnt2t+/4TTO4vrj/dnqadB7Cq/Nr6lcb0bnppszNcfyhrzkdkXniuuv/h33P7U1mL7Pw9vWrL7wEDL/pvDem4Mc0N4T5mHd88fh3zG/V5Zf90/XPbJ+duL+w1suqRxN1/+veJ643tEvXRZsX2834ut/++//O1X8u2fvKnz+p8d7Lz+U+F6fxzmz3cV2zcf8y81rf8Pwvrj7cX97vz69zqu/9Wriu1fDefFV8NsX//9f/z+dzo9XvF2dt9T7Bdvf+J/tjX2i9cXr799/aPPTrYcj/brf/3t4np2ff6nQ83bx6/H24kev6f1/B4Ij29LjzzLsm//YdZynLMPFvv9Xdv64/Udv6fz+m9vW+fxgesb+8/fn3Ut9+sr39zS8f7G9ez+63Ut9+elB8Lxe3v8+/n1nnoknI/h8v/9QXF97e9l+uoDra83cfuvriuet/H6xtvW/1Lb+mevz49d7/U/+Hax/lfvW92y/t0fDefTg8Xstf6Df3Fpy/5f+1bxeJz4wtjRY9MnD+0Pd2Zd2/N49eiatRdd/J5LLg2vpe3/3nNs5ompExsmNkxk2YY+fMvAlV7/18P872LMLv8tFH740+K8e/FjxfetW35W/Pul8PXHw+MZvz9+5c9GWs7X9sd99r5inuv6bwvrWKqrvvwf13f48n8ueM/fU59+7eTf/v6b7T8XxPtz/IrRxv17eeOVjcsGXi8ub3+96uXfr2h9Xv9oeKIxvxuO61x4Z+ZNVxa313798b1JXvx48fyNP8nF/bO29xNZN9R6P851/T8KP8d87+rW1794fnz32bZ3c16XDeRLmA2vD9lscXncKh7vF09f2fH24vvwZLPXnMkyFzX91PT44UNHTz45PjM1PTM+/dTTe44cO3l0Zk/jvUv3fLbX/vPP77WN5/f+qR3bssaz/VgxVtiFXv/xR/ftv2vi5v1TB/aePDDz6PGpEwf3TU/vm9o/ffPeAwemvtBr/0P7d01u2bn1ri1jBw/t33X3zp1bd44dOnosX0axqB52THxu7OiJPY1dpndt2zm5ffu2ibEjx/ZP7bprYmLsZK/9G9+bxvK9Pz92Yurw3plDR6bGpg89PbVrcueOHVt6vvvjkeMHpjeMnzh5dPzk9NSJ8eK+bJhpfDn/3tdrf+ph+lh4vWszEH46/9TtO9L74+a+8cVFr6rYpPXH0+yt8F5Q8ftbr3/H3D8SZlKT/A8AAAB1EHN/eOP/+QvkfwAAAKiMmPtXh5nI/wAAAFAZMfePhpnUJP/r/+v/6//r/+v/n8f+f6b/v9z0/5el/7+Q/v+S6P/r/+v/6//TXdn6/zH3r8myWuZ/AAAAqIOY+9eGmcj/AAAAUBkx918UZiL/AwAAQGXE3H9xmEk98v9I+1/1//X/9f+b+/9xW/3/TP9f//8s6f/r/3ej/6//38/rL2H/f43+P2VTtv5/zP3vCTOpR/4HAACAWoi5/5IwE/kfAAAAKiPm/kvDTOR/AAAAqIyY+9eFmdQk//v8f/1//X+f/6//r/+/kvT/9f+70f/X/+/n9Zew/+/z/ymdsvX/Y+7/f2EmNcn/AAAAUAcx9783zET+BwAAgMqIuf+yMBP5HwAAACoj5v7Lw0xqkv/1//X/9f/1//X/9f9Xkv6//n83+v/6//28fv1//X96K1v/P+b+K8JMapL/AQAAoA5i7r8yzET+BwAAgMqIuf+qMBP5HwAAACoj5v6rw0xqkv/1//X/9f/1//X/9f9Xkv6//n83+v/6//28fv1//X96K1v/P+b+a8JMapL/AQAAoA5i7r82zET+BwAAgMqIuf99YSbyPwAAAFRGzP3rw0xqkv/1//X/S9//H9T/1/8v6P/r/3eyvP3/wUUv0f8v6P+30v/X/9f/1/+nu7L1/2Puf3+YSU3yPwAAANRBzP3XhZnI/wAAAFAZMfdfH2Yi/wMAAEBlxNy/IcykJvlf/1//v/T9f5//r/8fZu36/zMD+v9L4PP/9f8z/f+zdqH78/2+fv1//X96K1v/P+b+jWEmNcn/AAAAUAcx928KM5H/AQAAoDJi7r8hzET+BwAAgMqIuf/GMJOa5H/9/7Ps/69p/af+f+f16//r/+v/+/x//X/9/270//X/+3n9+v9L6/+v6nVFVFrZ+v8x998UZlKT/A8AAAB1EHP/zWEm8j8AAABURsz9t4SZyP8AAABQGTH3bw4zqUn+1//3+f/6//r/+v/6/ytJ/3/J/f81Z7Mu/f+C/v/ZudD9+X5ffz/1/0c77O/z/zkfytb/j7n/1jCTmuR/AAAAqIOY+28LM5H/AQAAoDJi7r89zET+BwAAgMqIuX8szKQm+V//X/9f/1//X/9f/38lVbX/n15Hff6//r/+v/7/Cvf/v7nI/v3y+f/UW9n6/zH33xFmUpP8DwAAAHUQc/+dYSbyPwAAAFRGzP3jYSbyPwAAAFRGzP0TYSY1yf/6//r/+v/6//r/+v8rqar9//bP/8+yTP9f/z/R/9f/L9vn/3ei/8/5ULb+f8z9k2EmNcn/AAAAUAcx928JM5H/AQAAoDJi7t8aZiL/AwAAQGXE3L8tzKQm+V//X/9f/1//X/9f/38l1aX/7/P/i8v1/wv6//r/+v/6/3U02OFrZev/x9y/PcykJvkfAAAA6iDm/h1hJvI/AAAAVEbM/XeFmcj/AAAAUBkx998dZlKT/K//r/+v/6//X97+f+vtr1z//7/0/1eQ/r/+fzf6//r//bx+/X/9f3pb3v7/pefc/4+5f2eYSU3yPwAAANRBzP0fCDOR/wEAAKAyYu6/J8xE/gcAAIC+0ulzCKOY+z8YZlKT/K//X/X+/9xq/X/9//7t/7ceT5//r//fSXj51P9fonr1/9csuD39/1YXuj/f7+vX/9f/p7fl7f8v+PH0jPv/MffvCjOpSf4HAACAOoi5/94wE/kfAAAAKiPm/vvCTOR/AAAAqIyY+3eHmdQk/+v/V73/X77P/x/I9P/1/wv6//r/y8Hn/+v/Zz7//6ydbX8+vu+G/n95+v/5OaT/TxmVrf8fc//9YSY1yf8AAABQBzH3fyjMRP4HAACAyoi5/8NhJvI/AAAAVEbM/R8JM6lJ/tf/1//3+f/6//r/+v8rSf9f/78b/f/+7P9H+v/l6f/7/H/Kqmz9/5j7HwgzqUn+BwAAgDqIuf+jYSbyPwAAAFRGzP3/P8xE/gcAAIDKiLn/wTCTmuR//X/9f/1//X/9f/3/laT/r//fjf6//n8/r1//X/+f3srW/4+5/5fCTGqS/wEAAKAOYu5/KMxE/gcAAIDKiLn/Y2Em8j8AAABURsz9vxxmUpP8r/9/fvr/g+n69f/1//X/9f/1/5dTn/b/R/X/C/r/+v/9vH79f/1/eitb/z/m/l8JM6lJ/gcAAIA6iLn/V8NM5H8AAACojJj7fy3MRP4HAACAyoi5/+Ewk5rkf/1/n/+v/6//X9r+/3Dr8dT/1//vpE/7/z7/P9D/1//v5/Xr/+v/01vZ+v8x9/96mElN8j8AAADUQcz9j4SZyP8AAABQGTH3fzzMRP4HAACAyoi5/xNhJjXJ//r/+v/6//r/pe3/tx1P/f+y9v//reul+v/6/93o/+v/9/P69f/1/+mtbP3/mPsfDTOpSf4HAACAOoi5/5NhJvI/AAAAVEbM/b8RZiL/AwAAQGXE3P+bYSb9mf8Hz3QH/X/9f/1//X/9f/3/laT/v7D/n7+GXcj+/6qlbKj/vyT6//r/+v/6/3RXtv5/zP2fCjPpz/wPAAAAdBBz/2+Fmcj/AAAAUBkx9/92mIn8DwAAAJURc/9jYSY1yf/6//r/+v/6//r/+v8rSf/f5/93o/+v/9/P69f/1/+nt7L1/2Pu/3SYSU3yPwAAANRBzP2/E2Yi/wMAAEBlxNy/J8xE/gcAAIDKiLn/8TCTmuR//X/9f/1//f/l6f/P6f/r/3ek/6//343+v/5/P69f/1//n97K1v+PuX9vmElN8j8AAADUQcz9nwkzkf8BAACgMmLu3xdmIv8DAABAZcTcvz/MpCb5X/9f/1//X//f5//r/68k/X/9/270//X/+3n9+v/6//RWtv5/zP1TYSY1yf8AAABQBzH3Hwgzkf8BAACgMmLuPxhmIv8DAABAZcTc/0SYSU3yv/6//r/+v/6//r/+/0rS/9f/70b/X/+/n9ev/6//T2/L1///52Xp/8fcfyjMpCb5HwAAAOog5v7PhpnI/wAAAFAZMfd/LsxE/gcAAIDKiLn/cJhJTfK//r/+v/5/Bfv/w/r/mf5/aej/6/93o/+v/9/P69f/1/+nt+Xr/2fL0v+Puf9ImElN8j8AAADUQcz9R8NM5H8AAACojJj7j4WZyP8AAABQGTH3Hw8zqUn+1//X/9f/r2D/3+f/N+j/l4P+v/5/N/r/+v/9vH79f/1/eitb/z/m/t8NM6lJ/gcAAIA6iLn/RJiJ/A8AAACVEXP/dJiJ/A8AAACVEXP/TJhJTfK//r/+v/6//r/+v/7/StL/1//vRv+/f/r/Ix321//X//8/9u6jyY676uP41WPLksr1FCv2vAV27OAd+DWwYUuxIOeMAZNzzjnnaHLOOZick0FkMFSZsu45x5Y16h6N5+p2/8/ns/DxyGOpramS61dT32r9P3OW1v/n7r9v3NJk/wMAAEAHufvvF7fY/wAAADCM3P33j1vsfwAAABhG7v4HxC1N9r/+X/+v/19M/7/t/PT/+n/9/yXR/+v/N/vu/8/EB4P3/wfR/+v/9f/MWVr/n7v/gXFLk/0PAAAAHeTuf1DcYv8DAADAMHL3Pzhusf8BAABgGLn7HxK3NNn/+n/9/7j9/6m19f/e/59f1xH7/xO3/rL6/+Ol/9f/b/bd/zd5//9B9P/6f/0/c5bW/+fuf2jc0mT/AwAAQAe5+x8Wt9j/AAAAMIzc/Q+PW+x/AAAAGEbu/kfELU32v/5f/z9u/7+69//r//PrOkT/f6Z+Hu//1//r/y9O/6//X/Pz6//1/8xbWv+fu/+RcUuT/Q8AAAAd5O5/VNxi/wMAAMAwcvc/Om6x/wEAAGAYufsfE7c02f/6f/2//l//r/+/DO//1//r//X/B9L/6//X/Pz6f/0/85bW/+fuf2zc0mT/AwAAQAe5+x8Xt9j/AAAAMIzc/Y+PW+x/AAAAGEbu/ifELU32v/5f/6//1//r//X/u6T/1/9P0f/r/9f8/Pp//T/zdt7/X3PtuXvY/j93/7VxS5P9DwAAAB3k7n9i3GL/AwAAwDBy9z8pbrH/AQAAYBi5+58ctzTZ/wf0/1ds9P9N+/+bT+j/9f/L7P9vij9l9P/6/wutu/8/rf/X/5/74eX1/4f7ndD/6//1/8zZef8/0/vf/uPc/dfFLU32PwAAAHSQu/8pcYv9DwAAAMPI3f/UuMX+BwAAgGHk7n9a3NJk/3v/v/7/ON//nz+v/n9L/+/9//p//b/3/0/bYf9/r/zN1P9f3L77+bU//1T/f/dDPL/+nw6W1v/n7n963NJk/wMAAEAHufufEbfY/wAAADCM3P3PjFvsfwAAABhG7v5nxS0N9v+V+v96jqT/9/7/Q/X/Z7b/vv7//OfR/+v/D6L/1/9P8f5//f+an9/7/+f7/6vnfhKGt7T+P3f/s+OWBvsfAAAAusjd/5y4xf4HAACAYeTuf27cYv8DAADAMHL3Py9uabL/9f/6f/2/9//fof7/Cv2//n+a/l//P0X/r/9f8/Pr/73/n3lL6/9z9z8/bqnhd+UR/isBAACAJcnd/4K4pcn3/wEAAKCD3P0vjFvsfwAAABhG7v4XxS1N9r/+X/+v/9f/e/+//n+X9P/D9f8n9P+30v/r//X/+n+mLa3/z93/4rilyf4HAACADnL3vyRusf8BAABgGLn7Xxq32P8AAAAwjNz9L4tbmux//b/+X/+v/9f/6/93Sf8/XP/v/f+3of/X/+v/9f9MW1r/n7v/5XFLk/0PAAAAHeTuf0XcYv8DAADAMHL3vzJusf8BAABgGLn7XxW3NNn/+n/9v/5f/6//1//v0vL7/5OH+iz9/5b+/3y76v9PX+TX0/8v6/mPp//Pr77+nzEtoP+/x20/zt3/6rilyf4HAACADnL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/i/X/Z6/e/vOZ/j9/w/T/cfX/+v+N/r/o//X/m1X0/4ej/9/S/5/P+//1/97/r/9n2gL6//M+zt3/+rilyf4HAACADnL3vyFusf8BAABgGLn73xi32P8AAAAwjNz9b4pbmux/7//X/+v/9f/6f/3/Lun/9f9TVtT/nzroB/X/+n/9v/6faUvr/3P3vzluabL/AQAAoIPc/W+JW+x/AAAAGEbu/rfGLfY/AAAADCN3/9vilib7X/+v/997//9/+v+k/4+vq/5f/38J9P/6/433/x/Zvvv5tT+//l//z7yl9f+5+98etzTZ/wAAANBB7v53xC32PwAAAAwjd/874xb7HwAAAIaRu/9dcUuT/a//1//vvf/3/v+i/4+vq/5f/38J9P/6/43+/8j23c+v/fn1//p/5i2t/8/d/+64pcn+BwAAgA5y978nbrH/AQAAYBi5+98bt9j/AAAAMIzc/e+LW5rsf/2//l//r//X/+v/d0n/r/+fcnn7/+vO6v/Pt+9+fu3Pr//X/zNvaf1/7v73xy1N9j8AAAB0kLv/A3GL/Q8AAADDyN3/wbjF/gcAAIBh5O7/UNzSZP/r/9fe/9/zxniCpfX/+Sn6f/2//l//r//X/1/Uct//f/s/KQ6m/9f/6//1/0y7bP3/va+5z91u+ZuZ/j93/4fjlib7HwAAADrI3X993GL/AwAAwDBy938kbrH/AQAAYBi5+z8atzTZ/z36/5MXfNo4/b/3/+v/F93/5x+q+n/9v/5f/3+g5fb/h6P/1//r//X/TFva+/9z938sbmmy/wEAAKCD3P0fj1vsfwAAABhG7v5PxC32PwAAAAwjd/8n45Ym+79H/38h/f/Wsff/N99J/6//L97/r//f6P/1/zP0//r/NT//0P3/iY3+n2OxtP4/d/+n4pYm+x8AAAA6yN3/6bjF/gcAAIBh5O7/TNxi/wMAAMAwcvd/Nm646//v75EuK/2//t/7//X/+n/9/y7p/4/Q/5+48tDPpf/f0v8fzb77+bU//9D9v/f/c0yW1v/n7v9c3OL7/wAAADCM3P2fj1vsfwAAABhG7v4vxC32PwAAAAxg27vn7v9i3NJk/+v/9f/6f/2//l//v0v6f+//n6L/1/+v+fn1//p/5i2t/8/d/6W4pcn+BwAAgA5y9385brH/AQAAYBi5+78St9j/AAAAMIzc/V+NW5rsf/2//l//r//X/+v/d0n/r/+fov/X/6/5+fX/+n/mLa3/z93/tbilyf4HAACADnL3fz1usf8BAABgGLn7vxG32P8AAAAwjNz934xbmux//b/+X/+v/9f/773/P7nR/x+Z/l//v9H/H9m++/m1P7/+X//PvKX1/7n7vxW3NNn/AAAA0EHu/m/HLfY/AAAADCN3/3fiFvsfAAAAhpG7/7txS5P9P3L/P/Vp+v8t/b/+f6P/X0L/7/3/d4D+X/+/0f8f2b77+bU/v/5f/8+8pfX/ufu/F7c02f8AAADQQe7+78ct9j8AAAAMI3f/DZvN9fY/AAAAjOmGc389vflB3NJk/4/c/0/R/2/p//X/G/2//n/H9P/6/yn6f/3/mp9f/6//Z97S+v/c/T+MW5rsfwAAAOggd/+P4hb7HwAAAIaRu//HcYv9DwAAAMPI3f+TuKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+an1//r/9n3tL6/9z9P41bmux/AAAA6CB3/8/iFvsfAAAAhpG7/+dxi/0PAAAAw8jd/4u4pcn+1//r//X/+n/9v/5/l/T/+v8p+n/9/5qfX/+v/2fe0vr/3P2/jFua7H8AAADoIHf/r+IW+x8AAACGkbv/13GL/Q8AAADDyN3/m7ilyf7X/+v/9f/6f/2//n+X2vb/t/xvVf8/S/+v/1/z8+v/9f/MW1r/n7v/t3FLk/0PAAAAHeTu/13cYv8DAADAMHL3/z5usf8BAABgGLn7/xC3NNn/+n/9v/5f/7+O/v8q/b/+/0CL7f+9//9Q9P/6/zU/v/5f/8+8pfX/uftvjFua7H8AAADoIHf/H+MW+x8AAACGkbv/T3GL/Q8AAADDyN1/Nm5psv/1//r/Ifv/U/r/8fp/7/9fZf9/F/2//n+a/l//v+bn1//r/5m3tP4/d/+f45Ym+x8AAAA6yN3/l7jF/gcAAIBh5O7/a9xi/wMAAMAwcvf/LW5psv/1//r/Ift/7//X/+v/F0P/r/+fov/X/6/5+fX/+n/mLa3/z93/97ilyf4HAACADnL3/yNusf8BAABgGLn7/xm32P8AAAAwjNz9/4pbmux//b/+X/+v/9f/6/93Sf+/3v7/qo3+f47+X/+v/9f/M21p/X/u/n/HLU32PwAAAHSQu/+muOXA/X/ny/RUAAAAwHHK3f+fuMX3/wEAAGAYufv/G7c02f/6f/2//l//r//X/++S/n+9/b/3/8/T/+v/9f/6f6Ytrf/P3f+/AAAA///XHBWv")
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000a006)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000000100)={{0x0, 0xdddd1000, 0x0, 0x2, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xffff1000, 0xd000, 0xc, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x3000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0xfe, 0x0, 0x4}, {0xdddd0000, 0x3000, 0x9, 0x0, 0xff, 0x4, 0x6, 0xe, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x80}, {0xdddd1000, 0x0, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x3000, 0x0, 0x0, 0x1, 0x1, 0x83, 0xa, 0x26, 0x5}, {0x80a0000}, {0xdddd1000, 0xff}, 0xddf8ffdb, 0x0, 0x0, 0x70, 0xfffffffffffffffe, 0xd801, 0x0, [0x0, 0x0, 0x1]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
sendfile(r2, r3, 0x0, 0x20fffe82)

5.7281967s ago: executing program 8 (id=1422):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800714, &(0x7f0000000180)={[{@dioread_nolock}, {@jqfmt_vfsv0}]}, 0xff, 0x4a9, &(0x7f0000000580)="$eJzs3M9rXNUeAPDvnUnS301eX1/fa1+r0SoWfyRNWrULFyoKLhQEXdRlTNJaO22kiWBLsFGkLqXgXlwK/gXu3Ii6EMGtgkspFA1CUxcSub+aZDKZ5menzXw+MJlz5p6Zc773njNz5p7cCaBt9aZ/koidEfFzRHTn2YUFevO7menJ4ZvTk8NJzM6+9nuSlbsxPTlcFi2ft6PIHKlEVD5K4tlkcb3jFy+dHarVRi8U+f6Jc+/0j1+89MSZc0OnR0+Pnh88ceL4sYGnnxp8cl3iTOO6ceD9sYP7X3rj6ivDJ6+++d2XabP2Hcq3z4/jtm42CKiB3nSv/TGbqd/28Arafi/YNS+ddLSwIaxINSLSw9WZjf/uqMbcweuOFz9saeOADZV+Nm1ZevPULLCJJdHqFgCtUX7Qp99/y9sdmnrcFa4/F9EV+fmKmenJ4Zlb8XdEpSjTuYH190bEyam/PktvsdLzEAAAq5DNbR5vNP+rxL7sPl/r2F2sofRExL8iYk9E/Dsi9kbEfyKysv+NiP/lT57tXmb9vXX5xfOfyrWGbV4n6fzvmZib+83Mi7+466kWuV1Z/J3JqTO10aPFPjkSnVvS/ECTOr5+4adPlto2f/6X3tL6y7lg0YBrHXUn6EaGJobWaydc/yDiQEej+JNbKwFpD9gfEQdi8TpWE7vLxJlHvzi4VKHbx9/EOqwzzX4e8Uh+/KeiLv5S0nx9sn9r1EaP9pe9YrHvf7zy6oIHqnPJNcW/DtLjv31h/68r0f1nkq/XdkatNnphfOV1XPnl4yW/06yk/5ddPu3/Xcnr2Zr1D2/lB+q9oYmJCwMRXcnLWZmuomz2+ODcq5X5snwa/5HDjcf/nuI5aQX/j4i0Ex+KiPsi4v6i7Q9ExIMRcbhJ/N8+/9DbTeJPIomWHv+Rhu9/t/p/TzJ/vX4VierZb75aasV8ecf/eExl77W57P3vNpbbwDXuPgAAALgnVCJiZySVvjzduzMqlb6+/H/498b2Sm1sfOKxU2Pvnh/JrxHoic5Keaare9750IFkqnjFPD9YnCsutx8rzht/Wt2W5fuGx2ojLY4d2t2OheM/yvGf+q3a6tYBG871WtC+6sd/pUXtAO685Xz++y4Am1OD8b+tFe0A7jzf/6F9NRr/l+vy5v+wOXUsSvza4CfrgM3I/B/al/EP7cv4h7a0luv6V58oLxZY/etsXfYV/psmcbl5mfIXLzayGdti7pGo3B27pWHi7+LnLe+W9qw5kY6YBY9EJLGhlc79hgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC97J8AAAD//wHu668=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@userxattr}]})
r0 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x8000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2b2, &(0x7f0000000880)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj")
r1 = inotify_init()
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYRES64=r2, @ANYRESOCT=r2, @ANYRESOCT=r1, @ANYBLOB="7e4e8ccdc9997f7ae6cec94c05", @ANYRES16=r4, @ANYRES8=r2, @ANYRESOCT=r4, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
socket$packet(0x11, 0x3, 0x300)
inotify_add_watch(r1, &(0x7f00000001c0)='.\x00', 0x4000423)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

5.536340963s ago: executing program 7 (id=1423):
socket$inet6(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
pread64(r0, 0x0, 0x0, 0xce2)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3.138671721s ago: executing program 3 (id=1425):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="180300000000000000000000001000008510000006000000180000000000000000000000000000006500000000000000180000000000000000000000000000009500000000000000540300000000000095000000000000006ddc6e56dbddca554b71aba2ac03bdf11516b2"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[], 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16, @ANYBLOB="050002000000000000002e00000008000300", @ANYRES32, @ANYBLOB="0a00340002020202020200000a00060008021100000000000400440028000d01"], 0x68}}, 0x0)

3.060304642s ago: executing program 6 (id=1426):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56f41, 0x1070b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {0x8, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2.743356997s ago: executing program 3 (id=1427):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x13, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0xffffff95, 0x0, 0xffffffffffffffff, 0xd}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0x10, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf337cfe74a419c9", 0x0, 0xc698, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.424502222s ago: executing program 3 (id=1428):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

2.292208914s ago: executing program 3 (id=1429):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
socketpair(0x11, 0x3, 0x300, &(0x7f0000000000))

2.230831765s ago: executing program 6 (id=1430):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
unlink(&(0x7f00000007c0)='./cgroup\x00')

2.152203866s ago: executing program 0 (id=1431):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x1c, 0x20000000000000bb, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r0}, 0xc)

2.138197487s ago: executing program 3 (id=1432):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

2.098859657s ago: executing program 6 (id=1433):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='fdb_delete\x00'}, 0x18)
ioctl$TUNGETVNETLE(r0, 0x40047451, &(0x7f0000000180))

2.037313318s ago: executing program 0 (id=1434):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x3, &(0x7f00000001c0)=[{0x25, 0x0, 0x2, 0x80ffffff}, {}, {0x6}]})

1.871147581s ago: executing program 3 (id=1435):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x55, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfd, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef43c000000e3bd6efb440009000e000a0010000000ba8000001201", 0x2e}], 0x1}, 0x0)

1.856880171s ago: executing program 0 (id=1436):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, 0x0, 0x0)

1.804161882s ago: executing program 6 (id=1437):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000002c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
socketpair$unix(0x1, 0x5, 0x0, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce2266"], 0x8e)

1.803564722s ago: executing program 7 (id=1438):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002180), 0xa0002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000040)=@gcm_128={{0x304}, "e1cacdf40bcf5620", "6b05ca9767ffd4cbdb0ad962f824fdf9", "82586325", "90f8478e11467cf3"}, 0x28)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x262)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r4, 0xc018620c, &(0x7f0000000380))
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_open_dev$MSR(0x0, 0x1, 0x0)
syz_clone(0x10000000, 0x0, 0x0, 0x0, &(0x7f0000000500), &(0x7f0000000540)="d510041de49c905352b4f52cdfb1d6530e44b4ce339ffca92d2b45d70455d41b6c7840aa4d76608b06cbedef3801255949968d0ae1fae4a748c4fa57265fccbb6119982b2fdc89978efeb466fc89c42b27f59ac1a9fde7")
getpgrp(0x0)

1.601496765s ago: executing program 0 (id=1439):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000070000002800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c00)={{r0}, &(0x7f0000000b80), &(0x7f0000000bc0)='%pB    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

1.552122146s ago: executing program 8 (id=1440):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28)

1.411959498s ago: executing program 7 (id=1441):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/diskstats\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000a80)={0x2020}, 0x2020)

1.3126076s ago: executing program 0 (id=1442):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56f41, 0x1070b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {0x8, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.27998573s ago: executing program 8 (id=1443):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000980)='kfree_skb\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000580)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@id={0x1e, 0x3, 0x3, {0x4e20, 0x3}}, 0x10, 0x0}, 0x0)

1.143487472s ago: executing program 8 (id=1444):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xa000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

932.091345ms ago: executing program 8 (id=1445):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000640)='fib6_table_lookup\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1ff8d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002706870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a83984e68a6d80a5f5222ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0007000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1f6428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000a034000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1ebbb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa5210b16eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f086dd47e0ffff00122c00631177fbac141416e000030a44079f034d2f87e589ca6aab845013f2325f1a3911050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x7000002}, 0x2c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x18)
syz_clone(0x40089000, 0x0, 0x0, 0x0, 0x0, 0x0)

85.759619ms ago: executing program 7 (id=1446):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
close(r0)
close(r1)

0s ago: executing program 7 (id=1447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

kernel console output (not intermixed with test programs):

469][ T7423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  446.716479][ T7423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.738574][ T7423] batman_adv: batadv0: Interface activated: batadv_slave_1
[  446.847520][ T4579] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  446.855779][ T4579] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  446.866542][ T4579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  447.506856][ T7423] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  447.516698][ T7423] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  447.525465][ T7423] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  447.535090][ T7423] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  447.559411][ T4579] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  447.567564][ T4579] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  447.621053][ T4311] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  447.639164][ T4311] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.186542][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  448.219827][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  448.267945][ T4355] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.323017][ T4355] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.504799][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  448.536913][ T4583] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.555861][ T4583] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.644538][ T4417] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  448.712748][ T4355] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.730954][ T4355] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.996799][ T7667] loop8: detected capacity change from 0 to 32768
[  449.000976][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  449.656640][   T26] audit: type=1800 audit(1753284001.194:23): pid=7674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.814" name="file1" dev="loop8" ino=4 res=0 errno=0
[  449.980139][ T7676] loop9: detected capacity change from 0 to 1024
[  450.301826][ T7676] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  451.450923][ T4570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  451.465291][ T7693] netlink: 180 bytes leftover after parsing attributes in process `syz.6.807'.
[  451.552035][ T4570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  451.564594][ T4603] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  451.585605][ T7426] EXT4-fs (loop9): unmounting filesystem.
[  452.640939][ T7706] loop6: detected capacity change from 0 to 512
[  452.815612][ T7706] EXT4-fs error (device loop6): ext4_do_update_inode:5254: inode #3: comm syz.6.821: corrupted inode contents
[  452.827971][ T7706] EXT4-fs error (device loop6): ext4_dirty_inode:6119: inode #3: comm syz.6.821: mark_inode_dirty error
[  452.850631][ T7706] EXT4-fs error (device loop6): ext4_do_update_inode:5254: inode #3: comm syz.6.821: corrupted inode contents
[  452.910466][ T7706] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #3: comm syz.6.821: mark_inode_dirty error
[  452.940766][ T7706] Quota error (device loop6): write_blk: dquota write failed
[  452.958528][ T7706] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  452.969839][ T7706] EXT4-fs error (device loop6): ext4_acquire_dquot:6814: comm syz.6.821: Failed to acquire dquot type 0
[  452.986867][ T7706] EXT4-fs (loop6): 1 orphan inode deleted
[  452.992819][ T7706] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  453.091188][ T4600] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  453.109274][ T4600] EXT4-fs error (device loop6): ext4_release_dquot:6850: comm kworker/u4:30: Failed to release dquot type 1
[  453.140311][ T7706] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  453.389065][ T7727] binder: 7712:7727 ioctl 4018620d 0 returned -22
[  453.405289][ T7727] binder: 7712:7727 ioctl c018620c 200000000380 returned -1
[  454.154831][ T7731] loop7: detected capacity change from 0 to 512
[  454.258576][ T7731] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  454.304411][ T7731] UDF-fs: error (device loop7): udf_read_inode: (ino 19) failed ident=264
[  455.040009][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  455.137558][ T7752] xt_bpf: check failed: parse error
[  455.447879][ T7756] loop9: detected capacity change from 0 to 256
[  455.508969][ T7763] vivid-004: =================  START STATUS  =================
[  455.517090][ T7763] vivid-004: Radio HW Seek Mode: Bounded
[  455.522916][ T7763] vivid-004: Radio Programmable HW Seek: false
[  455.529734][ T7763] vivid-004: RDS Rx I/O Mode: Block I/O
[  455.535739][ T7763] vivid-004: Generate RBDS Instead of RDS: false
[  455.542526][ T7763] vivid-004: RDS Reception: true
[  455.548163][ T7763] vivid-004: RDS Program Type: 0 inactive
[  455.554501][ T7763] vivid-004: RDS PS Name:  inactive
[  455.591455][ T7763] vivid-004: RDS Radio Text:  inactive
[  455.597823][ T7763] vivid-004: RDS Traffic Announcement: false inactive
[  455.605406][ T7763] vivid-004: RDS Traffic Program: false inactive
[  455.612520][ T7763] vivid-004: RDS Music: false inactive
[  455.618799][ T7763] vivid-004: ==================  END STATUS  ==================
[  456.499793][ T7756] exfat: Deprecated parameter 'namecase'
[  456.695511][ T7756] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  456.731641][ T7772] loop6: detected capacity change from 0 to 2048
[  458.383299][ T7772] EXT4-fs warning (device loop6): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop6.
[  458.894215][ T7780] netlink: 28 bytes leftover after parsing attributes in process `syz.8.833'.
[  458.986444][ T7780] block device autoloading is deprecated and will be removed.
[  459.649784][ T7787] loop7: detected capacity change from 0 to 256
[  459.656961][ T7787] exfat: Unknown parameter 'fsmagic'
[  460.910177][ T7785] device veth1_macvtap left promiscuous mode
[  460.945289][ T7785] device macsec0 entered promiscuous mode
[  463.209893][ T7829] loop8: detected capacity change from 0 to 512
[  463.284947][ T7829] EXT4-fs error (device loop8): ext4_do_update_inode:5254: inode #3: comm syz.8.844: corrupted inode contents
[  463.297989][ T7829] EXT4-fs error (device loop8): ext4_dirty_inode:6119: inode #3: comm syz.8.844: mark_inode_dirty error
[  463.315619][ T7829] EXT4-fs error (device loop8): ext4_do_update_inode:5254: inode #3: comm syz.8.844: corrupted inode contents
[  463.327752][ T7829] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #3: comm syz.8.844: mark_inode_dirty error
[  463.340962][ T7829] Quota error (device loop8): write_blk: dquota write failed
[  463.348448][ T7829] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  463.359311][ T7829] EXT4-fs error (device loop8): ext4_acquire_dquot:6814: comm syz.8.844: Failed to acquire dquot type 0
[  463.379970][ T7829] EXT4-fs (loop8): 1 orphan inode deleted
[  463.385813][ T7829] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  463.396350][ T4583] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  463.406453][ T7829] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  463.437504][ T7830] loop7: detected capacity change from 0 to 256
[  463.486003][ T4583] EXT4-fs error (device loop8): ext4_release_dquot:6850: comm kworker/u4:22: Failed to release dquot type 1
[  463.531932][ T7830] exfat: Deprecated parameter 'namecase'
[  463.591693][ T7830] exfat: Bad value for 'allow_utime'
[  466.434326][ T7854] loop6: detected capacity change from 0 to 512
[  466.451186][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  466.467613][ T7854] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  467.133604][ T7854] EXT4-fs (loop6): 1 truncate cleaned up
[  467.159560][ T7854] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  467.631851][ T7873] binder: 7862:7873 ioctl 4018620d 0 returned -22
[  467.644078][ T7873] binder: 7862:7873 ioctl c018620c 200000000380 returned -1
[  467.725594][ T7872] input: syz1 as /devices/virtual/input/input16
[  467.817096][ T7881] loop9: detected capacity change from 0 to 512
[  467.827501][ T7875] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  467.865095][ T7882] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  467.899348][ T7881] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256
[  467.916046][ T7881] UDF-fs: error (device loop9): udf_read_inode: (ino 19) failed ident=264
[  468.736044][ T7876] loop7: detected capacity change from 0 to 512
[  468.860147][ T7876] EXT4-fs: Ignoring removed mblk_io_submit option
[  468.887996][ T7876] EXT4-fs: Ignoring removed bh option
[  468.918771][ T7876] EXT4-fs (loop7): Test dummy encryption mode enabled
[  468.950663][ T7876] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  469.088537][ T7876] EXT4-fs (loop7): 1 truncate cleaned up
[  469.140049][ T7876] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  469.426745][ T7870] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  470.588191][ T7912] vivid-003: =================  START STATUS  =================
[  470.595994][ T7912] vivid-003: Radio HW Seek Mode: Bounded
[  470.601786][ T7912] vivid-003: Radio Programmable HW Seek: false
[  470.608030][ T7912] vivid-003: RDS Rx I/O Mode: Block I/O
[  470.613945][ T7912] vivid-003: Generate RBDS Instead of RDS: false
[  470.620805][ T7912] vivid-003: RDS Reception: true
[  470.626060][ T7912] vivid-003: RDS Program Type: 0 inactive
[  470.632032][ T7912] vivid-003: RDS PS Name:  inactive
[  470.637338][ T7912] vivid-003: RDS Radio Text:  inactive
[  470.649022][ T7912] vivid-003: RDS Traffic Announcement: false inactive
[  470.656034][ T7912] vivid-003: RDS Traffic Program: false inactive
[  470.662544][ T7912] vivid-003: RDS Music: false inactive
[  470.668133][ T7912] vivid-003: ==================  END STATUS  ==================
[  471.421087][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  471.549401][ T4398] device hsr_slave_0 left promiscuous mode
[  471.580512][ T4398] device hsr_slave_1 left promiscuous mode
[  471.611944][ T4398] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  471.640087][ T4398] batman_adv: batadv0: Removing interface: batadv_slave_0
[  472.671611][ T4398] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.694147][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  472.725303][ T4398] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.746700][ T7927] loop7: detected capacity change from 0 to 512
[  472.763501][ T4398] device bridge_slave_1 left promiscuous mode
[  472.845357][ T7929] loop5: detected capacity change from 0 to 128
[  474.137254][ T7927] EXT4-fs: inline encryption not supported
[  474.566562][ T4398] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.679005][ T7927] EXT4-fs: Ignoring removed mblk_io_submit option
[  474.758784][ T7927] EXT4-fs (loop7): Test dummy encryption mode enabled
[  475.518794][ T7927] EXT4-fs (loop7): orphan cleanup on readonly fs
[  475.602627][ T4398] device bridge_slave_0 left promiscuous mode
[  475.637077][ T7927] EXT4-fs error (device loop7): ext4_orphan_get:1400: comm syz.7.860: inode #13: comm syz.7.860: iget: illegal inode #
[  475.681817][ T4398] bridge0: port 1(bridge_slave_0) entered disabled state
[  475.818008][ T7927] EXT4-fs (loop7): Remounting filesystem read-only
[  475.863834][ T7927] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.860: couldn't read orphan inode 13 (err -117)
[  475.897963][ T4398] device hsr_slave_0 left promiscuous mode
[  475.905637][ T7927] EXT4-fs (loop7): Remounting filesystem read-only
[  475.932135][ T7927] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  475.943620][ T4398] device hsr_slave_1 left promiscuous mode
[  475.977997][ T4398] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  475.993215][ T4398] batman_adv: batadv0: Removing interface: batadv_slave_0
[  476.067462][ T4398] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.117962][ T7945] input: syz1 as /devices/virtual/input/input17
[  476.124762][ T4398] batman_adv: batadv0: Removing interface: batadv_slave_1
[  476.137299][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  476.217846][ T4398] device bridge_slave_1 left promiscuous mode
[  476.241643][ T7945] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  476.264509][ T4398] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.335419][ T4398] device bridge_slave_0 left promiscuous mode
[  476.379016][ T4398] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.454755][ T7950] loop7: detected capacity change from 0 to 16
[  476.471965][ T7950] erofs: (device loop7): z_erofs_load_lz4_config: invalid lz4 cfgs, size=4
[  476.501526][ T4398] device hsr_slave_0 left promiscuous mode
[  476.548580][ T4398] device hsr_slave_1 left promiscuous mode
[  476.580560][ T4398] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  476.625683][ T4398] batman_adv: batadv0: Removing interface: batadv_slave_0
[  476.670017][ T4398] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.684841][ T7952] loop7: detected capacity change from 0 to 1024
[  476.687999][ T4398] batman_adv: batadv0: Removing interface: batadv_slave_1
[  476.704432][ T4398] device bridge_slave_1 left promiscuous mode
[  476.712933][ T4398] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.740389][ T4398] device bridge_slave_0 left promiscuous mode
[  476.747341][ T4398] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.776313][ T7952] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  476.850110][ T4398] device hsr_slave_0 left promiscuous mode
[  476.893221][ T4398] device hsr_slave_1 left promiscuous mode
[  476.944541][ T4398] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  476.963261][ T4398] batman_adv: batadv0: Removing interface: batadv_slave_0
[  477.009976][ T4398] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  477.041598][ T4398] batman_adv: batadv0: Removing interface: batadv_slave_1
[  477.044989][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  477.068367][ T4398] device bridge_slave_1 left promiscuous mode
[  477.087990][ T4398] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.141973][ T4398] device bridge_slave_0 left promiscuous mode
[  477.148191][ T4398] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.446577][ T4398] device veth1_macvtap left promiscuous mode
[  477.498338][ T4398] device veth0_macvtap left promiscuous mode
[  477.512078][ T4762] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  477.846111][ T4398] device veth1_vlan left promiscuous mode
[  478.051015][ T4272] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  478.057710][ T4276] Bluetooth: hci0: command 0x1003 tx timeout
[  479.135271][ T4398] device veth0_vlan left promiscuous mode
[  479.319144][ T4762] usb 8-1: Using ep0 maxpacket: 8
[  479.335351][ T4762] usb 8-1: config 0 has an invalid interface number: 31 but max is 0
[  479.345441][ T4762] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  479.357212][ T4762] usb 8-1: config 0 has no interface number 0
[  479.999206][ T7964] vivid-000: =================  START STATUS  =================
[  480.006892][ T7964] vivid-000: Radio HW Seek Mode: Bounded
[  480.012614][ T7964] vivid-000: Radio Programmable HW Seek: false
[  480.018754][ T7964] vivid-000: RDS Rx I/O Mode: Block I/O
[  480.024342][ T7964] vivid-000: Generate RBDS Instead of RDS: false
[  480.030692][ T7964] vivid-000: RDS Reception: true
[  480.035619][ T7964] vivid-000: RDS Program Type: 0 inactive
[  480.041805][ T7964] vivid-000: RDS PS Name:  inactive
[  480.047001][ T7964] vivid-000: RDS Radio Text:  inactive
[  480.052507][ T7964] vivid-000: RDS Traffic Announcement: false inactive
[  480.059283][ T7964] vivid-000: RDS Traffic Program: false inactive
[  480.065597][ T7964] vivid-000: RDS Music: false inactive
[  480.071084][ T7964] vivid-000: ==================  END STATUS  ==================
[  480.107239][ T4398] device veth1_macvtap left promiscuous mode
[  480.114555][ T4398] device veth0_macvtap left promiscuous mode
[  480.120871][ T4762] usb 8-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  480.123927][ T4398] device veth1_vlan left promiscuous mode
[  480.137178][ T4398] device veth0_vlan left promiscuous mode
[  480.580005][ T4762] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  480.588178][ T4762] usb 8-1: Product: syz
[  480.653508][ T4762] usb 8-1: Manufacturer: syz
[  480.683361][ T4762] usb 8-1: SerialNumber: syz
[  480.710037][ T4762] usb 8-1: config 0 descriptor??
[  480.732749][ T4762] usb 8-1: can't set config #0, error -71
[  480.759521][ T4762] usb 8-1: USB disconnect, device number 2
[  480.805811][ T4398] device veth1_macvtap left promiscuous mode
[  480.814387][ T4398] device veth0_macvtap left promiscuous mode
[  480.830652][ T4398] device veth1_vlan left promiscuous mode
[  480.837163][ T4398] device veth0_vlan left promiscuous mode
[  480.861084][ T4398] device veth1_macvtap left promiscuous mode
[  480.877587][ T4398] device veth0_macvtap left promiscuous mode
[  480.883848][ T4398] device veth1_vlan left promiscuous mode
[  480.889837][ T4398] device veth0_vlan left promiscuous mode
[  481.064400][ T7982] binder: 7973:7982 ioctl 4018620d 0 returned -22
[  481.076452][ T7982] binder: 7973:7982 ioctl c018620c 200000000380 returned -1
[  481.973967][ T7988] loop9: detected capacity change from 0 to 512
[  481.990225][ T7988] EXT4-fs: inline encryption not supported
[  481.996543][ T7988] EXT4-fs: Ignoring removed mblk_io_submit option
[  482.009354][ T7629] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[  482.064950][ T7988] EXT4-fs (loop9): Test dummy encryption mode enabled
[  482.101468][ T7988] EXT4-fs (loop9): orphan cleanup on readonly fs
[  482.119174][ T7988] EXT4-fs error (device loop9): ext4_orphan_get:1400: comm syz.9.875: inode #13: comm syz.9.875: iget: illegal inode #
[  482.169761][ T7988] EXT4-fs (loop9): Remounting filesystem read-only
[  482.176328][ T7988] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.875: couldn't read orphan inode 13 (err -117)
[  482.220904][ T7629] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  482.229662][ T7988] EXT4-fs (loop9): Remounting filesystem read-only
[  482.252004][ T7988] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  482.254188][ T7629] usb 8-1: New USB device found, idVendor=16c0, idProduct=05e1, bcdDevice= 0.00
[  482.298328][ T7629] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.322808][ T7629] usb 8-1: config 0 descriptor??
[  483.149518][ T7426] EXT4-fs (loop9): unmounting filesystem.
[  484.131327][ T7629] usbhid 8-1:0.0: can't add hid device: -71
[  484.140606][ T7629] usbhid: probe of 8-1:0.0 failed with error -71
[  484.169581][ T7629] usb 8-1: USB disconnect, device number 3
[  484.459363][ T4398] team0 (unregistering): Port device team_slave_1 removed
[  484.549426][ T4398] team0 (unregistering): Port device team_slave_0 removed
[  484.660050][ T4398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  484.739139][ T4398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  485.943823][ T8011] loop7: detected capacity change from 0 to 256
[  486.031958][ T8011] FAT-fs (loop7): Directory bread(block 64) failed
[  486.038983][ T8011] FAT-fs (loop7): Directory bread(block 65) failed
[  486.046474][ T8011] FAT-fs (loop7): Directory bread(block 66) failed
[  486.053934][ T8011] FAT-fs (loop7): Directory bread(block 67) failed
[  486.060948][ T8011] FAT-fs (loop7): Directory bread(block 68) failed
[  486.067582][ T8011] FAT-fs (loop7): Directory bread(block 69) failed
[  486.076791][ T8011] FAT-fs (loop7): Directory bread(block 70) failed
[  486.085166][ T8011] FAT-fs (loop7): Directory bread(block 71) failed
[  486.092103][ T8011] FAT-fs (loop7): Directory bread(block 72) failed
[  486.100068][ T8011] FAT-fs (loop7): Directory bread(block 73) failed
[  487.087474][ T4398] bond0 (unregistering): Released all slaves
[  487.293604][ T8021] input: syz1 as /devices/virtual/input/input19
[  488.004371][ T8023] loop8: detected capacity change from 0 to 32768
[  488.020843][ T4398] team0 (unregistering): Port device team_slave_1 removed
[  488.204554][ T8024] overlayfs: filesystem on './file1' not supported
[  488.231977][   T26] audit: type=1800 audit(1753284039.774:24): pid=8024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.886" name="bus" dev="loop8" ino=65 res=0 errno=0
[  488.408968][ T4398] team0 (unregistering): Port device team_slave_0 removed
[  488.565300][ T4398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  488.677933][ T8029] netlink: 180 bytes leftover after parsing attributes in process `syz.8.887'.
[  488.874415][ T4398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  490.010756][ T4398] bond0 (unregistering): Released all slaves
[  490.737123][ T8033] loop7: detected capacity change from 0 to 512
[  490.756358][ T8033] EXT4-fs (loop7): can't mount with data_err=abort, fs mounted w/o journal
[  490.826931][ T4398] team0 (unregistering): Port device team_slave_1 removed
[  490.876029][ T4398] team0 (unregistering): Port device team_slave_0 removed
[  490.918863][ T4398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  490.961577][ T4398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  491.059216][ T7628] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  491.254578][ T7628] usb 8-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  491.272492][ T7628] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.281008][ T7628] usb 8-1: Product: syz
[  491.285183][ T7628] usb 8-1: Manufacturer: syz
[  491.290413][ T7628] usb 8-1: SerialNumber: syz
[  491.316911][ T7628] r8152-cfgselector 8-1: config 0 descriptor??
[  491.530855][ T8033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  491.555038][ T8033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  491.576293][ T8033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  491.594768][ T8033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  491.692250][ T4398] bond0 (unregistering): Released all slaves
[  491.805052][ T8033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  491.819335][ T8033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  491.830620][ T8033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  491.839561][ T8033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  492.233321][ T7628] r8152-cfgselector 8-1: Unknown version 0x0000
[  492.239951][ T7628] r8152-cfgselector 8-1: bad CDC descriptors
[  492.260509][ T7628] r8152-cfgselector 8-1: Unknown version 0x0000
[  492.275896][ T7628] r8152-cfgselector 8-1: USB disconnect, device number 4
[  492.343215][ T4398] team0 (unregistering): Port device team_slave_1 removed
[  492.396136][ T4398] team0 (unregistering): Port device team_slave_0 removed
[  492.441152][ T4398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  492.489459][ T4398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  492.917726][ T4398] team0 (unregistering): Port device bond0 removed
[  493.227337][ T4398] bond0 (unregistering): Released all slaves
[  493.250076][ T4272] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  493.281090][ T4272] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  493.290052][ T4272] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  493.298718][ T4272] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  493.318531][ T4272] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  493.326476][ T4272] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  493.395726][ T7994] netlink: 40 bytes leftover after parsing attributes in process `syz.6.876'.
[  494.060099][ T8002] netlink: 24 bytes leftover after parsing attributes in process `syz.9.878'.
[  494.432247][ T8052] fuse: Bad value for 'user_id'
[  494.573524][ T8052] Process accounting resumed
[  494.945292][ T8040] chnl_net:caif_netlink_parms(): no params data found
[  495.242885][ T8040] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.256037][ T8040] bridge0: port 1(bridge_slave_0) entered disabled state
[  495.280790][ T8040] device bridge_slave_0 entered promiscuous mode
[  495.311429][ T8040] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.349705][ T8040] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.354541][ T8081] loop7: detected capacity change from 0 to 512
[  495.357842][ T8040] device bridge_slave_1 entered promiscuous mode
[  495.394736][ T8081] EXT4-fs: Ignoring removed mblk_io_submit option
[  495.429325][ T4276] Bluetooth: hci0: command 0x0409 tx timeout
[  495.456627][ T8081] EXT4-fs: Ignoring removed bh option
[  495.463930][ T8084] loop6: detected capacity change from 0 to 128
[  495.469209][ T8081] EXT4-fs: quotafile must be on filesystem root
[  495.727444][ T8084] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  495.763313][ T8084] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  497.503226][ T4276] Bluetooth: hci0: command 0x041b tx timeout
[  497.685191][ T8040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  497.802698][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  497.859443][ T8040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  497.917181][ T8105] netlink: 180 bytes leftover after parsing attributes in process `syz.9.903'.
[  498.266176][ T8040] team0: Port device team_slave_0 added
[  498.275874][ T8040] team0: Port device team_slave_1 added
[  498.382607][ T8115] fuse: Bad value for 'user_id'
[  498.389629][ T8115] Process accounting resumed
[  498.416175][ T8040] batman_adv: batadv0: Adding interface: batadv_slave_0
[  498.431693][ T8040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  498.458410][ T8040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  498.480577][ T8040] batman_adv: batadv0: Adding interface: batadv_slave_1
[  498.490263][ T8040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  498.566485][ T8040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  498.599886][ T8112] netlink: 40 bytes leftover after parsing attributes in process `syz.6.905'.
[  498.878887][ T8040] device hsr_slave_0 entered promiscuous mode
[  498.900416][ T8040] device hsr_slave_1 entered promiscuous mode
[  499.103338][ T8133] vivid-001: =================  START STATUS  =================
[  499.111187][ T8133] vivid-001: Radio HW Seek Mode: Bounded
[  499.117008][ T8133] vivid-001: Radio Programmable HW Seek: false
[  499.123499][ T8133] vivid-001: RDS Rx I/O Mode: Block I/O
[  499.129160][ T8133] vivid-001: Generate RBDS Instead of RDS: false
[  499.135833][ T8133] vivid-001: RDS Reception: true
[  499.141072][ T8133] vivid-001: RDS Program Type: 0 inactive
[  499.146944][ T8133] vivid-001: RDS PS Name:  inactive
[  499.152324][ T8133] vivid-001: RDS Radio Text:  inactive
[  499.163406][ T8133] vivid-001: RDS Traffic Announcement: false inactive
[  499.170498][ T8133] vivid-001: RDS Traffic Program: false inactive
[  499.176872][ T8133] vivid-001: RDS Music: false inactive
[  499.182565][ T8133] vivid-001: ==================  END STATUS  ==================
[  499.569303][ T4276] Bluetooth: hci0: command 0x040f tx timeout
[  499.930485][ T8136] loop7: detected capacity change from 0 to 2048
[  500.046811][ T8136] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  500.079403][ T8136] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  500.626445][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  501.401795][ T8163] fuse: Bad value for 'user_id'
[  501.429365][ T8163] Process accounting resumed
[  501.434997][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  501.441343][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  501.650542][ T4276] Bluetooth: hci0: command 0x0419 tx timeout
[  502.897785][ T8158] loop9: detected capacity change from 0 to 8192
[  503.002573][ T8158] FAT-fs (loop9): bogus number of directory entries (9)
[  503.139398][ T8158] FAT-fs (loop9): Can't find a valid FAT filesystem
[  503.569692][ T8195] loop8: detected capacity change from 0 to 512
[  503.640298][ T8188] netlink: 40 bytes leftover after parsing attributes in process `syz.6.921'.
[  503.700372][ T8195] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  503.751847][ T8040] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  503.782021][ T8195] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  503.814377][ T8040] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  503.816676][ T8208] loop9: detected capacity change from 0 to 512
[  504.523439][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  504.621755][ T8217] fuse: Bad value for 'fd'
[  504.629016][ T8217] Process accounting resumed
[  504.685760][ T4596] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  504.715254][ T8208] EXT4-fs error (device loop9): ext4_do_update_inode:5254: inode #3: comm syz.9.924: corrupted inode contents
[  504.755222][ T8040] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  504.795283][ T8208] EXT4-fs error (device loop9): ext4_dirty_inode:6119: inode #3: comm syz.9.924: mark_inode_dirty error
[  504.808962][ T8208] EXT4-fs error (device loop9): ext4_do_update_inode:5254: inode #3: comm syz.9.924: corrupted inode contents
[  504.829844][ T8208] EXT4-fs error (device loop9): __ext4_ext_dirty:202: inode #3: comm syz.9.924: mark_inode_dirty error
[  504.897428][ T8040] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  505.094693][ T4596] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  505.206559][ T8208] Quota error (device loop9): write_blk: dquota write failed
[  505.432600][ T8208] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  505.577753][ T8208] EXT4-fs error (device loop9): ext4_acquire_dquot:6814: comm syz.9.924: Failed to acquire dquot type 0
[  505.639253][ T8208] EXT4-fs (loop9): 1 orphan inode deleted
[  505.655541][ T4579] Quota error (device loop9): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  505.675748][ T4579] EXT4-fs error (device loop9): ext4_release_dquot:6850: comm kworker/u4:20: Failed to release dquot type 1
[  505.729432][ T8208] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  505.751114][ T4596] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  505.773572][ T8208] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  506.065519][ T4596] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.449349][ T8040] 8021q: adding VLAN 0 to HW filter on device bond0
[  506.497711][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  506.507290][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  506.520117][ T8040] 8021q: adding VLAN 0 to HW filter on device team0
[  506.607649][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  506.635936][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  506.651558][ T4583] bridge0: port 1(bridge_slave_0) entered blocking state
[  506.658706][ T4583] bridge0: port 1(bridge_slave_0) entered forwarding state
[  506.686871][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  506.708337][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  506.716836][ T8224] loop6: detected capacity change from 0 to 32768
[  506.728034][ T4583] bridge0: port 2(bridge_slave_1) entered blocking state
[  506.735255][ T4583] bridge0: port 2(bridge_slave_1) entered forwarding state
[  506.831489][ T8242] overlayfs: filesystem on './file1' not supported
[  506.874799][ T8241] loop8: detected capacity change from 0 to 512
[  506.894681][   T26] audit: type=1800 audit(1753284058.434:25): pid=8243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.929" name="bus" dev="loop6" ino=65 res=0 errno=0
[  507.060113][ T8241] EXT4-fs: Ignoring removed mblk_io_submit option
[  507.133932][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  507.167424][ T8241] EXT4-fs: Ignoring removed bh option
[  507.178029][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  507.188953][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  507.207333][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  507.218751][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  507.227879][ T8241] EXT4-fs: quotafile must be on filesystem root
[  507.262740][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  507.290868][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  507.327674][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  507.489927][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  507.549172][ T8247] bridge0: port 1(bridge_slave_0) entered disabled state
[  507.558248][ T8247] bridge0: port 2(bridge_slave_1) entered disabled state
[  507.644952][ T8254] syz.7.933[8254] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  507.645547][ T8254] syz.7.933[8254] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  508.910761][ T8040] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  509.218535][ T8264] loop6: detected capacity change from 0 to 512
[  509.343829][ T8264] EXT4-fs error (device loop6): ext4_do_update_inode:5254: inode #3: comm syz.6.935: corrupted inode contents
[  509.363858][ T8264] EXT4-fs error (device loop6): ext4_dirty_inode:6119: inode #3: comm syz.6.935: mark_inode_dirty error
[  509.382424][ T8264] EXT4-fs error (device loop6): ext4_do_update_inode:5254: inode #3: comm syz.6.935: corrupted inode contents
[  509.396515][ T8264] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #3: comm syz.6.935: mark_inode_dirty error
[  509.414140][ T8264] Quota error (device loop6): write_blk: dquota write failed
[  509.422071][ T8264] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  509.432854][ T8264] EXT4-fs error (device loop6): ext4_acquire_dquot:6814: comm syz.6.935: Failed to acquire dquot type 0
[  509.468982][ T8264] EXT4-fs (loop6): 1 orphan inode deleted
[  509.475057][ T8264] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  509.490141][ T8264] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  510.135294][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  510.167001][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  510.263201][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  510.570659][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  511.227034][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  511.281827][ T8276] netlink: 40 bytes leftover after parsing attributes in process `syz.7.937'.
[  511.492796][ T8286] vivid-002: =================  START STATUS  =================
[  511.500889][ T8286] vivid-002: Radio HW Seek Mode: Bounded
[  511.506673][ T8286] vivid-002: Radio Programmable HW Seek: false
[  511.513221][ T8286] vivid-002: RDS Rx I/O Mode: Block I/O
[  511.518908][ T8286] vivid-002: Generate RBDS Instead of RDS: false
[  511.525539][ T8286] vivid-002: RDS Reception: true
[  511.530664][ T8286] vivid-002: RDS Program Type: 0 inactive
[  511.536521][ T8286] vivid-002: RDS PS Name:  inactive
[  511.541919][ T8286] vivid-002: RDS Radio Text:  inactive
[  511.553864][ T8286] vivid-002: RDS Traffic Announcement: false inactive
[  511.560928][ T8286] vivid-002: RDS Traffic Program: false inactive
[  511.567404][ T8286] vivid-002: RDS Music: false inactive
[  511.573071][ T8286] vivid-002: ==================  END STATUS  ==================
[  513.520174][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  513.544440][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  514.138963][ T8040] 8021q: adding VLAN 0 to HW filter on device batadv0
[  514.438720][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  514.471644][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  514.505413][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  514.526198][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  514.552746][ T8040] device veth0_vlan entered promiscuous mode
[  514.639695][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  514.655061][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  514.693943][ T8040] device veth1_vlan entered promiscuous mode
[  514.903082][ T8311] loop8: detected capacity change from 0 to 512
[  514.907824][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  514.928239][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  514.944671][ T8311] EXT4-fs: Ignoring removed mblk_io_submit option
[  514.976409][ T8311] EXT4-fs: Ignoring removed bh option
[  514.997591][ T8311] EXT4-fs: quotafile must be on filesystem root
[  515.112587][ T8301] loop7: detected capacity change from 0 to 32768
[  515.243560][   T26] audit: type=1800 audit(1753284066.784:26): pid=8316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.941" name="file1" dev="loop7" ino=4 res=0 errno=0
[  515.312650][ T8040] device veth0_macvtap entered promiscuous mode
[  515.365964][ T8040] device veth1_macvtap entered promiscuous mode
[  515.522539][ T8303] loop6: detected capacity change from 0 to 32768
[  515.655779][ T8318] overlayfs: filesystem on './file1' not supported
[  515.713169][   T26] audit: type=1800 audit(1753284067.254:27): pid=8319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.942" name="bus" dev="loop6" ino=65 res=0 errno=0
[  516.271260][ T8325] loop8: detected capacity change from 0 to 512
[  516.288568][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  516.311344][ T8325] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  516.339394][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  516.468881][ T8327] loop7: detected capacity change from 0 to 512
[  516.482320][ T8327] EXT4-fs: Ignoring removed nobh option
[  516.591571][ T8327] EXT4-fs (loop7): Test dummy encryption mode enabled
[  516.819541][ T8327] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[  516.832430][ T8327] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.944: invalid indirect mapped block 2683928664 (level 1)
[  516.834695][ T8325] EXT4-fs (loop8): 1 truncate cleaned up
[  516.846547][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  516.863206][ T8327] EXT4-fs (loop7): 1 truncate cleaned up
[  516.868874][ T8327] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  516.917233][ T8325] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  516.936137][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  516.947126][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  516.957975][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  516.968059][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  516.996635][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  517.030109][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  517.048905][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  517.198050][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  517.208074][ T8040] batman_adv: batadv0: Interface activated: batadv_slave_0
[  517.262500][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  517.270255][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  517.278453][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  517.320592][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  517.359992][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  517.747786][ T8342] vivid-001: =================  START STATUS  =================
[  517.755704][ T8342] vivid-001: Radio HW Seek Mode: Bounded
[  517.761580][ T8342] vivid-001: Radio Programmable HW Seek: false
[  517.767926][ T8342] vivid-001: RDS Rx I/O Mode: Block I/O
[  517.773705][ T8342] vivid-001: Generate RBDS Instead of RDS: false
[  517.782731][ T8342] vivid-001: RDS Reception: true
[  517.787865][ T8342] vivid-001: RDS Program Type: 0 inactive
[  517.794166][ T8342] vivid-001: RDS PS Name:  inactive
[  517.816546][ T8342] vivid-001: RDS Radio Text:  inactive
[  517.822486][ T8342] vivid-001: RDS Traffic Announcement: false inactive
[  517.830615][ T8342] vivid-001: RDS Traffic Program: false inactive
[  517.838228][ T8342] vivid-001: RDS Music: false inactive
[  517.843993][ T8342] vivid-001: ==================  END STATUS  ==================
[  518.319672][ T4596] device hsr_slave_0 left promiscuous mode
[  518.326311][ T4596] device hsr_slave_1 left promiscuous mode
[  518.334387][ T4596] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  518.347078][ T4596] batman_adv: batadv0: Removing interface: batadv_slave_0
[  518.355140][ T4596] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  518.362713][ T4596] batman_adv: batadv0: Removing interface: batadv_slave_1
[  518.371704][ T4596] device bridge_slave_1 left promiscuous mode
[  518.377950][ T4596] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.387919][ T4596] device bridge_slave_0 left promiscuous mode
[  518.394514][ T4596] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.485235][ T4596] device veth1_macvtap left promiscuous mode
[  518.525453][ T4596] device veth0_macvtap left promiscuous mode
[  518.542043][ T4596] device veth1_vlan left promiscuous mode
[  518.568375][ T4596] device veth0_vlan left promiscuous mode
[  519.228691][ T4272] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  519.253433][ T4272] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  519.269429][ T4272] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  519.289682][ T4272] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  519.307695][ T4272] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  519.315523][ T4272] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  519.772399][ T8357] loop6: detected capacity change from 0 to 256
[  519.797077][ T8357] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  519.807870][ T8357] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  519.832717][ T8357] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  520.730683][ T4596] team0 (unregistering): Port device team_slave_1 removed
[  520.827957][ T4596] team0 (unregistering): Port device team_slave_0 removed
[  520.908051][ T4596] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  521.006137][ T4596] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  521.336793][ T4272] Bluetooth: hci2: command 0x0409 tx timeout
[  521.926265][ T4596] bond0 (unregistering): Released all slaves
[  522.071830][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.082551][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.092768][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.165932][ T8364] loop6: detected capacity change from 0 to 128
[  522.173252][ T8364] EXT4-fs: Ignoring removed nomblk_io_submit option
[  522.179922][ T8364] EXT4-fs: Ignoring removed nomblk_io_submit option
[  522.236429][ T8364] EXT4-fs (loop6): Test dummy encryption mode enabled
[  522.320780][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.386995][ T8364] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  522.396303][ T8364] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  522.550677][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.759332][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.829185][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.910090][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.996415][ T8040] batman_adv: batadv0: Interface activated: batadv_slave_1
[  523.059394][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  523.084109][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  523.114449][ T8348] netlink: 40 bytes leftover after parsing attributes in process `syz.8.950'.
[  523.386162][ T8376] loop8: detected capacity change from 0 to 512
[  523.409493][ T4272] Bluetooth: hci2: command 0x041b tx timeout
[  523.453754][ T8376] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  523.556007][ T8040] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  523.565989][ T8040] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  523.575258][ T8040] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  523.584794][ T8040] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  523.877587][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  523.986437][ T8201] EXT4-fs (loop9): unmounting filesystem.
[  524.255596][ T4588] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  524.304175][ T4588] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  524.408872][ T4588] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  524.417626][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  524.441802][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  524.455327][ T4588] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  524.466429][ T8392] fuse: Bad value for 'fd'
[  524.473969][ T8392] Process accounting resumed
[  524.648618][ T4579] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  524.844907][ T4272] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  525.131355][ T8352] chnl_net:caif_netlink_parms(): no params data found
[  525.489155][ T4272] Bluetooth: hci2: command 0x040f tx timeout
[  525.563266][ T4669] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  525.631498][ T8352] bridge0: port 1(bridge_slave_0) entered blocking state
[  525.648808][ T4669] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  525.655480][ T8352] bridge0: port 1(bridge_slave_0) entered disabled state
[  525.718981][ T8352] device bridge_slave_0 entered promiscuous mode
[  525.761897][ T8352] bridge0: port 2(bridge_slave_1) entered blocking state
[  525.784905][ T8352] bridge0: port 2(bridge_slave_1) entered disabled state
[  525.818815][ T8352] device bridge_slave_1 entered promiscuous mode
[  525.976769][ T4596] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  526.118009][ T4596] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  526.198173][ T8352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  526.276322][ T8352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  526.332163][ T4596] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  526.502300][ T4596] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  526.523931][ T8352] team0: Port device team_slave_0 added
[  526.535026][ T8431] netlink: 40 bytes leftover after parsing attributes in process `syz.8.964'.
[  526.570697][ T8352] team0: Port device team_slave_1 added
[  526.632606][ T8352] batman_adv: batadv0: Adding interface: batadv_slave_0
[  526.649913][ T8352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  526.725831][ T8352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  526.777280][ T8352] batman_adv: batadv0: Adding interface: batadv_slave_1
[  526.797317][ T8352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  526.939179][ T8352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  526.967243][ T8439] loop6: detected capacity change from 0 to 512
[  527.120639][ T8439] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  527.204091][ T8439] EXT4-fs (loop6): orphan cleanup on readonly fs
[  527.240501][ T8439] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:511: comm syz.6.965: Block bitmap for bg 0 marked uninitialized
[  528.830509][ T8450] loop3: detected capacity change from 0 to 40427
[  528.849342][ T4272] Bluetooth: hci2: command 0x0419 tx timeout
[  528.923423][ T8450] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  528.932080][ T8450] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  528.964311][ T8450] F2FS-fs (loop3): invalid crc value
[  529.159727][ T8450] F2FS-fs (loop3): Found nat_bits in checkpoint
[  529.167725][ T8439] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  529.188846][ T8439] EXT4-fs (loop6): 1 orphan inode deleted
[  529.266571][ T8450] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  529.273758][ T8450] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  529.419734][ T8439] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  529.622388][ T8352] device hsr_slave_0 entered promiscuous mode
[  529.635857][ T8439] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  529.688978][ T8352] device hsr_slave_1 entered promiscuous mode
[  529.716154][ T8439] EXT4-fs (loop6): re-mounted. Quota mode: none.
[  529.737713][ T8352] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  529.777413][ T8352] Cannot create hsr debugfs directory
[  530.020014][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  530.222297][ T8460] fuse: Bad value for 'fd'
[  530.235658][ T8460] Process accounting resumed
[  531.272442][ T8477] loop3: detected capacity change from 0 to 256
[  531.373566][ T8477] exfat: Deprecated parameter 'namecase'
[  531.387280][ T8477] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  531.478557][ T8480] loop8: detected capacity change from 0 to 256
[  531.486000][ T8480] FAT-fs (loop8): Unrecognized mount option "18446744073709551615���" or missing value
[  533.164036][ T8480] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  533.172868][ T8480] overlayfs: missing 'lowerdir'
[  533.179509][ T7624] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  534.818018][ T4276] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  535.127999][ T8511] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  535.146972][ T8511] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  535.310750][ T8513] fuse: Bad value for 'fd'
[  535.338405][ T8513] Process accounting resumed
[  535.595597][ T8352] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  535.652658][ T8352] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  535.934877][ T8523] input: syz1 as /devices/virtual/input/input21
[  536.512898][ T8352] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  536.543053][ T8352] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  537.124853][ T4596] device hsr_slave_0 left promiscuous mode
[  537.142651][ T4596] device hsr_slave_1 left promiscuous mode
[  537.169418][ T4596] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  537.176904][ T4596] batman_adv: batadv0: Removing interface: batadv_slave_0
[  537.216771][ T8539] loop8: detected capacity change from 0 to 1024
[  537.238589][ T4596] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  537.258467][ T4596] batman_adv: batadv0: Removing interface: batadv_slave_1
[  537.289913][ T4596] device bridge_slave_1 left promiscuous mode
[  537.296173][ T4596] bridge0: port 2(bridge_slave_1) entered disabled state
[  537.321174][ T4596] device bridge_slave_0 left promiscuous mode
[  537.337911][ T4596] bridge0: port 1(bridge_slave_0) entered disabled state
[  537.365390][ T8539] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  537.503282][   T26] audit: type=1800 audit(1753284089.044:28): pid=8539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.985" name="bus" dev="loop8" ino=18 res=0 errno=0
[  537.569762][ T4596] device veth1_macvtap left promiscuous mode
[  537.575880][ T4596] device veth0_macvtap left promiscuous mode
[  537.592344][ T4596] device veth1_vlan left promiscuous mode
[  537.598344][ T4596] device veth0_vlan left promiscuous mode
[  537.675609][ T8552] loop3: detected capacity change from 0 to 128
[  537.686206][ T8552] EXT4-fs: Ignoring removed nomblk_io_submit option
[  537.693475][ T8552] EXT4-fs: Ignoring removed nomblk_io_submit option
[  537.767142][ T8552] EXT4-fs (loop3): Test dummy encryption mode enabled
[  537.856094][ T8552] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  537.867687][ T8552] ext4 filesystem being mounted at /8/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  538.338527][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  539.984480][ T8567] fuse: Invalid rootmode
[  540.010973][ T8567] Process accounting resumed
[  540.062603][ T8040] EXT4-fs (loop3): unmounting filesystem.
[  540.196104][ T8573] loop6: detected capacity change from 0 to 256
[  540.810853][ T8572] loop8: detected capacity change from 0 to 512
[  540.972083][ T8572] EXT4-fs: Ignoring removed mblk_io_submit option
[  540.978667][ T8572] EXT4-fs: Ignoring removed bh option
[  541.079449][ T8572] EXT4-fs (loop8): Test dummy encryption mode enabled
[  541.137152][ T8572] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  541.223262][ T8572] EXT4-fs (loop8): 1 truncate cleaned up
[  541.424119][ T8572] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  541.963781][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  542.294408][ T8590] loop6: detected capacity change from 0 to 256
[  542.336949][ T8590] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  542.356078][ T8590] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  542.463075][ T8590] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  542.514482][ T8595] KVM: debugfs: duplicate directory 8595-5
[  542.736087][ T4596] team0 (unregistering): Port device team_slave_1 removed
[  542.838080][ T4596] team0 (unregistering): Port device team_slave_0 removed
[  542.918455][ T4596] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  543.092988][ T8609] fuse: Invalid rootmode
[  543.109908][ T4596] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  543.118680][ T8608] Process accounting resumed
[  544.692038][ T4596] bond0 (unregistering): Released all slaves
[  544.869447][ T8616] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  546.155551][ T8352] 8021q: adding VLAN 0 to HW filter on device bond0
[  546.164886][ T8633] loop8: detected capacity change from 0 to 128
[  546.172205][ T8633] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  546.335845][ T8633] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  546.494791][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  546.545397][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  546.576049][ T8633] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00000400)
[  546.627526][ T8352] 8021q: adding VLAN 0 to HW filter on device team0
[  546.689379][ T8633] FAT-fs (loop8): Filesystem has been set read-only
[  546.796454][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  546.826544][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  546.854574][ T4588] bridge0: port 1(bridge_slave_0) entered blocking state
[  546.861767][ T4588] bridge0: port 1(bridge_slave_0) entered forwarding state
[  546.900934][ T8644] loop6: detected capacity change from 0 to 512
[  546.918908][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  546.963510][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  546.994718][ T4588] bridge0: port 2(bridge_slave_1) entered blocking state
[  547.001847][ T4588] bridge0: port 2(bridge_slave_1) entered forwarding state
[  547.024972][ T8644] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  547.074581][ T8646] loop3: detected capacity change from 0 to 512
[  547.111259][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  547.126143][ T8644] UDF-fs: error (device loop6): udf_read_inode: (ino 19) failed ident=264
[  547.143356][ T8651] x_tables: duplicate underflow at hook 4
[  547.153512][ T8646] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  547.162722][ T8646] EXT4-fs (loop3): orphan cleanup on readonly fs
[  547.164798][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  547.174248][ T8646] EXT4-fs (loop3): 1 orphan inode deleted
[  547.183135][ T4398] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  547.216490][ T4398] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:8: Failed to release dquot type 1
[  547.236054][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  547.307279][ T8641] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  547.325288][ T8646] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  547.433122][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  547.458048][   T26] audit: type=1800 audit(1753284098.994:29): pid=8645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1007" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  547.458477][ T8645] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  547.488056][ T8645] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  547.498297][ T8645] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  547.543589][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  547.595282][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  547.630513][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  547.648950][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  547.683723][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  547.716476][ T8352] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  547.743315][ T8352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  547.771165][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  547.816349][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  547.855522][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  548.679463][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  548.686943][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  548.728894][ T8352] 8021q: adding VLAN 0 to HW filter on device batadv0
[  548.745372][ T8040] EXT4-fs (loop3): unmounting filesystem.
[  548.993438][ T4596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  549.002388][ T4596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  549.293034][ T4581] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  549.327810][ T4581] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  549.554533][ T8352] device veth0_vlan entered promiscuous mode
[  549.689264][ T4581] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  549.710397][ T4581] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  549.795435][ T8352] device veth1_vlan entered promiscuous mode
[  549.796326][ T8688] loop7: detected capacity change from 0 to 512
[  549.875073][ T8688] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  549.992609][ T4592] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  550.013592][ T4592] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  550.076228][ T4592] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  550.116688][ T4592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  550.137818][ T8352] device veth0_macvtap entered promiscuous mode
[  550.149826][ T8352] device veth1_macvtap entered promiscuous mode
[  550.313644][ T8352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  550.344642][ T8352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.383904][ T8352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  550.406904][ T8352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.436508][ T8352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  550.467389][ T8352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.487841][ T8352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  550.529407][ T8352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.562545][ T8352] batman_adv: batadv0: Interface activated: batadv_slave_0
[  550.782650][ T8708] overlayfs: failed to resolve './bus': -2
[  551.044236][ T8352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  551.117691][ T8352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.182053][ T8352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  551.252805][ T8352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.304889][ T8352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  551.330248][ T8352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.366151][ T8352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  551.466341][ T8715] loop8: detected capacity change from 0 to 512
[  551.476261][ T8715] EXT4-fs: Ignoring removed bh option
[  551.501908][ T8715] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  551.559252][ T8715] EXT4-fs (loop8): orphan cleanup on readonly fs
[  551.575728][ T8715] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1026: bg 0: block 248: padding at end of block bitmap is not set
[  551.602779][ T8715] Quota error (device loop8): write_blk: dquota write failed
[  551.610648][ T8715] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  551.621108][ T8715] EXT4-fs error (device loop8): ext4_acquire_dquot:6814: comm syz.8.1026: Failed to acquire dquot type 1
[  551.661706][ T8715] EXT4-fs (loop8): 1 truncate cleaned up
[  551.673510][ T8715] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  551.906674][ T8352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  552.480451][ T8352] batman_adv: batadv0: Interface activated: batadv_slave_1
[  552.558951][ T8352] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  552.672493][ T8352] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  552.763715][ T8352] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  552.869192][ T8352] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  553.269254][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  553.525773][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  553.534207][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  553.550470][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  553.565455][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  553.566907][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  553.617043][ T4588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  553.651291][ T8725] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  553.698053][ T8729] loop7: detected capacity change from 0 to 512
[  553.827236][ T8729] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  553.966357][ T8725] UDF-fs: error (device loop7): udf_read_inode: (ino 19) failed ident=264
[  554.669906][ T8739] xt_CT: No such helper "netbios-ns"
[  554.689392][ T4272] Bluetooth: hci4: command 0x0406 tx timeout
[  554.695826][ T4272] Bluetooth: hci3: command 0x0406 tx timeout
[  554.979501][ T8747] loop8: detected capacity change from 0 to 512
[  556.150062][ T4276] Bluetooth: hci5: command 0x0406 tx timeout
[  556.183490][ T8747] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  556.199809][ T4596] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  557.097521][ T8747] EXT4-fs (loop8): orphan cleanup on readonly fs
[  557.127051][ T8747] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1030: bg 0: block 248: padding at end of block bitmap is not set
[  557.264168][ T8747] Quota error (device loop8): write_blk: dquota write failed
[  557.271964][ T8747] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  557.282108][ T8747] EXT4-fs error (device loop8): ext4_acquire_dquot:6814: comm syz.8.1030: Failed to acquire dquot type 1
[  557.308947][ T8747] EXT4-fs (loop8): 1 truncate cleaned up
[  557.326146][ T8747] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  558.221156][ T4596] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  558.624000][ T4592] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  558.667036][ T4581] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  558.697847][ T4581] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  558.821711][ T8759] syz.6.1032[8759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  558.821806][ T8759] syz.6.1032[8759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  558.844041][ T8759] loop6: detected capacity change from 0 to 1024
[  558.862590][ T8759] EXT4-fs: Ignoring removed orlov option
[  559.076132][ T8759] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  560.185447][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  560.247742][ T8768] loop3: detected capacity change from 0 to 2048
[  560.372377][ T8768] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  560.409387][   T26] audit: type=1804 audit(1753284111.934:30): pid=8768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1034" name="/newroot/13/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  560.467659][ T8768] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1034: bg 0: block 234: padding at end of block bitmap is not set
[  560.487993][ T8768] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  560.501018][ T8768] EXT4-fs (loop3): This should not happen!! Data will be lost
[  560.501018][ T8768] 
[  560.510905][ T8768] EXT4-fs (loop3): Total free blocks count 0
[  560.516899][ T8768] EXT4-fs (loop3): Free/Dirty block details
[  560.524327][ T8768] EXT4-fs (loop3): free_blocks=0
[  560.530138][ T8768] EXT4-fs (loop3): dirty_blocks=16
[  560.535259][ T8768] EXT4-fs (loop3): Block reservation details
[  560.541303][ T8768] EXT4-fs (loop3): i_reserved_data_blocks=1
[  560.740924][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  560.750589][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  560.941659][ T8040] EXT4-fs (loop3): unmounting filesystem.
[  561.126109][ T8787] fuse: Bad value for 'rootmode'
[  561.133189][ T8787] Process accounting resumed
[  561.213284][ T8786] loop0: detected capacity change from 0 to 128
[  561.301416][ T8791] serio: Serial port ptm0
[  561.356579][   T26] audit: type=1800 audit(1753284112.894:31): pid=8786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.951" name="file2" dev="loop0" ino=1048648 res=0 errno=0
[  561.385954][ T8786] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  561.463154][ T8786] FAT-fs (loop0): Filesystem has been set read-only
[  561.496309][ T8786] syz.0.951: attempt to access beyond end of device
[  561.496309][ T8786] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  561.547370][ T8786] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  561.608267][ T8786] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  561.681369][ T8790] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  561.724022][ T8790] syz.0.951: attempt to access beyond end of device
[  561.724022][ T8790] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  561.812218][ T8790] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  561.830994][ T8805] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  561.852578][ T8790] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  561.891743][ T8790] syz.0.951: attempt to access beyond end of device
[  561.891743][ T8790] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  561.922212][ T8806] loop3: detected capacity change from 0 to 512
[  561.996666][ T8806] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  562.092330][ T8805] UDF-fs: error (device loop3): udf_read_inode: (ino 19) failed ident=264
[  562.852200][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  562.858731][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  563.864295][ T8840] fuse: Bad value for 'rootmode'
[  563.892738][ T8840] Process accounting resumed
[  563.971186][ T8841] loop6: detected capacity change from 0 to 256
[  564.099328][ T8841] FAT-fs (loop6): Directory bread(block 64) failed
[  564.106030][ T8841] FAT-fs (loop6): Directory bread(block 65) failed
[  564.113725][ T8841] FAT-fs (loop6): Directory bread(block 66) failed
[  564.120562][ T8841] FAT-fs (loop6): Directory bread(block 67) failed
[  564.127599][ T8841] FAT-fs (loop6): Directory bread(block 68) failed
[  564.134266][ T8841] FAT-fs (loop6): Directory bread(block 69) failed
[  564.141314][ T8841] FAT-fs (loop6): Directory bread(block 70) failed
[  564.147944][ T8841] FAT-fs (loop6): Directory bread(block 71) failed
[  564.154903][ T8841] FAT-fs (loop6): Directory bread(block 72) failed
[  564.161543][ T8841] FAT-fs (loop6): Directory bread(block 73) failed
[  564.397319][ T8841] syz.6.1047: attempt to access beyond end of device
[  564.397319][ T8841] loop6: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  564.413927][ T8841] syz.6.1047: attempt to access beyond end of device
[  564.413927][ T8841] loop6: rw=0, sector=1160, nr_sectors = 4 limit=256
[  564.455094][   T26] audit: type=1800 audit(1753284115.974:32): pid=8841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1047" name="file1" dev="loop6" ino=1048649 res=0 errno=0
[  565.460159][ T4669] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  565.546538][ T4669] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  567.009880][ T8871] vivid-001: =================  START STATUS  =================
[  567.017622][ T8871] vivid-001: Radio HW Seek Mode: Bounded
[  567.023494][ T8871] vivid-001: Radio Programmable HW Seek: false
[  567.029850][ T8871] vivid-001: RDS Rx I/O Mode: Block I/O
[  567.035506][ T8871] vivid-001: Generate RBDS Instead of RDS: false
[  567.042023][ T8871] vivid-001: RDS Reception: true
[  567.047090][ T8871] vivid-001: RDS Program Type: 0 inactive
[  567.054973][ T8871] vivid-001: RDS PS Name:  inactive
[  567.065588][ T8871] vivid-001: RDS Radio Text:  inactive
[  567.071229][ T8871] vivid-001: RDS Traffic Announcement: false inactive
[  567.078100][ T8871] vivid-001: RDS Traffic Program: false inactive
[  567.085168][ T8871] vivid-001: RDS Music: false inactive
[  567.091248][ T8871] vivid-001: ==================  END STATUS  ==================
[  568.572868][ T8881] loop8: detected capacity change from 0 to 512
[  568.669602][ T8881] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  568.710732][ T8881] EXT4-fs (loop8): orphan cleanup on readonly fs
[  568.747770][ T8880] loop0: detected capacity change from 0 to 32768
[  568.879140][ T8881] EXT4-fs (loop8): 1 orphan inode deleted
[  568.963071][ T8898] overlayfs: filesystem on './file1' not supported
[  569.014654][   T26] audit: type=1800 audit(1753284120.554:33): pid=8899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1055" name="bus" dev="loop0" ino=65 res=0 errno=0
[  569.101072][ T4603] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  569.172429][ T4603] EXT4-fs error (device loop8): ext4_release_dquot:6850: comm kworker/u4:32: Failed to release dquot type 1
[  569.191495][ T8881] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  569.238386][ T8874] loop6: detected capacity change from 0 to 40427
[  569.344097][ T8874] F2FS-fs (loop6): Fix alignment : done, start(4096) end(16896) block(12288)
[  569.368092][ T8874] F2FS-fs (loop6): invalid crc value
[  569.463761][ T8874] F2FS-fs (loop6): Found nat_bits in checkpoint
[  569.949365][ T8916] xt_hashlimit: max too large, truncated to 1048576
[  569.962923][ T8916] No such timeout policy "syz1"
[  570.283596][ T8874] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  570.827922][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  571.737222][ T8924] loop3: detected capacity change from 0 to 128
[  571.744390][ T8924] EXT4-fs: Ignoring removed nomblk_io_submit option
[  571.751075][ T8924] EXT4-fs: Ignoring removed nomblk_io_submit option
[  571.799690][ T8924] EXT4-fs (loop3): Test dummy encryption mode enabled
[  572.077294][ T8924] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  572.087591][ T8924] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  573.075106][ T8936] tipc: Started in network mode
[  573.164364][ T8936] tipc: Node identity 12341a31e957, cluster identity 4711
[  573.172169][ T8936] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  573.193012][ T8936] tipc: Resetting bearer <eth:syzkaller0>
[  573.663202][ T8944] vivid-001: =================  START STATUS  =================
[  573.711858][ T8944] vivid-001: Radio HW Seek Mode: Bounded
[  573.744953][ T8944] vivid-001: Radio Programmable HW Seek: false
[  573.767439][ T7624] udevd[7624]: failed to send result of seq 16269 to main daemon: Connection refused
[  573.771967][ T8944] vivid-001: RDS Rx I/O Mode: Block I/O
[  573.783151][ T8944] vivid-001: Generate RBDS Instead of RDS: false
[  573.790385][ T8944] vivid-001: RDS Reception: true
[  573.796991][ T8944] vivid-001: RDS Program Type: 
[  573.832512][ T8040] EXT4-fs (loop3): unmounting filesystem.
[  573.856570][ T8944] 0 inactive
[  573.887488][ T8935] tipc: Disabling bearer <eth:syzkaller0>
[  573.909477][ T8944] vivid-001: RDS PS Name:  inactive
[  573.915395][ T8944] vivid-001: RDS Radio Text:  inactive
[  573.924288][ T8944] vivid-001: RDS Traffic Announcement: false inactive
[  573.933769][ T8944] vivid-001: RDS Traffic Program: false inactive
[  573.954516][ T8944] vivid-001: RDS Music: false inactive
[  573.967791][ T8944] vivid-001: ==================  END STATUS  ==================
[  574.929537][ T8954] loop7: detected capacity change from 0 to 2048
[  576.150494][ T4276] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  577.243535][ T8956] fuse: Unknown parameter 'use00000000000000000000'
[  577.902220][ T8957] Process accounting resumed
[  579.379227][ T4281] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  579.504060][ T4276] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  579.579482][ T4281] usb 9-1: Using ep0 maxpacket: 16
[  579.727788][ T4281] usb 9-1: config 1 has an invalid interface number: 105 but max is 0
[  579.846413][ T4281] usb 9-1: config 1 has no interface number 0
[  579.968420][ T4281] usb 9-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  580.025649][ T4281] usb 9-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  580.040693][ T4281] usb 9-1: config 1 interface 105 has no altsetting 0
[  580.053761][ T8966] loop3: detected capacity change from 0 to 32768
[  580.062568][ T4281] usb 9-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  580.184592][ T4281] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.244912][ T4281] usb 9-1: Product: syz
[  580.259935][ T4281] usb 9-1: Manufacturer: syz
[  580.273797][ T4281] usb 9-1: SerialNumber: syz
[  580.334355][ T9009] input: syz1 as /devices/virtual/input/input22
[  581.597754][ T8995] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  581.615574][ T8995] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  581.652765][ T9011] fuse: Unknown parameter 'use00000000000000000000'
[  581.683979][ T9011] Process accounting resumed
[  581.845851][ T9016] vivid-002: =================  START STATUS  =================
[  581.853856][ T9016] vivid-002: Radio HW Seek Mode: Bounded
[  581.859720][ T9016] vivid-002: Radio Programmable HW Seek: false
[  581.866037][ T9016] vivid-002: RDS Rx I/O Mode: Block I/O
[  581.871714][ T9016] vivid-002: Generate RBDS Instead of RDS: false
[  581.878257][ T9016] vivid-002: RDS Reception: true
[  581.883432][ T9016] vivid-002: RDS Program Type: 0 inactive
[  581.889304][ T9016] vivid-002: RDS PS Name:  inactive
[  581.894643][ T9016] vivid-002: RDS Radio Text:  inactive
[  581.906218][ T9016] vivid-002: RDS Traffic Announcement: false inactive
[  581.913304][ T9016] vivid-002: RDS Traffic Program: false inactive
[  581.919845][ T9016] vivid-002: RDS Music: false inactive
[  581.925650][ T9016] vivid-002: ==================  END STATUS  ==================
[  582.192477][ T8995] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  582.228205][ T8995] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  582.617355][ T4281] aqc111 9-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: 4
[  582.628291][ T4281] aqc111: probe of 9-1:1.105 failed with error -61
[  582.724315][ T9026] loop3: detected capacity change from 0 to 512
[  582.754608][ T9026] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  582.804648][ T9026] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  582.846194][ T9026] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.1088: corrupted in-inode xattr
[  582.864824][ T9026] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1088: couldn't read orphan inode 15 (err -117)
[  582.877324][ T9026] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  583.069237][ T9026] overlayfs: missing 'lowerdir'
[  583.179435][ T4669] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  583.409380][ T4669] usb 8-1: Using ep0 maxpacket: 16
[  583.427130][ T4669] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  583.491415][ T4669] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  583.598904][ T4669] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  583.619061][ T4669] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.627093][ T4669] usb 8-1: Product: syz
[  583.631396][ T4669] usb 8-1: Manufacturer: syz
[  583.636003][ T4669] usb 8-1: SerialNumber: syz
[  583.924057][ T4669] usb 8-1: 0:2 : does not exist
[  583.999533][ T4276] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  584.043160][ T4669] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[  584.477158][ T4669] usb 8-1: USB disconnect, device number 5
[  584.509120][ T4281] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  584.518644][ T7630] usb 9-1: USB disconnect, device number 2
[  584.644699][ T9046] tipc: Started in network mode
[  584.656011][ T9046] tipc: Node identity 26da8002de41, cluster identity 4711
[  584.681479][ T9050] fuse: Unknown parameter 'user_i00000000000000000000'
[  584.689962][ T9046] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  584.697784][ T9050] Process accounting resumed
[  584.709225][ T4281] usb 1-1: Using ep0 maxpacket: 16
[  584.716068][ T4281] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  584.739415][ T4281] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  584.749186][ T9047] device syzkaller0 entered promiscuous mode
[  584.775063][ T4281] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  584.796329][ T4281] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  584.817648][ T4281] usb 1-1: Product: syz
[  584.835105][ T4281] usb 1-1: Manufacturer: syz
[  584.859175][ T4281] usb 1-1: SerialNumber: syz
[  584.947624][ T9046] tipc: Resetting bearer <eth:syzkaller0>
[  584.968819][ T9045] tipc: Resetting bearer <eth:syzkaller0>
[  585.106094][ T9045] tipc: Disabling bearer <eth:syzkaller0>
[  585.162326][ T8040] EXT4-fs (loop3): unmounting filesystem.
[  585.342534][ T4281] usb 1-1: 0:2 : does not exist
[  585.356681][ T4281] usb 1-1: USB disconnect, device number 4
[  585.605611][ T9064] vivid-001: =================  START STATUS  =================
[  585.613425][ T9064] vivid-001: Radio HW Seek Mode: Bounded
[  585.619692][ T9064] vivid-001: Radio Programmable HW Seek: false
[  585.626081][ T9064] vivid-001: RDS Rx I/O Mode: Block I/O
[  585.631857][ T9064] vivid-001: Generate RBDS Instead of RDS: false
[  585.638340][ T9064] vivid-001: RDS Reception: true
[  585.643456][ T9064] vivid-001: RDS Program Type: 0 inactive
[  585.649345][ T9064] vivid-001: RDS PS Name:  inactive
[  585.654647][ T9064] vivid-001: RDS Radio Text:  inactive
[  585.665728][ T9064] vivid-001: RDS Traffic Announcement: false inactive
[  585.672856][ T9064] vivid-001: RDS Traffic Program: false inactive
[  585.680952][ T9064] vivid-001: RDS Music: false inactive
[  585.686610][ T9064] vivid-001: ==================  END STATUS  ==================
[  586.596450][ T9073] loop8: detected capacity change from 0 to 512
[  586.642662][ T9074] loop0: detected capacity change from 0 to 256
[  586.649716][ T9074] exfat: Unknown parameter 'Ϙ'
[  588.198580][ T9074] loop0: detected capacity change from 0 to 2048
[  590.057195][ T9082] syz.6.1104[9082] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  590.057578][ T9082] syz.6.1104[9082] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  590.131122][ T9082] loop6: detected capacity change from 0 to 1024
[  590.152973][ T9082] EXT4-fs: Ignoring removed orlov option
[  590.692067][ T4276] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  590.732847][ T9082] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  591.067659][ T9079] loop7: detected capacity change from 0 to 512
[  591.108374][ T9079] EXT4-fs: Ignoring removed mblk_io_submit option
[  591.147654][ T9079] EXT4-fs: Ignoring removed bh option
[  591.169217][ T9079] EXT4-fs: quotafile must be on filesystem root
[  592.036814][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  592.343866][ T9098] loop7: detected capacity change from 0 to 512
[  592.522518][ T9098] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  592.612793][ T9098] EXT4-fs (loop7): 1 truncate cleaned up
[  592.618460][ T9098] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  592.650620][ T9103] loop3: detected capacity change from 0 to 512
[  592.663939][ T9105] loop6: detected capacity change from 0 to 256
[  592.737699][ T9105] FAT-fs (loop6): Directory bread(block 64) failed
[  592.790859][ T9109] vivid-000: =================  START STATUS  =================
[  592.798657][ T9109] vivid-000: Radio HW Seek Mode: Bounded
[  592.804507][ T9109] vivid-000: Radio Programmable HW Seek: false
[  592.811005][ T9109] vivid-000: RDS Rx I/O Mode: Block I/O
[  592.816657][ T9109] vivid-000: Generate RBDS Instead of RDS: false
[  592.823228][ T9109] vivid-000: RDS Reception: true
[  592.828406][ T9109] vivid-000: RDS Program Type: 0 inactive
[  592.834367][ T9109] vivid-000: RDS PS Name:  inactive
[  592.839991][ T9109] vivid-000: RDS Radio Text:  inactive
[  592.854194][ T9109] vivid-000: RDS Traffic Announcement: false inactive
[  592.861187][ T9109] vivid-000: RDS Traffic Program: false inactive
[  592.867637][ T9109] vivid-000: RDS Music: false inactive
[  592.873298][ T9109] vivid-000: ==================  END STATUS  ==================
[  593.569207][ T9105] FAT-fs (loop6): Directory bread(block 65) failed
[  593.586973][ T9105] FAT-fs (loop6): Directory bread(block 66) failed
[  593.588855][ T9111] kernel profiling enabled (shift: 9)
[  593.601665][ T9105] FAT-fs (loop6): Directory bread(block 67) failed
[  593.609178][ T9105] FAT-fs (loop6): Directory bread(block 68) failed
[  593.615922][ T9105] FAT-fs (loop6): Directory bread(block 69) failed
[  593.623410][ T9105] FAT-fs (loop6): Directory bread(block 70) failed
[  593.630436][ T9105] FAT-fs (loop6): Directory bread(block 71) failed
[  593.637585][ T9105] FAT-fs (loop6): Directory bread(block 72) failed
[  593.644737][ T9105] FAT-fs (loop6): Directory bread(block 73) failed
[  596.893289][ T9130] loop6: detected capacity change from 0 to 32768
[  598.528670][ T9142] overlayfs: filesystem on './file1' not supported
[  598.566847][ T9143] xt_hashlimit: max too large, truncated to 1048576
[  598.580327][   T26] audit: type=1800 audit(1753284150.124:34): pid=9139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1118" name="bus" dev="loop6" ino=65 res=0 errno=0
[  598.809377][ T9143] No such timeout policy "syz1"
[  599.160641][ T9147] loop0: detected capacity change from 0 to 40427
[  599.289837][ T9147] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  599.297654][ T9147] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  599.323591][ T9147] F2FS-fs (loop0): invalid crc value
[  601.190382][ T9147] F2FS-fs (loop0): Found nat_bits in checkpoint
[  604.008142][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  604.473279][ T9161] input: syz1 as /devices/virtual/input/input23
[  605.019238][ T4276] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  605.467044][ T9184] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1131'.
[  605.488685][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1131'.
[  605.498398][ T9186] loop8: detected capacity change from 0 to 512
[  605.532191][ T9186] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  605.615183][ T9186] EXT4-fs (loop8): orphan cleanup on readonly fs
[  605.636571][ T9186] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1131: bg 0: block 248: padding at end of block bitmap is not set
[  605.653285][ T9186] Quota error (device loop8): write_blk: dquota write failed
[  605.661027][ T9186] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  605.671135][ T9186] EXT4-fs error (device loop8): ext4_acquire_dquot:6814: comm syz.8.1131: Failed to acquire dquot type 1
[  605.693648][ T9186] EXT4-fs (loop8): 1 truncate cleaned up
[  605.705197][ T9186] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  606.271164][ T9190] xt_hashlimit: max too large, truncated to 1048576
[  606.331266][ T9190] No such timeout policy "syz1"
[  607.449527][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  607.465072][ T9197] loop0: detected capacity change from 0 to 512
[  607.475622][ T9197] EXT4-fs: Ignoring removed mblk_io_submit option
[  607.493330][ T9197] EXT4-fs: Ignoring removed bh option
[  607.645905][ T9197] EXT4-fs: quotafile must be on filesystem root
[  608.334205][ T9203] input: syz1 as /devices/virtual/input/input24
[  608.558311][ T9223] loop3: detected capacity change from 0 to 512
[  608.712641][ T9223] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  608.755249][ T9223] EXT4-fs (loop3): 1 truncate cleaned up
[  608.765401][ T9223] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  609.241623][ T9243] loop0: detected capacity change from 0 to 512
[  609.248610][ T9243] EXT4-fs: Ignoring removed nomblk_io_submit option
[  610.049422][ T9243] EXT4-fs (loop0): Test dummy encryption mode enabled
[  610.056270][ T9243] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  610.183943][ T9243] EXT4-fs (loop0): 1 truncate cleaned up
[  610.189935][ T9243] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  610.716937][ T9243] fscrypt (loop0): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[  611.328270][ T8352] EXT4-fs (loop0): unmounting filesystem.
[  611.610199][ T9258] xt_hashlimit: max too large, truncated to 1048576
[  611.636808][ T9258] No such timeout policy "syz1"
[  612.119369][ T9264] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1147'.
[  612.129717][ T4276] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  612.646228][ T9264] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  612.663519][ T9264] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  612.673159][ T9264] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  612.756248][   T26] audit: type=1800 audit(1753284164.184:35): pid=9264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1147" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  612.795798][ T9266] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  612.907961][ T9270] loop7: detected capacity change from 0 to 512
[  612.933559][ T9270] EXT4-fs: Ignoring removed bh option
[  612.958201][ T9270] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  613.003616][ T9270] EXT4-fs (loop7): orphan cleanup on readonly fs
[  613.014423][ T9273] input: syz1 as /devices/virtual/input/input25
[  613.035181][ T9270] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.1150: bg 0: block 248: padding at end of block bitmap is not set
[  613.053917][ T9270] Quota error (device loop7): write_blk: dquota write failed
[  613.063639][ T9270] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  613.075703][ T9270] EXT4-fs error (device loop7): ext4_acquire_dquot:6814: comm syz.7.1150: Failed to acquire dquot type 1
[  613.096664][ T9270] EXT4-fs (loop7): 1 truncate cleaned up
[  613.123102][ T9270] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  613.351058][ T9279] loop0: detected capacity change from 0 to 256
[  616.611244][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  616.960300][   T26] audit: type=1326 audit(1753284168.494:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9286 comm="syz.7.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad4158e9a9 code=0x7ffc0000
[  617.063056][   T26] audit: type=1326 audit(1753284168.534:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9286 comm="syz.7.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad4158e9a9 code=0x7ffc0000
[  617.267917][ T4272] Bluetooth: hci0: command 0x0406 tx timeout
[  618.340649][   T26] audit: type=1326 audit(1753284168.544:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9286 comm="syz.7.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7fad4158e9a9 code=0x7ffc0000
[  618.521116][ T9306] loop6: detected capacity change from 0 to 512
[  618.567261][ T9306] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  618.597477][   T26] audit: type=1326 audit(1753284168.544:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9286 comm="syz.7.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad4158e9a9 code=0x7ffc0000
[  618.809576][ T9306] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  619.378164][ T9309] xt_CT: No such helper "netbios-ns"
[  619.476423][ T9314] loop0: detected capacity change from 0 to 512
[  619.495439][ T9314] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  619.504120][   T26] audit: type=1326 audit(1753284168.544:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9286 comm="syz.7.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad4158e9a9 code=0x7ffc0000
[  619.555922][ T9306] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2195: inode #15: comm syz.6.1161: corrupted in-inode xattr
[  619.590392][ T9306] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.1161: couldn't read orphan inode 15 (err -117)
[  619.702676][ T9319] loop7: detected capacity change from 0 to 7
[  619.717696][ T9306] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  619.728039][ T9319] Dev loop7: unable to read RDB block 7
[  619.745821][ T9319]  loop7: unable to read partition table
[  619.761347][ T9314] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  619.804800][ T9319] loop7: partition table beyond EOD, truncated
[  619.809243][ T9314] ext4 filesystem being mounted at /30/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  619.859274][ T9319] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  619.885925][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  619.907821][ T9324] loop8: detected capacity change from 0 to 512
[  621.176883][ T8040] EXT4-fs (loop3): unmounting filesystem.
[  621.546133][ T8352] EXT4-fs (loop0): unmounting filesystem.
[  621.599977][ T9324] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  621.610448][ T9324] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  622.248897][ T9329] device veth1_macvtap left promiscuous mode
[  622.265376][ T9329] device macsec0 entered promiscuous mode
[  622.358687][ T9334] xt_bpf: check failed: parse error
[  622.507613][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  622.881559][ T9353] xt_hashlimit: max too large, truncated to 1048576
[  622.888759][ T9353] No such timeout policy "syz1"
[  623.043403][ T9354] loop8: detected capacity change from 0 to 512
[  624.275856][ T9354] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  624.721401][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  624.727772][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  624.895442][ T9354] EXT4-fs (loop8): orphan cleanup on readonly fs
[  624.916034][ T9354] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1173: bg 0: block 248: padding at end of block bitmap is not set
[  624.932738][ T9354] Quota error (device loop8): write_blk: dquota write failed
[  624.940938][ T9354] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  624.951153][ T9354] EXT4-fs error (device loop8): ext4_acquire_dquot:6814: comm syz.8.1173: Failed to acquire dquot type 1
[  624.978130][ T9354] EXT4-fs (loop8): 1 truncate cleaned up
[  625.034789][ T9354] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  626.859315][ T9368] fuse: Bad value for 'fd'
[  626.866308][ T9368] Process accounting resumed
[  627.037490][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  627.216613][ T9381] loop0: detected capacity change from 0 to 512
[  627.225251][ T9381] EXT4-fs: Ignoring removed nomblk_io_submit option
[  627.242455][ T9381] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  627.328588][ T9381] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  627.345062][ T9381] ext4 filesystem being mounted at /34/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  627.414397][   T26] audit: type=1800 audit(1753284178.954:41): pid=9381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1182" name="file1" dev="loop0" ino=15 res=0 errno=0
[  627.564468][ T8352] EXT4-fs (loop0): unmounting filesystem.
[  628.503396][ T9389] loop6: detected capacity change from 0 to 32768
[  628.727251][ T9402] device pim6reg1 entered promiscuous mode
[  628.911596][   T26] audit: type=1800 audit(1753284180.454:42): pid=9401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1183" name="file1" dev="loop6" ino=4 res=0 errno=0
[  629.259658][ T9408] fuse: Unknown parameter '0x0000000000000003'
[  629.267967][ T9408] Process accounting resumed
[  631.947947][ T9423] loop3: detected capacity change from 0 to 512
[  632.001391][ T9423] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  632.086206][ T9423] EXT4-fs (loop3): orphan cleanup on readonly fs
[  632.118126][ T9423] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1191: bg 0: block 248: padding at end of block bitmap is not set
[  632.137048][ T9423] Quota error (device loop3): write_blk: dquota write failed
[  632.144840][ T9423] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  632.155038][ T9423] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1191: Failed to acquire dquot type 1
[  632.173887][ T9423] EXT4-fs (loop3): 1 truncate cleaned up
[  632.192027][ T9423] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  633.098743][ T8040] EXT4-fs (loop3): unmounting filesystem.
[  634.433543][ T9443] syz.3.1196 (9443) used greatest stack depth: 18176 bytes left
[  634.719760][ T9450] fuse: Unknown parameter '0x0000000000000003'
[  634.728000][ T9450] Process accounting resumed
[  635.009280][ T9447] loop8: detected capacity change from 0 to 32768
[  635.121033][ T9455] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1201'.
[  636.539511][   T26] audit: type=1800 audit(1753284188.084:43): pid=9458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1199" name="file1" dev="loop8" ino=4 res=0 errno=0
[  636.935408][ T9467] loop6: detected capacity change from 0 to 256
[  636.958605][ T9467] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  636.969417][ T9467] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  637.004602][ T9467] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  637.704107][ T9469] loop0: detected capacity change from 0 to 128
[  638.120798][ T9475] binder: 9470:9475 ioctl 4018620d 0 returned -22
[  638.128000][ T9475] binder: 9470:9475 ioctl c018620c 200000000380 returned -1
[  638.690015][ T9469] syz.0.1207: attempt to access beyond end of device
[  638.690015][ T9469] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  639.290840][ T9465] loop7: detected capacity change from 0 to 32768
[  639.333788][ T9478] vivid-000: =================  START STATUS  =================
[  639.341606][ T9478] vivid-000: Radio HW Seek Mode: Bounded
[  639.347411][ T9478] vivid-000: Radio Programmable HW Seek: false
[  639.353787][ T9478] vivid-000: RDS Rx I/O Mode: Block I/O
[  639.359530][ T9478] vivid-000: Generate RBDS Instead of RDS: false
[  639.366001][ T9478] vivid-000: RDS Reception: true
[  639.371362][ T9478] vivid-000: RDS Program Type: 0 inactive
[  639.377634][ T9478] vivid-000: RDS PS Name:  inactive
[  639.383220][ T9478] vivid-000: RDS Radio Text:  inactive
[  639.406631][ T9478] vivid-000: RDS Traffic Announcement: false inactive
[  639.413761][ T9478] vivid-000: RDS Traffic Program: false inactive
[  639.420329][ T9478] vivid-000: RDS Music: false inactive
[  639.426218][ T9478] vivid-000: ==================  END STATUS  ==================
[  639.520364][ T7632] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  639.927916][ T7632] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  640.103262][ T9465] overlayfs: filesystem on './file1' not supported
[  640.134323][ T9492] fuse: Unknown parameter '0x0000000000000003'
[  640.232624][ T9491] Process accounting resumed
[  640.241953][   T26] audit: type=1800 audit(1753284191.694:44): pid=9486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1203" name="bus" dev="loop7" ino=65 res=0 errno=0
[  640.594007][ T9499] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  641.568219][ T9498] loop6: detected capacity change from 0 to 1024
[  641.727087][ T9498] ext4: Unknown parameter 'fsmagic'
[  641.733125][ T4272] Bluetooth: hci2: command 0x0406 tx timeout
[  642.086375][ T9509] loop6: detected capacity change from 0 to 2048
[  642.098136][ T9507] loop3: detected capacity change from 0 to 32768
[  642.184142][   T26] audit: type=1800 audit(1753284193.724:45): pid=9513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1216" name="file1" dev="loop3" ino=4 res=0 errno=0
[  642.236559][ T9509] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  642.804162][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  643.829337][ T9531] loop3: detected capacity change from 0 to 512
[  643.836813][ T9531] ext2: Unknown parameter 'euid'
[  643.973530][ T9531] loop3: detected capacity change from 0 to 1024
[  643.980851][ T9531] ext2: Unknown parameter 'measure'
[  644.585009][ T9544] loop7: detected capacity change from 0 to 256
[  646.287147][ T9550] loop3: detected capacity change from 0 to 512
[  649.424604][ T9550] EXT4-fs warning (device loop3): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop3.
[  649.535844][ T4669] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  649.596150][ T4669] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  649.828872][ T9561] xt_bpf: check failed: parse error
[  649.849158][ T9557] loop8: detected capacity change from 0 to 2048
[  649.856184][ T9557] EXT4-fs: inline encryption not supported
[  649.890784][ T9557] EXT4-fs: Ignoring removed mblk_io_submit option
[  649.897311][ T9557] ext4: Unknown parameter 'audit'
[  649.914394][ T9561] loop6: detected capacity change from 0 to 256
[  649.938961][ T9561] exfat: Deprecated parameter 'namecase'
[  649.986511][ T9561] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  653.228694][ T9597] loop0: detected capacity change from 0 to 512
[  655.996541][ T9597] EXT4-fs: failed to create workqueue
[  656.002032][ T9597] EXT4-fs (loop0): mount failed
[  656.194262][ T9604] loop7: detected capacity change from 0 to 512
[  656.769857][ T9604] EXT4-fs error (device loop7): ext4_do_update_inode:5254: inode #3: comm syz.7.1242: corrupted inode contents
[  656.782098][ T9604] EXT4-fs error (device loop7): ext4_dirty_inode:6119: inode #3: comm syz.7.1242: mark_inode_dirty error
[  656.795224][ T9604] EXT4-fs error (device loop7): ext4_do_update_inode:5254: inode #3: comm syz.7.1242: corrupted inode contents
[  656.807345][ T9604] EXT4-fs error (device loop7): __ext4_ext_dirty:202: inode #3: comm syz.7.1242: mark_inode_dirty error
[  656.822374][ T9604] Quota error (device loop7): write_blk: dquota write failed
[  656.829884][ T9604] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  656.839818][ T9604] EXT4-fs error (device loop7): ext4_acquire_dquot:6814: comm syz.7.1242: Failed to acquire dquot type 0
[  656.855148][ T9604] EXT4-fs (loop7): 1 orphan inode deleted
[  656.860986][ T9604] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  656.870220][ T9604] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  656.881462][ T9235] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  656.893085][ T9235] EXT4-fs error (device loop7): ext4_release_dquot:6850: comm kworker/u4:62: Failed to release dquot type 1
[  657.049865][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  657.993677][ T9625] loop7: detected capacity change from 0 to 512
[  658.037760][ T9625] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  659.437539][ T9634] overlayfs: missing 'lowerdir'
[  659.757913][ T4766] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  659.796074][ T4766] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  659.890359][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  660.392312][ T9646] loop7: detected capacity change from 0 to 128
[  660.638506][ T9647] loop3: detected capacity change from 0 to 512
[  663.194476][ T9647] EXT4-fs warning (device loop3): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop3.
[  666.274638][ T7629] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  666.393902][ T9672] device pim6reg1 entered promiscuous mode
[  666.430257][ T9677] loop6: detected capacity change from 0 to 128
[  666.600627][ T9677] FAT-fs (loop6): error, invalid access to FAT (entry 0x0000006f)
[  666.609997][ T7629] usb 4-1: Using ep0 maxpacket: 16
[  666.610147][ T9677] FAT-fs (loop6): Filesystem has been set read-only
[  666.618071][ T7629] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  666.633427][ T7629] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  666.643516][ T7629] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  666.658221][ T7629] usb 4-1: config 0 interface 0 has no altsetting 0
[  666.693121][ T7629] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  666.868231][ T7629] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  667.139506][ T7629] usb 4-1: config 0 descriptor??
[  667.240398][ T9682] loop0: detected capacity change from 0 to 512
[  667.325041][ T9682] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  667.764816][ T9697] overlayfs: failed to resolve './bus': -2
[  667.971441][ T9695] loop8: detected capacity change from 0 to 512
[  668.156550][ T9695] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  668.231668][ T9695] EXT4-fs (loop8): 1 truncate cleaned up
[  668.237398][ T9695] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  668.256698][ T8352] EXT4-fs (loop0): unmounting filesystem.
[  668.419921][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  668.617387][ T9684] loop6: detected capacity change from 0 to 32768
[  668.699953][ T7629] usbhid 4-1:0.0: can't add hid device: -71
[  668.705995][ T7629] usbhid: probe of 4-1:0.0 failed with error -71
[  668.714724][ T7629] usb 4-1: USB disconnect, device number 3
[  672.624984][ T9724] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1274'.
[  673.272061][ T4766] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  673.626769][ T9731] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1278'.
[  673.887720][ T9741] loop3: detected capacity change from 0 to 128
[  675.039639][ T9725] loop6: detected capacity change from 0 to 32768
[  675.586735][   T26] audit: type=1800 audit(1753284227.124:46): pid=9744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1276" name="file1" dev="loop6" ino=4 res=0 errno=0
[  675.894425][ T9746] loop7: detected capacity change from 0 to 512
[  675.972393][ T9746] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  676.215315][ T9746] EXT4-fs (loop7): 1 truncate cleaned up
[  676.870988][ T9746] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  677.291273][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  678.356935][ T9773] loop6: detected capacity change from 0 to 512
[  678.408115][ T9773] EXT4-fs: inline encryption not supported
[  678.484440][ T9775] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1288'.
[  678.532831][ T9773] EXT4-fs: Ignoring removed mblk_io_submit option
[  678.665494][ T9773] EXT4-fs (loop6): Test dummy encryption mode enabled
[  679.040689][ T9773] EXT4-fs (loop6): orphan cleanup on readonly fs
[  679.047696][ T9773] EXT4-fs error (device loop6): ext4_orphan_get:1400: comm syz.6.1289: inode #13: comm syz.6.1289: iget: illegal inode #
[  679.170232][ T9773] EXT4-fs (loop6): Remounting filesystem read-only
[  679.176883][ T9773] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.1289: couldn't read orphan inode 13 (err -117)
[  679.239618][ T9773] EXT4-fs (loop6): Remounting filesystem read-only
[  679.300974][ T9773] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  679.468154][ T9783] loop3: detected capacity change from 0 to 512
[  679.509883][ T9783] EXT4-fs: Ignoring removed mblk_io_submit option
[  679.517102][ T9783] EXT4-fs: Ignoring removed bh option
[  679.549072][ T9783] EXT4-fs: quotafile must be on filesystem root
[  679.707575][ T9788] loop0: detected capacity change from 0 to 256
[  681.584169][ T9792] loop3: detected capacity change from 0 to 512
[  681.626960][ T9792] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  681.663040][ T9792] EXT4-fs (loop3): orphan cleanup on readonly fs
[  681.680830][ T9792] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1294: bg 0: block 248: padding at end of block bitmap is not set
[  681.697069][ T9792] Quota error (device loop3): write_blk: dquota write failed
[  681.704896][ T9792] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  681.715032][ T9792] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1294: Failed to acquire dquot type 1
[  681.741724][ T9792] EXT4-fs (loop3): 1 truncate cleaned up
[  681.780537][ T9792] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  682.473415][ T9799] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  682.886322][ T9801] loop8: detected capacity change from 0 to 512
[  684.195246][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  685.495012][ T8040] EXT4-fs (loop3): unmounting filesystem.
[  685.515937][ T9801] EXT4-fs warning (device loop8): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop8.
[  686.328262][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  686.340459][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  687.292918][ T9822] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1304'.
[  687.512020][ T9825] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1301'.
[  688.974491][ T9841] loop0: detected capacity change from 0 to 1024
[  688.984448][ T9841] EXT4-fs: Ignoring removed nomblk_io_submit option
[  692.155650][ T9841] EXT4-fs warning (device loop0): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop0.
[  692.554062][ T9845] loop3: detected capacity change from 0 to 256
[  692.596482][ T9845] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  693.899183][ T4272] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  694.078091][ T9860] loop7: detected capacity change from 0 to 512
[  694.293401][ T9860] EXT4-fs error (device loop7): ext4_orphan_get:1426: comm syz.7.1310: bad orphan inode 11862016
[  694.306262][ T9860] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  694.315838][ T9860] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  695.164643][ T9868] loop6: detected capacity change from 0 to 512
[  696.187704][ T9873] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1316'.
[  696.571818][ T9875] loop8: detected capacity change from 0 to 512
[  696.623176][ T9875] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  696.712567][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  696.781880][ T9875] EXT4-fs (loop8): orphan cleanup on readonly fs
[  696.795877][ T9875] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1315: bg 0: block 248: padding at end of block bitmap is not set
[  696.812497][ T9875] Quota error (device loop8): write_blk: dquota write failed
[  696.820285][ T9875] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  696.831127][ T9875] EXT4-fs error (device loop8): ext4_acquire_dquot:6814: comm syz.8.1315: Failed to acquire dquot type 1
[  696.860105][ T9875] EXT4-fs (loop8): 1 truncate cleaned up
[  696.868620][ T9875] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  696.978929][ T9868] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  697.195841][ T9868] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  698.333484][ T9888] xt_CT: No such helper "netbios-ns"
[  699.755877][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  699.837907][ T7630] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  699.880797][ T7630] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  699.882278][ T9907] loop8: detected capacity change from 0 to 512
[  699.935251][ T9907] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  700.133403][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  701.094070][ T9926] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  701.468203][ T9929] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1328'.
[  702.019516][ T9931] loop6: detected capacity change from 0 to 256
[  702.135911][ T9919] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  702.393483][ T9931] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  702.420800][ T9919] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  702.432852][ T9919] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  704.440933][ T9948] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  705.025761][ T9950] loop7: detected capacity change from 0 to 128
[  705.101166][ T9950] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  705.116845][ T9950] ext4 filesystem being mounted at /127/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  705.235257][ T9950] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #12: block 18: comm syz.7.1334: lblock 0 mapped to illegal pblock 18 (length 1)
[  705.263171][ T9958] loop0: detected capacity change from 0 to 128
[  705.280714][ T9950] EXT4-fs warning (device loop7): ext4_empty_dir:3139: inode #12: lblock 0: comm syz.7.1334: error -117 reading directory block
[  705.308496][   T26] audit: type=1800 audit(1753284256.844:47): pid=9958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1337" name="file2" dev="loop0" ino=1048659 res=0 errno=0
[  705.332908][ T9958] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  705.349459][ T9958] FAT-fs (loop0): Filesystem has been set read-only
[  705.369112][ T9958] syz.0.1337: attempt to access beyond end of device
[  705.369112][ T9958] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  705.411265][ T9958] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  705.425140][ T9958] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  705.436186][ T7423] EXT4-fs (loop7): unmounting filesystem.
[  705.527509][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  705.615359][ T9959] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  705.625313][ T9959] syz.0.1337: attempt to access beyond end of device
[  705.625313][ T9959] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  705.640344][ T9959] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  705.648192][ T9959] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  705.656427][ T9958] syz.0.1337: attempt to access beyond end of device
[  705.656427][ T9958] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  705.729927][ T9967] syz.6.1338[9967] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  705.731642][ T9967] syz.6.1338[9967] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  707.189179][ T9958] syz.0.1337: attempt to access beyond end of device
[  707.189179][ T9958] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  707.198909][ T9970] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  707.396266][ T9959] syz.0.1337: attempt to access beyond end of device
[  707.396266][ T9959] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  708.005526][ T9975] xt_hashlimit: max too large, truncated to 1048576
[  708.012367][ T9975] No such timeout policy "syz1"
[  708.248884][ T9976] loop3: detected capacity change from 0 to 512
[  708.264861][ T9973] device wg2 entered promiscuous mode
[  708.306251][ T9976] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  709.343286][ T9991] loop6: detected capacity change from 0 to 128
[  710.652797][ T9994] overlayfs: failed to resolve './file0': -2
[  710.754302][ T9995] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1345'.
[  713.428662][T10015] loop6: detected capacity change from 0 to 512
[  716.154474][T10015] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  716.163553][T10015] ext4 filesystem being mounted at /110/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  716.228323][T10015] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1355'.
[  716.777714][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  716.911989][T10033] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  716.936497][T10031] loop6: detected capacity change from 0 to 512
[  716.952672][T10031] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  717.226837][T10031] EXT4-fs (loop6): 1 truncate cleaned up
[  717.271164][T10031] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  718.739904][ T7417] EXT4-fs (loop6): unmounting filesystem.
[  721.128356][T10054] netlink: 122896 bytes leftover after parsing attributes in process `syz.6.1366'.
[  721.189407][T10056] netlink: 132 bytes leftover after parsing attributes in process `syz.8.1368'.
[  721.302096][ T7966] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  721.352015][ T7966] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  721.640701][ T7629] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  722.040051][ T7629] usb 4-1: Using ep0 maxpacket: 16
[  722.062932][ T7629] usb 4-1: config 1 has an invalid interface number: 220 but max is 1
[  722.187787][ T7629] usb 4-1: config 1 has an invalid interface number: 76 but max is 1
[  722.404407][ T7629] usb 4-1: config 1 has no interface number 0
[  722.410873][ T7629] usb 4-1: config 1 has no interface number 1
[  722.416984][ T7629] usb 4-1: config 1 interface 220 has no altsetting 0
[  722.459029][ T7629] usb 4-1: config 1 interface 76 has no altsetting 0
[  723.526703][ T7629] usb 4-1: string descriptor 0 read error: -71
[  723.535039][ T7629] usb 4-1: New USB device found, idVendor=1bc7, idProduct=0023, bcdDevice=b2.a4
[  723.545088][ T7629] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.558252][ T7629] usb 4-1: can't set config #1, error -71
[  723.570231][ T7629] usb 4-1: USB disconnect, device number 5
[  723.968226][T10087] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  723.980134][T10087] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  724.667364][T10095] netlink: 132 bytes leftover after parsing attributes in process `syz.8.1384'.
[  726.736216][T10096] loop7: detected capacity change from 0 to 32768
[  726.828232][T10121] overlayfs: filesystem on './file1' not supported
[  726.846442][   T26] audit: type=1800 audit(1753284278.384:48): pid=10121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1381" name="bus" dev="loop7" ino=65 res=0 errno=0
[  727.059947][T10123] Illegal XDP return value 8 on prog  (id 438) dev N/A, expect packet loss!
[  727.661252][T10135] loop0: detected capacity change from 0 to 512
[  727.690735][T10136] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1396'.
[  727.706327][T10135] EXT4-fs: Ignoring removed nomblk_io_submit option
[  728.427319][T10135] EXT4-fs (loop0): Test dummy encryption mode enabled
[  728.434270][T10135] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  728.626403][T10135] EXT4-fs (loop0): 1 truncate cleaned up
[  728.632499][T10135] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  730.597791][ T8352] EXT4-fs (loop0): unmounting filesystem.
[  730.940056][T10165] loop3: detected capacity change from 0 to 128
[  732.199785][T10172] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1407'.
[  733.611243][T10187] xt_hashlimit: max too large, truncated to 1048576
[  733.618639][T10187] No such timeout policy "syz1"
[  737.359777][T10183] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  738.240234][T10227] binder: 10218:10227 ioctl 4018620d 0 returned -22
[  738.247417][T10227] binder: 10218:10227 ioctl c018620c 200000000380 returned -1
[  738.257015][ T4272] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  738.486982][T10234] loop8: detected capacity change from 0 to 512
[  738.510104][T10234] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  738.639046][T10234] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  738.696179][T10234] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2195: inode #15: comm syz.8.1422: corrupted in-inode xattr
[  738.735449][T10234] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.1422: couldn't read orphan inode 15 (err -117)
[  738.778250][T10234] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  738.879530][T10220] loop6: detected capacity change from 0 to 32768
[  739.026160][T10245] loop3: detected capacity change from 0 to 512
[  740.346869][T10245] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  740.356009][T10245] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  740.373469][   T26] audit: type=1800 audit(1753284291.914:49): pid=10220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1420" name="file1" dev="loop6" ino=4 res=0 errno=0
[  741.030583][ T8040] EXT4-fs (loop3): unmounting filesystem.
[  741.371094][T10255] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  742.118641][T10276] device pim6reg1 entered promiscuous mode
[  742.575364][T10284] binder: 10283:10284 ioctl 4018620d 0 returned -22
[  742.582487][T10284] binder: 10283:10284 ioctl c018620c 200000000380 returned -1
[  742.625236][ T7416] EXT4-fs (loop8): unmounting filesystem.
[  744.225859][T10324] 
[  744.236254][T10324] =============================
[  744.241268][T10324] WARNING: suspicious RCU usage
[  744.246168][T10324] 6.1.146-syzkaller #0 Not tainted
[  744.251324][T10324] -----------------------------
[  744.256172][T10324] kernel/events/callchain.c:161 suspicious rcu_dereference_check() usage!
[  744.264744][T10324] 
[  744.264744][T10324] other info that might help us debug this:
[  744.264744][T10324] 
[  744.275106][T10324] 
[  744.275106][T10324] rcu_scheduler_active = 2, debug_locks = 1
[  744.283248][T10324] 1 lock held by syz.7.1447/10324:
[  744.288376][T10324]  #0: ffffffff8cb2afa0 (rcu_read_lock_trace){....}-{0:0}, at: rcu_read_lock_trace+0x37/0x70
[  744.298635][T10324] 
[  744.298635][T10324] stack backtrace:
[  744.304571][T10324] CPU: 0 PID: 10324 Comm: syz.7.1447 Not tainted 6.1.146-syzkaller #0
[  744.312817][T10324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  744.322887][T10324] Call Trace:
[  744.326160][T10324]  <TASK>
[  744.329089][T10324]  dump_stack_lvl+0x168/0x22e
[  744.333788][T10324]  ? show_regs_print_info+0x12/0x12
[  744.339005][T10324]  ? load_image+0x3b0/0x3b0
[  744.343535][T10324]  lockdep_rcu_suspicious+0x1dd/0x300
[  744.348898][T10324]  get_callchain_entry+0x2a5/0x3b0
[  744.354009][T10324]  get_perf_callchain+0x9f/0x480
[  744.358964][T10324]  ? put_callchain_entry+0xb0/0xb0
[  744.364079][T10324]  ? preempt_schedule_common+0xa5/0xd0
[  744.369541][T10324]  ? preempt_schedule+0xa7/0xb0
[  744.374419][T10324]  ? verify_lock_unused+0x140/0x140
[  744.379631][T10324]  __bpf_get_stack+0x2ce/0x4f0
[  744.384387][T10324]  ? stack_map_get_build_id_offset+0x9c0/0x9c0
[  744.390556][T10324]  ? bpf_prog_b8a90dd1efcc4ad9+0x3d/0x41
[  744.396208][T10324]  bpf_get_stack_raw_tp+0x189/0x1c0
[  744.401417][T10324]  bpf_prog_b8a90dd1efcc4ad9+0x3d/0x41
[  744.406878][T10324]  bpf_prog_run_pin_on_cpu+0xa4/0x140
[  744.412263][T10324]  bpf_prog_test_run_syscall+0x30d/0x490
[  744.417915][T10324]  ? sock_gen_cookie+0x60/0x60
[  744.422686][T10324]  ? sock_gen_cookie+0x60/0x60
[  744.427552][T10324]  bpf_prog_test_run+0x31e/0x390
[  744.432514][T10324]  __sys_bpf+0x593/0x6d0
[  744.436776][T10324]  ? bpf_link_show_fdinfo+0x340/0x340
[  744.442156][T10324]  ? lock_chain_count+0x20/0x20
[  744.447005][T10324]  __x64_sys_bpf+0x78/0x90
[  744.451429][T10324]  do_syscall_64+0x4c/0xa0
[  744.455863][T10324]  ? clear_bhb_loop+0x60/0xb0
[  744.460548][T10324]  ? clear_bhb_loop+0x60/0xb0
[  744.465211][T10324]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  744.471107][T10324] RIP: 0033:0x7fad4158e9a9
[  744.475527][T10324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  744.495125][T10324] RSP: 002b:00007fad423d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  744.503534][T10324] RAX: ffffffffffffffda RBX: 00007fad417b5fa0 RCX: 00007fad4158e9a9
[  744.511516][T10324] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a
[  744.519500][T10324] RBP: 00007fad41610d69 R08: 0000000000000000 R09: 0000000000000000
[  744.527460][T10324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  744.535424][T10324] R13: 0000000000000000 R14: 00007fad417b5fa0 R15: 00007ffe19bcb2e8
[  744.543399][T10324]  </TASK>
[  744.546450][    C0] vkms_vblank_simulate: vblank timer overrun
[  745.922464][T10282] netlink: 'syz.3.1435': attribute type 10 has an invalid length.
[  745.939615][T10282] team0: Device ipvlan1 failed to register rx_handler
[  745.973705][T10301] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  747.180477][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  747.186852][ T1277] ieee802154 phy1 wpan1: encryption failed: -22