last executing test programs:

1m28.65583306s ago: executing program 2 (id=178):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000103})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x11, 0x200000000000002, 0x300)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, 0x0, 0x0)

1m27.9439053s ago: executing program 2 (id=180):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x23500d8, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

1m27.688535064s ago: executing program 2 (id=181):
io_uring_setup(0x3e2e, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, 0x0, 0x40000)
mq_unlink(0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Le1cYB/CTgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS9hZq7dIWU/rj81ku55znuc89fG/gfy0efmo2m7EQQjPx97u/P8tPFHunxqZnQoiF+RBC/puvfz2JRRW/v/UiWpeidTGRqR3cjr+eddz1PVRTR/Ho/DIewg8hhKWn4+S/vRtfvvPcdXJjc6WwtZZbfCysPw8vDOR7tvPLuyOH2fJsd3Yu+rEu462Zn6qNntw3Sy977YNt1VojcxPVpWOfM5//1p/z3++q1CuNyf7T1aF0Z/2qvBPl/iZ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgk53nrpMbmyuFrbXc4mNh/Xl4YSDfs51f3h05zJZnu7Nz8d/qLuOtmZ+qjZ7cN0sve+2DbdVaI3MT1aVjH1q/+/FzPokW+ja8z3+/q1KvNCb7T1eH0p31q/JOlPvbx/wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5SfqLYOzU2PRNCLMyHEMbjHce/7DcT7+suomcp2i8mMrWD2/HXs467vodq6mgqEcIfW5aejpNfteoS/GM/BwAA//8394ZP")

1m26.563343812s ago: executing program 2 (id=185):
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x3800813, &(0x7f0000000540)=ANY=[@ANYBLOB="696f636861727365743d6370313235312c757466382c6f76657272696465726f636b7065726d2c6e6f6a6f6c6965742c6e6f6a6f6c6965742c6f76657272696465726f636b7065726d2c646d6f64653d3078303030303030303030303030303030332c6e6f636f6d70726573732c6d6f64653d3078303030303030303030303030303365382c6e6f726f636b2c626c6f636b3d3078303030303030303030303030303230302c636865636b3d72656c617865642c6f76657272696465726f636b7065726d2c636865636b3d72656c617865642c6d61703d61636f726e2c00aaf173231c8fa2125fe6f2a7691bf718642c029cb01a995f84dfc799c1a997db60e5eaf9103b75f05682a57c9bf5d42b69634b1ce70512ad02fa514664ff526420a42e66f59ae74f883b354af5e974a51cc3699b92bcef11ba1c6f747eef2f1e6929c0839509e2b5588d97e9eafab0aa57dcfa15eec0f15cbefddb09ede996f076f8320ffb2935d820e69df2ff1aaa022261f7ea565017b85eedd6426a51559c8b7227f27ca697034550e9184a0bc21df03bd64eb7f4573ecf2a47891375f522c24bed2e751c31e567d0eb8d1f8ede3f4169efad70fee6bec277e28f8da5b0ce03e705ede26c8f63def6e8052d7280e28d69d5d62f76696d465faf5f440c345d5a5720277587a958d795940e149f35bdb6f91d49fc2029fdf86731baa97bda944032df343da307b2285f777ae8edde19bb09e35550274dc0cf88ec034e45912e79522eb41e93e587ba425598208fef00eee7218bfc5d41c464c75939ea647634f57a991f5e1d082d357c6d433d"], 0x1, 0xa51, &(0x7f0000001240)="$eJzs3ctvXNd9B/DvHZISQ7u24qiuKzjiSK4UxmEpkqqlCl6kEjmSmPJRkBRgoYsojahCEFu3cQs4RoEoQNFVjBZo0UW7M7rqykA2TReFN0W7a1ZdFCj8LwRdqSsG986QHJIzHIrhy8rnQ8zMffzuOec+zj2cmTv3hC+WtVe3jK2tVY99jt/75yMoMSfYrenPP/n04/Lxw6c5lb68U/xLMpiknvQneSMZmJpeXJjrkdCT5EGSz5Iiyek0X/fkQYq/zsub45+l+Mcy365O7TVlelnjl9pxH38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHASFVPT4+MTxanMzN97r96U1HeYml5cKLK2tnPO+jJNP6l6/S5+0jPfpCgfGRxc7+r7jbObs19PUr+YN5tjb1YdkmcwH730+pl3v9JfW1++W2l+Iaf3nuwH3//oyXdWV1e+13FuURxgqU6Y5jFypzE/s7QwM3fzTqM+s7RQv3Ht2viVu7eX6rdnZhtL95eWG3P1qcXGzeWFxfrI1NfrEzduXK03xu4v3Ju/Mz0221ifeP03J8fHr9W/NfZ7jZuLSwvzV741tjR1d2Z2dmb+ThVTzi5jrpcH4u/OLNeXGzfn6vVHj1dXrm4rWV+2Hb9l0ESv9SmDJnsFTY5PTk5MTE5O/LDVe/bGhGvv3Hjn+vh4/3jTy2kNZEfEIR20nCxf6r6bD/4kDvtUa7b/yWxmMp97eS/1jn9Tmc5iFjLXZX7Levt/6Upj12zT1v63Wvn+tvnnyqeLOd8aHezS/ncpy9H9fZDv56M8yXeymtWs5HvHXqKj/buTRuYzk6UsZCZzuVlNqbem1HMj13It4/l27mY4S+nP7cxkNo0s5X6WspxGdURNZTGN3MxyFrKYekYyla+nnoncyI1cTT2NjOV+FnIv87mT6dysUnmUx9V2v7pLGTeCJvYSNLlL0I7GvFv7v2H7Io3t/5zwAqrtupcP4SwO+7PWav9P9Q4dmdoy2n94hQIAAAAO1K//Z145+9p//G9S5KvV9/K3Z2Yb48ddLAAAAOAAVZfrvVm+DJRDX03h/T8AAAC8aIrqN3ZFkqEMN4fWfwnlQwAAAAB4QVTf/59PMbw5wft/AAAAeMH0vsd+z4hidP32v/WHzdeHrYjmWDF0e2a2MTa1MPvuRC5XdxmofmmwI7W+pBiofn7wdi40oy4MNV+HNlMs8xwsoybG3p3I27nYWpGRt8qXt0Y6RE42I7/WjPxae2RftkReLSMB4EV3cZf2eK/t/9sZbUaMnqua/P5zW9rgvqplHdeyAsBJsdHHzv+3ujTr0P6fb94b4Hy39v+3dnn/X0a8lkfDzUsKxvLdvJ/VPMxoWlccDHdKdb03guZlCKM9Pg0Yal2y8NPrtYzu+DxgcGNd22NXMpnRjp8ItKVbrJfhajOu77D2AgAcrYu7tsPr7X/1IXnX9n909/f/bW2uSwoB4CTY6MH+eQeG9x583OsIAGyllQYAAAAAAAAAAAAAAAAAAAAAAAAAAICDt6cb+P/X5WR1dSXZb2cBHQZ++u//+itdY370UjL4PCXcfaCWAynz6SQHsu6HN9CX5Lhy/2aee6lyH5+UTfciDRRPqwr7C6VzzCcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjkSR9HWaXktOJxlPcuXoS3V4nh53AQ5KfX+LFc/yLB/mlYMuDgAAAAAAAAAAAAAAAAAAAAAAAAAAAADAL7vW/f9rab6+1JyU/lpyKcmDJL9/3GV8HoM95j87onKcPH9UPbfd/7+WDGStSH/W1tbWkmJganpxYa48FIrT5fzPP/n04/LRNckfrA/s7FWhTKDMYUvnEq0c2qYMbF3qy9VSQ9MrHzz5s/f/pD59qzowby3fnp2eu7P4O5uBrxc/bnaB0N4Nwnp5/+LSv/1N2+RTrcx/nP5uK7I939tVvtM78/21Tkt3yXcPHq+uTJY5LTfeW/7zP661z3otF5K3RpKRrTn9YfnoktOF7dtzq+JnxV8Vr+Tv86Da/+XWKNaKche9Wq3/lx49Xl0Z++77qw83yvSDxx+2JXAmw0kebq1lPco0XJ1POnqpynWgzHW8CiqfzvZIb1dtKU5sbtct6/Dl6pAZeq51qHdfh0qP7d4q0dXtJVorK8nf/ulXcnnXPX26Q4qXe+TYUfGz4n+Ku/nv/GVb/x+1cv9fSsfa2SGJKrLtSGmft6V61S5trvlk+4xvb0+za63kEPwof5Df3tj/ter8315vJrvUm43z0TfbJnapN+tVq0u9OL21pu6oFy296sXOmvpPr+5oUbbmmrPbWqTW2afbMq1ynm1GdSnnr+YbSf+55zqjfKPHGaXX8vut//9QjOT/8lT/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMlXJH2dpteSS0nOJHm1HK8na9tjnu4jv9pQsZ9iHpj9lPmLp+i6osWzPMuHeeWoSwQAAAAAAADA4bg1/fknn35cPqrv4/vyG7XWnHrSn+RM8XcDU9OLC3M9EhpIHqx/pT/YOaTL5Dwon17eHP+sHHujR37He/kAAHyh/TwAAP//FnluMg==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(0x0, &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020)

1m25.893844182s ago: executing program 2 (id=188):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0, 0x0, 0x6f2}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fanotify_mark(0xffffffffffffffff, 0x469, 0x40001002, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
syz_mount_image$bcachefs(&(0x7f00000058c0), &(0x7f00000000c0)='./file0\x00', 0x3, &(0x7f0000000000)={[{@inodes_32bit}, {@prjquota}, {@errors_fix_safe}, {@errors_ro}, {@reconstruct_alloc}, {@recovery_pass_last={'recovery_pass_last', 0x3d, 'initialize_subvolumes'}}, {@nochanges}, {@verbose}], [{@audit}]}, 0x1, 0x590a, &(0x7f000000b240)="$eJzs3W2QXFXdIPBzu3synZm8TAJIBJkMgSiCmglvhS+l0fWtAKlYWErYKAxkgtEkpJIgEFCCCy4UYKGlpagf0EJq0WhRBatESuRlE1ZRitWltpBa3UU/+BTykBLIQ1k+5qmZvqfTc6fv3J7unpDA71fJ3D6nb//Pufeevt3/03emAwAAAK8Ju6/fsvecoz7wqy+OvnTNh3+24drQXx6vr8YVBtLlFa9UDzmQeiuLxpfZcfGmq37w56GL3/fLu/u+//KuNceu/f37D7v4/s+cufO2bz/04tx7//lMUdw4nk7cX06eS0Ko/nzP17+067Ejx+qSEEI5GdgewoJk4UMLkkyI4b+HENakhUWZO+956ZS1Y8trb+qdUD8/s57x/tpWTcfZtr2XnxT+8N5V1/1m8Y9/1LPj2e37V0mqDeMphHkXNj6+J13OTpdxtMXxGAftyhBCX8Pjzijo13FN6k5sUrcsp3x0upyVLvsL2ov3L8mUS5n1suWoJ7PsK2ivU3n9aHe9InMy5ezJqFN5/Yz1C9LlT9Nls7EwlXL8n4RSEir17q9P9o+R0HDckpCMH8tqvVyqH9uQbn+mnGTKpUy53JPZrvF204FWTpKJ9XG9TH08HVfS+mMbz9VNnJtT//p0WU2fqC/HcsjeqOmfdKO+XeNiv/ZM0ZcDodRwLsrW9zaO2/Rg9Kd1/cnCSY/Z10S8b9eqm5eWVz+8eyCnH8ndSRo/aSv+tl8vmPOpH954WfZ1vR7/wlIav9RW/D+e9fjz59/4vW/lxr81xi+3Ff/kB/qeO+uR65fk7p89cf9U2oo/8syjtyw+/KIduf2/PcavthV/xc7He+fufeDB3P4Px/0zu634T7/zg3+668n7ns2LP/TP8fh/iw+bbvzVOzd9uXdw7wm5/X8w7p/+9sbPCztOf2pw8C9DefGfiPHnNou/rij+ndtve8cd8286M/f4roz7f6Ct/p99/P3Xzdl73zF5587k9uJXzqL3FACvZYel58kb0nK7eWanGvKFbw5Vau/55qT/53azoYyxdubNYHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXpuOOOl/fuj/f3zguUpa7k1vPF2qLWP9rBCS2SGELVtHNm9dt/GSoc9cetnmjSPrh0a2Do1u3Lr5yqFT3zK0eXTT+pErx+4dfusptcctDEltmRwzqe19+/btKw1MrIvt/afjd/xh6Rn/8tcQho/43WAlt//Lbttwx+FNfmYkK/a9Z8Nl5/zutO+m2zWQ9msgp18hp1//et4/7vjqnj+fEMLw66bq16NPv/sXEzo0XrE/TqrUG2od6k36mvaj3uu0P3F/VdauWz86XLx/yznb8Z+vevbva6/4yj9q+7eaux0t7t/ZK/atL31j1dn//o2raxUH63Ev2t9xK2L/4v6rpvt7Xrpd83K2q5KzXdf/5sEnf37UjS9uD8OVFxZPbrtou3rSAdCTvL6ldmMLfcmCCfXVdP14xOPjlm3dsGnZliu3vXXdhpFLRi8Z3fj25acuP334tNNPWza+5cumuf0v7Zt6+2P7b2xx+w/MeJr/ue0/jT9bG09F/SoaD2P9Kt4fjT3Ke/71nfulr739tkfOqVUUjfO4dv18ki77xo7z8tAw3ibvq2bbVbQfQghDzfbD8y+eGY78P+uuKzoPNR6Zxp8ZyYp9jy3523fP+M6id9UqDsh5vrFDbZ7n673e35/x/VVNj8fBun97Qzndrv6m/Vr+2CM9N+/+6+fr/Zs1K1wxsnXr5uW1n3PSns5Jjm7ar2xt3K7F4z/LId0toT5Mm4zXMT2h1r/s+TOunt2r/el9/cnCptuVFe/btermpeXVD+/O29PJ3bUWZ4e5tWXyhpw112ceWK53uFn7jeOj1KS/B+v4GPzQd+79+L0/OXXS+Di59rNo3Cc52/XjJ+/82ve/8l9/0r3t+tC7Hx/42//99NJaxaFyXqn3Ou1P0nheOTmEouff4tB8O3Kff9nBlyp6/mXb2b9+83hDmXJ/KLf1fD35gb7nznrk+iW5z9c9rT5fr55QKhc8Xw+W8fPKPb8mDJRkxb5f3nDY9oeuWXlUraJoXNfXbjauT2kh/8jZrl+c/9TgpUP/5X9377zxg7fcc8HvR1Z8oVZxsBz3arp/qzn7t97rmHc27t+3XXzp+jW1+oP3/W+6LMh/4qlky5XbPjuyfv3o5i2tbVerr6exnexebvf1NJ7dFhZsV2nSds3cjVb2V6vPt9j/NW3vr4nPt/6QtPW6sO3XC+Z86oc3XjYw6VFpQxeW0viltuL/8azHnz//xu99Kzf+rTF+pa34I888esviwy/akRv/9iSNX20r/oqdj/fO3fvAg7nxh2P/Z7cV/+l3fvBPdz1537O58UOM39/e/n9hx+lPDQ7+JTf+E0nazth7pBDueemUtbVyEnrS51vsR8+EfoVsOcmUS5lyubFcqs211hsoJ8nE+rheWn9sQ1+a+UROfXwXVl1UW74cyyF7Y+r6g02p4dzfrL7ofSoAwKtd/Pw/vgeNn/+Ppm+U8mcaYL9O87BFOXFjHrZ/PmfWhPsXpfHj4+M84ODbwvDY8tqh2hv96c5zxudDdp4ztnPCcRNjtDvPWTT/viRTjv2qzZdXGvLQ1OS8phJamH+f3M7U8++ZzS+eHx+6YVK3huLJpcnx60lnzJpd75Dpb2UsQN74yM6Lxes5BueFlePttTg+stfRxOOQvY4mtnNU5sTZ7nU0nY6P2O0pxsd4l4s/35h8/MIU+3f/8WseLXv8pnG8q2Prz/Tns4f+vGHB52G9oWn8Vj8PMy+ZEz99gh3s84axPm5HpcX5xI/n1HdrPjGeLmK/9kzRlwPBfCLwahXz//gaMZb/j70B/7fMekXvQ7PvGmO83OuEys37U5R3TL5Or6+t1/HVOzd9uXdw7wm573MebPW6n00TSn0F1/0U7celmXLhfsyZoCnK97LtFO337HUZ/WFuW/v9zu23veOO+TedmbvfV9ZeSIv3+9cmlOYW7Hf5Qk78VvOFnPjyhYPjOoai+bNXLB9JL3yaqXzkYzn1081H+ibdqG/XuEMuH+k5sP0CAA4dMf+vf36W5v//L7NeUd56YqYc4+XmrTnvT/Ly1o+kyysy6/env1Ex3ffNZx9//3Vz9t53TG7ecnureeh/m1AaKMxDO8ubc/OIld25Xjw3j6jnWZ3libn9r+eJneXpufHreXpneXTu/qnn0Z3NA+TGr88DHOp57szO171q8+j012dnKo8+N6d+unl0/6Qb9e0aJ48GAHhlxfw/vo2L+f8jmfU6fd+emxd06X179u+B1OM/caDyypnO+2Y6b53pvH6m5yUO9bx4pueFZnaeTF6clkP2Ro28GACAg0HM/2en5fz8v7P8JDd/q+cn8vOm8eXnB0l+PpPzX9vTETqT81/Tyv/r2esM5f+TfstE/l8j/wcAYCbF/D/+2mP8+3//Iy1n/269PD0nvjz9NZCnH4jrVGZ6ns11AOYBipkHAAB4dekZz5Qm/579J9Nl9vfs834v//yc9VtVGf8d+xAu2rp5dPSCyzatGdk6esHGS9eMbrng8s3rtm4d3Vhbr9O8MTdvSfPGnlBJ90fz9bJ52/z07yHMz/l7CNn1Y9ijx29M/nsI2WZnF/wdgf3Hr7X+5h2/0hTrNxsfecc7L/4nctaP6sf/4k+ffMHaLRes27hu67qR9eu2jU5cbyxr7ZvG92bG3TKt783M/JikNP3v7+xOP0qT+tGT7o+872dPMv1YkPZkQd73H+T0+1f/66ufO37fP+4KYfiI8hs62n/Jin3//bzRj2zd/btNY/0vTdn/+pppv4q+rzS7ftyeyvpLt2w9ae2ll23MfqNke+J8RqlenqH5jPTpX25xfmJ1Tv105yfKk24cnFqenwAAYIL4+X98Pxs/P/xK+gYq1reep3f2+XFunj7cWp6e/V6yojw9u37c3lbz9GqHeXq2/aI8vdn6zfL0vLw7L/7HctafrtbHSWfXeeSOkwtbGyfZ7zMoGifZ9ac7TpIOx0m2/aJx0mz9ZuMk77jnxf9ozvp5Wh8PnV2Xkzsebm1tPLw5Uy4aD9n1pzseSh2Oh2z7ReOh2frNxkPe8c2Lf07O+q2aOD7GBsb4uBi94PJLN3+2Yb2Z/v6Lzvs3s9//0a7W+z+z133NfP9n9rqyme9/Z9eV5fb/ic5mwlrv/8x+v0u7Dth8bXqxWdH1Z0XzuKty6qc7jztr0o2Dk3lceOXE/D9+3BPz/5vSZbc/Bjr0vyfN95g1jd+l7zEreh/z6ns9rwXyeg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw2tJbWTS+3H39lr3nHPWBX31x9KVrPvyzDde+6aof/Hno4vf98u6+77+8a82xa3///sMuvv8zZ+687dsPvTj33n8+Uxh4oLY4MS1WQ0ieS0Ko/nzP17+067Ejx+qSEEI5GdgewoJk4UMLkkyE4b+HENbU+znxznteOmXt2PLam3on1M/PBMluV+gvx/5M6Ge4onCLOARV03G2be/lJ4U/vHfVdb9Z/OMf9ex4dvv+VZJqw3gKYd6FjY/vCSHMTv+PiaNtUXxwulwZQuhreNwZBf06rsX+L8spH50uZ6XL/oI48f4lmXIps162HPVkln0F7XUqrx/trldkTqacPRl1Kq+fsX5BuvxpujxxmvHL8X8SSkmo1Lu/Ptk/RkLDcUtCMn4sq/VyqX5sQ7r9mXKSKZcy5XJPZrvG200HWjlJJtbH9TL18XRcSeuPbTxXN3FuTv3r02U1faK+HMshe6Omf9KN+naNi/3aM0VfDoRSwzmoWX39wKcHoz+t608WTnrMvnHV+q0x8b5dq25eWl798O6BnH4kdydp/KQg/kTxvm2/XjDnUz+88bJFefEvLKXxS23F/+NZjz9//o3f+1Zu/Ftj/HJb8U9+oO+5sx65fknu/tkT90+lrfgjzzx6y+LDL9qR2//bY/xqW/FX7Hy8d+7eBx7M7f9w3D+z24r/9Ds/+Ke7nrzv2dz4Icbvayv+6p2bvtw7uPeE3PgPxv3T3974eWHH6U8NDv5lKC/+EzH+3Lbi37n9tnfcMf+mMxuPb+OpJ1kZ989AW/HPPv7+6+bsve+YvHNncnu3XjkBXpsOS8/bN6TldvPMTjXkC98cqtTe881J/8/tZkMZY+3Mm8H4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8Ov326lM/ed57PrqqkoSQ5Kyzr4l4X3nWihVDbbQ78syjtyw+/KIdjXWL2ogDAAAAFIt5eKleUw2LwuXJ7HB00/XjHMHRsZRMrM/OIcQ42TmCduPs3bt/7qGTOOUu9afSpTg9XYozq0txersUp1oQpxpaizN7yjilif2p5sfpm06cKfrT36U4c7oUZ26X4szrUpz5XYozMGWc1sfhgi7FWdilOId1Kc7hXYpzRJfivK5LcY7sUpzsnPJ0x+HcdM2j8uKM3ygXxqkk5fodzebTYzvHdNhOf4vt5L4et9jO7BbbOS7zuNI026m22M4bO2wnabGdN3fYTqmgnThur8j2L7YTSy2O/yu7FGdbl+Jc1aU4V3cpzue7FOcLXYpzTYdxAFoV8//9+d5A6K28K/SlZ5zsLEDMdxeP/5z8epd3Qorx3pCpn1UUL5uoZ+Itnm7/SlPHW5Kp75kQr1LPR6aIV22MtzRzZ+H2ZicUMv07MVPfWxQvO7EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPot1ef+snz3vPRVSEJY/+a2tdEvK88a8WKoTba3bXq5qXl1Q/vbqzrrbQRCAAAACgU8/Ceek019FaWh95k1oT1quk8QDUtlwdqy8F5YeXYMhkqjZf7kgWTH1cO9cdV0sct27ph07ItV25767oNI5eMXjK68e3LT11++vBpp5+2bO269aPDtZ8h9DaL19CPEML49MOWK7d9dmT9+tHNW2qV2f4vSh+3KC0n6eMG3xaGx5bXpv1fWNBeaVJ7M3ej+OgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH+zab6hbZx0H8OckuUl2t9rI/mVlvQ39M+oc2tY76XQsBwQHW1t6GUgyvY7iWhzermVrR51xK7jNFkXYKJRKX1ipw83hm/1xQ9wfCpVZLXivRbahE/SFsumkG30hHZHem5ObpElzF0q7dZ/Pi3OS5/k9z+88eVH4nlsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM6tydroeKU8Vh2OQoh61NS7SObS2TguDdD3ay9s/VFu5MTy1rFcZoCNAAAAgL6SHD7UHMmHXCYd0uGq6W+LQ8tEmM39AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAx89kbXS8Uh6rXhyFEPWoqXeRzKWzcVwaoO+b7z71+ddGRv7ZOlYcYB8AAACgvySHp5oj+VAMS8JQdFVbXfJuYEHH+s66ZJ+Fc6zrfHfQq27JHOuumWPdp/rUrWvcdwQAAAD46Evyf6Y5Ugi5zLye+b9frk/qFnXUpRv3Urg2d1YeHAAAAJizJP/PhvJiyGWKzbw+17y/uKMuWd/v7/bJ+mU91vf7e/7axt3f6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgo2OyNjpeKY9V01EIUY+aehfJXDobx6UB+q56cfjftx56eHHrWC4zwEYAAABAX0kOn43e+ZDLDIehcPF07h+5ef8zX3nmudEQwkzMz2bDjg3btt2zauaa1K08cmjoh4ff/u5pdStnruftgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFkzWRsdr5THqhdFIUQ9aupdJHPpbByXBuj7xhe//Pcnjj3/VutYcYB9AAAAgP6SHD6b/fOhGLIhG66Y/taa9U9Jdazv9c4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuHDc++37v7VhYmLjPT744IMPzQ/n+18mAADgbFsUolCf9rfGSL2vK9ef54cGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+FCZro+OV8lg1H4UQ9aipd5HMpbNxXBqgb/zC0dy8Ey++3DpWHGAfAAAAoL8kh89m/3wohqEwFC6f/tbtncB0/i+cw4cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPlQma6PjlfJYdV4UQtSjpt5FMpfOxnFpgL6P79z3hYPzf3BL61guM8BGAAAAQF9JDs82R/Ihl7k25MLVje8T7QuidOPe/b3A7LqtbcuG57yu1rYuPed1uzpOlmmcZmZdPtmvMHNvrit1rgs/KbWsK4Zm+1LburCnbdG8Ps/Z2QQAAADOpST/55ojhZDL5Fpy7s/b6gtyLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQw2RtdLxSHqtGUQhRj5p6F8lcOhvHpQH63v/7T17y9V/s3t46VhxgHwAAAKC/JIfPZv98KIaF4RNh4XTuD4X2+qTuP5WTBx/77z+Wh7DiiqmRTM/9f/vGTS91XkJItRelQpjf6Bf16Pe7Pz5239L6ySdCWHF5+uoP2q99y7j+bGXj2m2Hp7ae4YcBAACAC0iS/4eaI4WQy9zdM/8nyfsD5f/59+381WWNayORd6xIFRr9Uj36fWnpU39dtvpfb5/K/2fq99l9mw9e1tZwZqRDFNfLm7evm7r+QCo59Uz/dEf/5Hf56nfe+t+mHY+enOmfD/nG+IJMt/6nXztcFNcnUnura97fW2vvn+lx/of/8PKx3yzY/d6p/u8uGm72v+YM5z9z/+HbHtlzw75D69r7hxBK3fq/894t4co/3/VQ5/mHOzZu/eVbrx2iuH5k8fEDq/cXb2zvH3X0T37/Xx57fM/PHv3+c0n/5P+KLF8y1/6pjv6v7rp05ysPrl/Q3j/V4/wv3f7ayJbS9/7Uef47Bz7/k9c9fcfrG+IHOqcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLJO10fFKeayaikKIetTUu0jm0tk4Lg3Q981bj75z++6f/rh1rDjAPgAAAEB/SQ6fzf75UAzZkA3D07n/2crGtdsOT20NhZnZqHHPTGy5d9unN23Zfved5+nJAQAAgLlK8n+mOVIIuczSMNTI/+XN29dNXX8gleT/VJL/N901sXFFaNa9uuvSna88uH5B8z1BCNP/LSB/qu5zs3U333S0cPwv31zWtW7VbN2RxccPrN5fvDGpC611K0Pz/cST1z19x+sb4geaz9da95lvbJlovJ5I9h2+7ZE9N+w7tK55jsZ9uLFvUjeR2ltd8/7eWlKXbtzzjXMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKebrI2OV8pj1ZAOIepRU+8imUtn47g0QN81S3/90CUnnl/YOpbLDLARAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8nx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs101oHVUfB+Bz7k3e3OYmbdK+YFRM06oodWFRENGNioq0IgVXlSLV1i5EQRBR6sJUWrFUxY1gdVNEBTVKQcHGYmmVVPwqblyooFBdCKUY0IbiQiXJObc304xXJ1VQnweGc8+Zmd/8Z87J5F4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAfpadraKY9vOP+qVvOueGjR+868chN79y77aKHX/1uZNN1H+7tfenkxOYVW768ftmm/XevGd/9/KGf+t/65WjH4Idmm1Wp2wghHo8hNN6dfOaxiY/Pmh6LIYR6HBgNYTAuPTQYCwmrfw4hbG7VOXfnmycu3zLdbtvVM2d8SSGkeF+hWc/1zBqYWy//Lo20zrZOPXhJ+Pra9ds/Xf7G691jx0ZPHRIbbesphMUb28/vDiEsStu0vNqG8smpXRdC6G0778oOdZ3/B+u/tKR/bmr/l9pmh5y8f2WhXyscV+xn3YW2t8P1FqqsjqrHddJX6BdfRgtVVmceH0zt26ld9Sfz63mLoRZDV6v8e+KpNRLa5i2GODOXjVa/1prbkO6/0I+Ffq3Qr3cX7mvmummh1WOcO56PK4zn13FXGl/R/q6ex60l42entpH+UE/mfih+mNU87UPrvmbkuiZ/p5a/Q63tHTTfeGvi02Q001gzLj3tnF/nkfdNrH/iwvqG9w4PlNQR98aUHyvlb/1ksO/213Y+MFSWv7GW8muV8r9Ze+SH23a+8Fxp/tM5v14p/7IDvcfXvr9jZenzmczPp6tS/h1HP3hy+f/vHCutf0/Ob1TKv2b8SE//1IGDpfWvzs9nUaX8r66+8dtXPt93rDQ/5PzeSvkbxu97qmd46uLS/IP5+TSrrZ8fx674Ynj4+5Gy/M9yfn+l/JdHd1/14pJda0rnd11+PgOV8m++YP/2vql955W9O+OeM/WfE+C/aVn6jvV46lf9nblQbb8Xnh3pmv3O15e2/jN5oYLp6yz+C/MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dd24IAEAAAAQND/1+0IFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4KgAA//9pfTUb")

1m23.715898793s ago: executing program 2 (id=197):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@broadcast, @private, @initdev}, &(0x7f00000001c0)=0xc)
gettid()
socket$kcm(0x11, 0xa, 0x300)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

1m23.125718135s ago: executing program 32 (id=197):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@broadcast, @private, @initdev}, &(0x7f00000001c0)=0xc)
gettid()
socket$kcm(0x11, 0xa, 0x300)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

10.011039826s ago: executing program 4 (id=459):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x11, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'rr\x00', 0x0, 0x80001088, 0x73}, 0x2c)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000081c00071000040000500000002000000ffffff"])

9.215219779s ago: executing program 1 (id=462):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
dup(0xffffffffffffffff)
io_uring_setup(0x2e34, &(0x7f0000000240)={0x0, 0xe148, 0x0, 0x0, 0xd4})
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
read(r5, &(0x7f0000000840)=""/40, 0x28)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00'}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000003c0), 0xfef85154c7902b6e)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x40505330, &(0x7f0000000bc0)={0x800100, 0x0, 0x0, 0x724f, 0x0, 0x55a})
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @local}, 0x10)

9.036160858s ago: executing program 3 (id=465):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket(0x400000000010, 0x3, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x300f000, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
openat$tun(0xffffffffffffff9c, 0x0, 0x440, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601020000000000800000000000000900020073797a310000000005000100070000001c0007800c00018008000140640101020c00028008000140"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

8.821967378s ago: executing program 3 (id=467):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00'}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r2, {0x1, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

7.616134027s ago: executing program 4 (id=469):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000002380)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bc21, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xffff, 0x8}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8008}, 0x20004804)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@gettfilter={0x24, 0x2e, 0x5e3171053baea80f, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xc, 0x10}, {0x0, 0xfff1}, {0xfff2, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x4041080)

7.31153061s ago: executing program 1 (id=472):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000000)=ANY=[], 0xfe37, 0x0)
unlink(0x0)

6.787998447s ago: executing program 1 (id=474):
syz_mount_image$vfat(&(0x7f0000000780), &(0x7f0000000000)='./bus\x00', 0x90, &(0x7f0000000140)=ANY=[], 0x6, 0x2d7, &(0x7f0000000340)="$eJzs3T9rJGUYAPBnNrN/1GJTWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2Fe4g4h+cu0rsbCz9BILgB7GxsxRsBTsjBEZmdia7m4ybjWQjmt+vSN688zzzPvPOJJkmT957cXpwP4uHTz//JQaDJDqjfsRREtvRicaTWDL6OgCA/7Kjoojfi5mWwz9/tSJ3sMG6AIDNOef3fy2tPt4rI364utoAgM24e+/tN3f39m6/lWWDuDP98nCcRET5eXZ892F8EJN4EDdjGMcR1YtCN6q3hXJ4pyiKPM1K2/HKND8cl5nTd3+sz7/7W0SVvxPD2K6mTt42qvw39m7vZDML+XlZx7P1+qMy/1YM4/mT5KX8Wy35Me7Fqy8v1H8jhvHT+/FRTOJ+VcQ8/4udLHu9+OaPz94pyyvzk/xw3K/i5oqtZvH8iu8RAAAAAAAAAAAAAAAAAAAAAAD/Pzfq3jn9qPr3lFN1/52t4/KLbmSNeX+fDzt50x8oaU407w8UnaIo8iK+bfrr3MyyrKgD5/190nghrRsLAgAAAAAAAAAAAAAAAAAAwDX3+JNPD/YnkwePLmXQdANII+LPuxH/9DyjhZmXYnVwv15zfzLp1MPlmHRxJraamCRiZRnlRVzStpw3eOZMzfXgu+/PBidPZjcujbYTDs5ftNu+1gUHH3dn+9ga0zxdB/tJ+x72T4oflDcuTt+4XrSv3o1TM72/q7B5FNe7nF7roeGFt6X3XDXIV8REsur74rVfZ2UvXMVSTK/a1db0bj1YSD/1bKz1PMdgln72Z0WiWwcAAAAAAAAAAAAAAAAAAGzU/K9/Ww4+XZnaKfobKwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArtT8//+vM0iXk9fI6sWjx//WtQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9/BUAAP//gxtVEw==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x202, 0x0)
io_submit(0x0, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0xa00}])

6.431408028s ago: executing program 1 (id=475):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x499, &(0x7f0000000140)={0x0, 0xa064, 0x3180, 0x2, 0x25c}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000000340)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000000c0)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x1, 0x40, 0x1})
io_uring_enter(r5, 0x628, 0xc88d, 0x43, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000040)={0x0, <r9=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)=ANY=[@ANYBLOB="280000001800010000000000000000000200000008000000e00000020c00088008000c00", @ANYRES32=r9, @ANYBLOB="d9c3a20467035762d15ab417c772e7346b91969bf6c79c61b9f5ecf6db4584c6af1a902a6d5763a21e0bdeb018c77a3f7b7a90d5862771c5262d37a21d1321c79ab5b2f0784aa1afe59cb05fc8a01da2cf20155fff"], 0x28}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000004c0)='./file0\x00', 0x3000046, &(0x7f0000000240)={[{@delalloc}, {@discard}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@data_journal}, {@data_err_ignore}, {@dax_never}, {@oldalloc}, {@grpquota}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x1e}}, {@user_xattr}, {@nobh}, {@resuid={'resuid', 0x3d, r9}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r11, 0x0, 0x178}, 0x18)
r12 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r12, 0x5453, 0x0)
flistxattr(0xffffffffffffffff, &(0x7f0000000000)=""/121, 0x79)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000540), 0xfffffdd8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

5.970549326s ago: executing program 0 (id=477):
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x4525, 0x0, 0x1, 0x12d}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000640)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x0, &(0x7f0000000200)}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x22d2, 0x20, 0x0, 0x0, 0x0)

5.76385508s ago: executing program 0 (id=478):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
connect$netlink(r1, 0x0, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x80)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_TIOCOUTQ(r2, 0x5411, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
unshare(0x2000400)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$WPAN_WANTLQI(r4, 0x0, 0x3, 0xfffffffffffffffd, &(0x7f0000000100))

5.59195055s ago: executing program 0 (id=479):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

4.102640623s ago: executing program 5 (id=482):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1b, 0x2000000000000063, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x1, 0x0, 0x0, 0x0, 0xa1b96aadc3618c72, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x267}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33)

4.091421824s ago: executing program 0 (id=483):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x0, &(0x7f0000000280)})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000240)="01", 0x1}], 0x1}, 0x4048841)
recvmsg(r1, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
recvmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x2002)
close_range(r0, 0xffffffffffffffff, 0x0)

4.045694779s ago: executing program 1 (id=484):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000840)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000005c0)={0x44, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, &(0x7f00000001c0)={0x14, 0x0, 0x0}, &(0x7f0000000500)={0x34, &(0x7f0000000200)={0x60, 0x445615043b9e00a3}, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x0, 0x1, 0x9}})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000380)={0x34, &(0x7f0000000180)={0x40, 0x18, 0x1, "ff"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000700)={0x44, &(0x7f00000003c0)={0x20, 0x0, 0x2, "aceb"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.028945727s ago: executing program 3 (id=485):
syz_mount_image$vfat(&(0x7f0000000780), &(0x7f0000000000)='./bus\x00', 0x90, &(0x7f0000000140)=ANY=[], 0x6, 0x2d7, &(0x7f0000000340)="$eJzs3T9rJGUYAPBnNrN/1GJTWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2Fe4g4h+cu0rsbCz9BILgB7GxsxRsBTsjBEZmdia7m4ybjWQjmt+vSN688zzzPvPOJJkmT957cXpwP4uHTz//JQaDJDqjfsRREtvRicaTWDL6OgCA/7Kjoojfi5mWwz9/tSJ3sMG6AIDNOef3fy2tPt4rI364utoAgM24e+/tN3f39m6/lWWDuDP98nCcRET5eXZ892F8EJN4EDdjGMcR1YtCN6q3hXJ4pyiKPM1K2/HKND8cl5nTd3+sz7/7W0SVvxPD2K6mTt42qvw39m7vZDML+XlZx7P1+qMy/1YM4/mT5KX8Wy35Me7Fqy8v1H8jhvHT+/FRTOJ+VcQ8/4udLHu9+OaPz94pyyvzk/xw3K/i5oqtZvH8iu8RAAAAAAAAAAAAAAAAAAAAAAD/Pzfq3jn9qPr3lFN1/52t4/KLbmSNeX+fDzt50x8oaU407w8UnaIo8iK+bfrr3MyyrKgD5/190nghrRsLAgAAAAAAAAAAAAAAAAAAwDX3+JNPD/YnkwePLmXQdANII+LPuxH/9DyjhZmXYnVwv15zfzLp1MPlmHRxJraamCRiZRnlRVzStpw3eOZMzfXgu+/PBidPZjcujbYTDs5ftNu+1gUHH3dn+9ga0zxdB/tJ+x72T4oflDcuTt+4XrSv3o1TM72/q7B5FNe7nF7roeGFt6X3XDXIV8REsur74rVfZ2UvXMVSTK/a1db0bj1YSD/1bKz1PMdgln72Z0WiWwcAAAAAAAAAAAAAAAAAAGzU/K9/Ww4+XZnaKfobKwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArtT8//+vM0iXk9fI6sWjx//WtQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9/BUAAP//gxtVEw==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x202, 0x0)
io_submit(0x0, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0xa00}])

3.937013306s ago: executing program 4 (id=486):
io_setup(0x7, &(0x7f0000000100)=<r0=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_timeval(r1, 0x1, 0x14, 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f00000004c0)=[&(0x7f0000000040)={0x0, 0x4, 0x0, 0x0, 0x0, r1, &(0x7f00000000c0)='O', 0x1, 0x0, 0x0, 0x2}])
shutdown(r1, 0x1)

3.842027698s ago: executing program 5 (id=487):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1d, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e22, 0x8, @private1, 0x1}, 0x1c)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x2d, &(0x7f00000001c0)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
r3 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001240)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000600)=@bridge_getneigh={0x20, 0x1e, 0xb7b6511a36acb75d}, 0x20}}, 0x0)

3.731683364s ago: executing program 3 (id=488):
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = dup(r2)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r4, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000340))
r6 = dup(r5)
ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000000)={0x1, r6})
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f00000003c0)={0x1, r3})
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$ndb(0x0, 0x0, 0x22001)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES16=0x0], 0x34}}, 0x0)

3.140026363s ago: executing program 0 (id=489):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x20004804)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

2.901825916s ago: executing program 4 (id=490):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000e40)='./file2\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r0, 0x5, 0x4)

2.380115055s ago: executing program 3 (id=491):
poll(0x0, 0x0, 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x40002, 0x0)
write$sequencer(r0, 0x0, 0x8)
syz_open_procfs(0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
recvmsg$qrtr(r2, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x38, 0x10020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d0400", 0xc)
r5 = accept$alg(r4, 0x0, 0x0)
write$binfmt_script(r5, &(0x7f0000000600), 0xfec8)
openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x40d03, 0x0)
recvmmsg(r5, &(0x7f00000008c0)=[{{&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f00000005c0)=[{&(0x7f00000001c0)=""/200, 0x6}, {&(0x7f0000000140)=""/9, 0xa}, {&(0x7f0000000300)=""/225, 0x2}, {&(0x7f0000000400)=""/41, 0xfeb2}, {&(0x7f0000000440)=""/123, 0x7b}, {&(0x7f00000004c0)=""/203, 0xcb}], 0x6, &(0x7f0000000640)=""/123, 0x7b, 0x2000000}}, {{&(0x7f00000006c0), 0x80, &(0x7f0000000840), 0x0, &(0x7f0000000880)=""/24, 0xffffffffffffffe0}}], 0x2, 0xcb, &(0x7f0000008000)={0x0, 0x989680})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd2d, 0x25dfdc03, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0x2, 0xfff1}, {0x0, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x240410c0)

1.673015333s ago: executing program 3 (id=492):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

1.588875044s ago: executing program 4 (id=493):
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

1.404349169s ago: executing program 5 (id=494):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1.371870507s ago: executing program 4 (id=495):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x20004804)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0x1000)=nil, 0x1000}, 0x1})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

1.253308992s ago: executing program 5 (id=496):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = socket$inet6(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r1, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1.20322382s ago: executing program 5 (id=497):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a75"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
dup(0xffffffffffffffff)
io_uring_setup(0x2e34, &(0x7f0000000240)={0x0, 0xe148, 0x0, 0x0, 0xd4})
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
read(r5, &(0x7f0000000840)=""/40, 0x28)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00'}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000003c0), 0xfef85154c7902b6e)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x40505330, &(0x7f0000000bc0)={0x800100, 0x0, 0x0, 0x724f, 0x0, 0x55a})
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @local}, 0x10)

907.089489ms ago: executing program 0 (id=498):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1807000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_ALLOC_STREAMS(r3, 0x8008551c, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x1}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x60}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

54.838943ms ago: executing program 5 (id=499):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000280)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000240)="01", 0x1}], 0x1}, 0x4048841)
recvmsg(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
recvmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x2002)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=500):
socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sigaltstack(&(0x7f0000000480)={0x0, 0x80000001}, 0x0)
rt_sigqueueinfo(0x0, 0x21, &(0x7f0000000100)={0x1f})
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2000003, 0x13, 0xffffffffffffffff, 0x0)
setrlimit(0x4, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='stat\x00')
pread64(r4, &(0x7f00000002c0)=""/19, 0x13, 0x4)

kernel console output (not intermixed with test programs):


[   96.903237][ T6073] usage: type=reserved v=0
[   96.903237][ T6073] usage: type=reserved v=0
[   96.903237][ T6073] usage: type=reserved v=0
[   96.903237][ T6073] data_usage: btree: 1/1 [0]=2816
[   96.903237][ T6073] data_usage: journal: 1/1 [0]=0
[   96.903237][ T6073] data_usage: user: 1/1 [0]=16
[   96.903237][ T6073] dev_usage: dev=0  
[   96.903237][ T6073]   free: buckets=83 sectors=0 fragmented=0
[   96.903237][ T6073]   sb: buckets=25 sectors=6152 fragmented=248
[   96.903237][ T6073]   journal: buckets=8 sectors=2048 fragmented=0
[   96.903237][ T6073]   btree: buckets=11 sectors=2816 fragmented=0
[   96.903237][ T6073]   user: buckets=1 sectors=16 fragmented=240
[   96.903237][ T6073]   cached: buckets=0 sectors=0 fragmented=0
[   96.903237][ T6073]   parity: buckets=0 sectors=0 fragmented=0
[   96.903237][ T6073]   stripe: buckets=0 sectors=0 fragmented=0
[   96.903237][ T6073]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[   96.903237][ T6073]   need_discard: buckets=0 sectors=0 fragmented=0
[   96.903237][ T6073] log: 
[   96.903237][ T6073] clock: write=1280
[   96.903237][ T6073] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ve
[   96.903369][ T6073] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[   99.041873][ T6091] loop4: detected capacity change from 0 to 256
[   99.250975][ T6091] exfat: Deprecated parameter 'utf8'
[   99.272801][ T6091] exfat: Deprecated parameter 'namecase'
[   99.326083][ T6091] exfat: Deprecated parameter 'namecase'
[   99.333327][ T6091] exfat: Deprecated parameter 'utf8'
[   99.730947][ T6091] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[   99.856682][ T6102] netlink: 12 bytes leftover after parsing attributes in process `syz.3.40'.
[   99.921391][ T6091] exFAT-fs (loop4): start_clu is invalid cluster(0x400)
[  100.716079][ T6089] loop2: detected capacity change from 0 to 32768
[  100.763364][ T6089] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  100.763364][ T6089] clean (size 2912):
[  100.763364][ T6089] flags:          0
[  100.763364][ T6089] journal_seq:    10
[  100.763364][ T6089] usage: type=inodes v=8
[  100.763364][ T6089] usage: type=key_version v=0
[  100.763364][ T6089] usage: type=reserved v=0
[  100.763364][ T6089] usage: type=reserved v=0
[  100.763364][ T6089] usage: type=reserved v=0
[  100.763364][ T6089] usage: type=reserved v=0
[  100.763364][ T6089] data_usage: btree: 1/1 [0]=2816
[  100.763364][ T6089] data_usage: journal: 1/1 [0]=0
[  100.763364][ T6089] data_usage: user: 1/1 [0]=16
[  100.763364][ T6089] dev_usage: dev=0  
[  100.763364][ T6089]   free: buckets=83 sectors=0 fragmented=0
[  100.763364][ T6089]   sb: buckets=25 sectors=6152 fragmented=248
[  100.763364][ T6089]   journal: buckets=8 sectors=2048 fragmented=0
[  100.763364][ T6089]   btree: buckets=11 sectors=2816 fragmented=0
[  100.763364][ T6089]   user: buckets=1 sectors=16 fragmented=240
[  100.763364][ T6089]   cached: buckets=0 sectors=0 fragmented=0
[  100.763364][ T6089]   parity: buckets=0 sectors=0 fragmented=0
[  100.763364][ T6089]   stripe: buckets=0 sectors=0 fragmented=0
[  100.763364][ T6089]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  100.763364][ T6089]   need_discard: buckets=0 sectors=0 fragmented=0
[  100.763364][ T6089] log: 
[  100.763364][ T6089] clock: write=1280
[  100.763364][ T6089] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ve
[  100.763494][ T6089] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  102.070302][ T6115] loop1: detected capacity change from 0 to 32768
[  102.121803][ T6115] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  102.121803][ T6115] clean (size 2912):
[  102.121803][ T6115] flags:          0
[  102.121803][ T6115] journal_seq:    10
[  102.121803][ T6115] usage: type=inodes v=8
[  102.121803][ T6115] usage: type=key_version v=0
[  102.121803][ T6115] usage: type=reserved v=0
[  102.121803][ T6115] usage: type=reserved v=0
[  102.121803][ T6115] usage: type=reserved v=0
[  102.121803][ T6115] usage: type=reserved v=0
[  102.121803][ T6115] data_usage: btree: 1/1 [0]=2816
[  102.121803][ T6115] data_usage: journal: 1/1 [0]=0
[  102.121803][ T6115] data_usage: user: 1/1 [0]=16
[  102.121803][ T6115] dev_usage: dev=0  
[  102.121803][ T6115]   free: buckets=83 sectors=0 fragmented=0
[  102.121803][ T6115]   sb: buckets=25 sectors=6152 fragmented=248
[  102.121803][ T6115]   journal: buckets=8 sectors=2048 fragmented=0
[  102.121803][ T6115]   btree: buckets=11 sectors=2816 fragmented=0
[  102.121803][ T6115]   user: buckets=1 sectors=16 fragmented=240
[  102.121803][ T6115]   cached: buckets=0 sectors=0 fragmented=0
[  102.121803][ T6115]   parity: buckets=0 sectors=0 fragmented=0
[  102.121803][ T6115]   stripe: buckets=0 sectors=0 fragmented=0
[  102.121803][ T6115]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  102.121803][ T6115]   need_discard: buckets=0 sectors=0 fragmented=0
[  102.121803][ T6115] log: 
[  102.121803][ T6115] clock: write=1280
[  102.121803][ T6115] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ve
[  102.121935][ T6115] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  104.438398][ T6136] Zero length message leads to an empty skb
[  105.160217][ T6145] netlink: 68 bytes leftover after parsing attributes in process `syz.0.53'.
[  106.111585][ T6147] tipc: Started in network mode
[  106.635611][ T6147] tipc: Node identity 36707b0a6469, cluster identity 4711
[  106.644648][ T6147] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  106.704256][ T6151] syzkaller0: entered promiscuous mode
[  106.719493][ T6151] syzkaller0: entered allmulticast mode
[  106.788295][ T6147] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  107.064541][ T6163] syz.2.60 (6163): drop_caches: 2
[  107.531238][ T6159] loop3: detected capacity change from 0 to 32768
[  107.550808][ T6159] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  107.550808][ T6159] clean (size 2912):
[  107.550808][ T6159] flags:          0
[  107.550808][ T6159] journal_seq:    10
[  107.550808][ T6159] usage: type=inodes v=8
[  107.550808][ T6159] usage: type=key_version v=0
[  107.550808][ T6159] usage: type=reserved v=0
[  107.550808][ T6159] usage: type=reserved v=0
[  107.550808][ T6159] usage: type=reserved v=0
[  107.550808][ T6159] usage: type=reserved v=0
[  107.550808][ T6159] data_usage: btree: 1/1 [0]=2816
[  107.550808][ T6159] data_usage: journal: 1/1 [0]=0
[  107.550808][ T6159] data_usage: user: 1/1 [0]=16
[  107.550808][ T6159] dev_usage: dev=0  
[  107.550808][ T6159]   free: buckets=83 sectors=0 fragmented=0
[  107.550808][ T6159]   sb: buckets=25 sectors=6152 fragmented=248
[  107.550808][ T6159]   journal: buckets=8 sectors=2048 fragmented=0
[  107.550808][ T6159]   btree: buckets=11 sectors=2816 fragmented=0
[  107.550808][ T6159]   user: buckets=1 sectors=16 fragmented=240
[  107.550808][ T6159]   cached: buckets=0 sectors=0 fragmented=0
[  107.550808][ T6159]   parity: buckets=0 sectors=0 fragmented=0
[  107.550808][ T6159]   stripe: buckets=0 sectors=0 fragmented=0
[  107.550808][ T6159]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  107.550808][ T6159]   need_discard: buckets=0 sectors=0 fragmented=0
[  107.550808][ T6159] log: 
[  107.550808][ T6159] clock: write=1280
[  107.550808][ T6159] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ve
[  107.550944][ T6159] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  107.756648][   T10] tipc: Node number set to 1377401610
[  107.825031][ T6146] tipc: Resetting bearer <eth:syzkaller0>
[  108.339014][ T6170] syz.3.62 (6170): drop_caches: 2
[  108.374310][ T6146] tipc: Disabling bearer <eth:syzkaller0>
[  108.381669][ T6172] syz.2.63 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  108.502672][ T6172] loop2: detected capacity change from 0 to 1024
[  108.603039][ T6172] =======================================================
[  108.603039][ T6172] WARNING: The mand mount option has been deprecated and
[  108.603039][ T6172]          and is ignored by this kernel. Remove the mand
[  108.603039][ T6172]          option from the mount to silence this warning.
[  108.603039][ T6172] =======================================================
[  108.713090][ T6172] EXT4-fs: Ignoring removed orlov option
[  108.907955][ T6172] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  108.995629][ T6172] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.029365][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  109.085600][   T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  109.279512][    T9] usb 4-1: Using ep0 maxpacket: 32
[  109.335759][   T10] usb 2-1: Using ep0 maxpacket: 16
[  109.479614][   T10] usb 2-1: config 0 has no interfaces?
[  109.512477][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.544182][   T10] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  109.556713][ T6172] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm syz.2.63: lblock 0 mapped to illegal pblock 0 (length 1)
[  109.572314][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.582254][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.594513][    T9] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  109.604047][   T10] usb 2-1: Product: syz
[  109.614221][   T10] usb 2-1: Manufacturer: syz
[  109.619348][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.638782][ T6172] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  109.651577][   T10] usb 2-1: SerialNumber: syz
[  109.656302][ T6172] EXT4-fs (loop2): This should not happen!! Data will be lost
[  109.656302][ T6172] 
[  109.657522][ T6193] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: comm syz.2.63: lblock 0 mapped to illegal pblock 0 (length 1)
[  109.670543][    T9] usb 4-1: config 0 descriptor??
[  109.700380][   T10] usb 2-1: config 0 descriptor??
[  109.855103][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  110.226537][    T9] savu 0003:1E7D:2D5A.0001: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  110.266461][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  110.372178][ T6207] loop4: detected capacity change from 0 to 256
[  110.416892][ T6207] exfat: Deprecated parameter 'utf8'
[  110.469563][   T10] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  110.494733][ T6179] loop3: detected capacity change from 0 to 2048
[  110.524349][ T6207] exfat: Deprecated parameter 'namecase'
[  110.562921][ T6211] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  110.566509][ T6207] exfat: Deprecated parameter 'namecase'
[  110.580363][ T6207] exfat: Deprecated parameter 'utf8'
[  110.606524][ T6179] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  110.620736][ T6179] Remounting filesystem read-only
[  110.724056][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  110.728413][ T5929] usb 4-1: USB disconnect, device number 2
[  110.818703][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  110.893449][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  110.939521][ T6207] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  110.953789][   T10] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  110.976504][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.010673][   T10] usb 3-1: config 0 descriptor??
[  111.172779][ T6210] syz.0.73 (6210): drop_caches: 2
[  111.727420][   T10] usbhid 3-1:0.0: can't add hid device: -71
[  111.755527][   T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  111.777931][   T10] usb 3-1: USB disconnect, device number 2
[  112.497855][ T5936] usb 2-1: USB disconnect, device number 2
[  112.782452][ T6229] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  113.185957][ T6233] tmpfs: Bad value for 'mpol'
[  113.356126][ T6231] syz.2.77 (6231): drop_caches: 2
[  114.642365][ T6240] syz.3.76 (6240): drop_caches: 2
[  114.800464][ T6252] loop2: detected capacity change from 0 to 256
[  114.932889][ T6252] exfat: Deprecated parameter 'utf8'
[  114.948618][ T6259] wlan1 speed is unknown, defaulting to 1000
[  114.959236][ T6252] exfat: Deprecated parameter 'namecase'
[  115.305337][    C0] vkms_vblank_simulate: vblank timer overrun
[  115.395338][    C0] vkms_vblank_simulate: vblank timer overrun
[  116.185563][   T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  116.568913][ T6259] wlan1 speed is unknown, defaulting to 1000
[  116.601225][ T6252] exfat: Deprecated parameter 'namecase'
[  116.612114][ T6259] wlan1 speed is unknown, defaulting to 1000
[  116.621988][   T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  116.650283][ T6252] exfat: Deprecated parameter 'utf8'
[  116.655972][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  116.667303][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  116.821362][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  117.410529][   T10] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  117.427833][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.442908][   T10] usb 2-1: config 0 descriptor??
[  117.539902][ T6252] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  117.773204][ T6272] netlink: 12 bytes leftover after parsing attributes in process `syz.0.91'.
[  118.353445][   T10] usbhid 2-1:0.0: can't add hid device: -71
[  118.374226][   T10] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  118.445383][   T10] usb 2-1: USB disconnect, device number 3
[  119.017328][    T9] wlan1 speed is unknown, defaulting to 1000
[  119.024287][ T6259] infiniband syz0: set active
[  119.039183][ T6259] infiniband syz0: added wlan1
[  119.092730][ T6259] syz0: rxe_create_cq: returned err = -12
[  119.114676][ T6259] infiniband syz0: Couldn't create ib_mad CQ
[  119.125666][ T6259] infiniband syz0: Couldn't open port 1
[  119.342366][ T6259] RDS/IB: syz0: added
[  119.367637][ T6259] smc: adding ib device syz0 with port count 1
[  119.403171][ T6259] smc:    ib device syz0 port 1 has no pnetid
[  119.420691][    T9] wlan1 speed is unknown, defaulting to 1000
[  119.421675][ T6286] loop1: detected capacity change from 0 to 512
[  119.433232][ T6259] wlan1 speed is unknown, defaulting to 1000
[  119.645077][ T6278] loop0: detected capacity change from 0 to 32768
[  119.666690][ T6278] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  119.666690][ T6278] clean (size 2912):
[  119.666690][ T6278] flags:          0
[  119.666690][ T6278] journal_seq:    10
[  119.666690][ T6278] usage: type=inodes v=8
[  119.666690][ T6278] usage: type=key_version v=0
[  119.666690][ T6278] usage: type=reserved v=0
[  119.666690][ T6278] usage: type=reserved v=0
[  119.666690][ T6278] usage: type=reserved v=0
[  119.666690][ T6278] usage: type=reserved v=0
[  119.666690][ T6278] data_usage: btree: 1/1 [0]=2816
[  119.666690][ T6278] data_usage: journal: 1/1 [0]=0
[  119.666690][ T6278] data_usage: user: 1/1 [0]=16
[  119.666690][ T6278] dev_usage: dev=0  
[  119.666690][ T6278]   free: buckets=83 sectors=0 fragmented=0
[  119.666690][ T6278]   sb: buckets=25 sectors=6152 fragmented=248
[  119.666690][ T6278]   journal: buckets=8 sectors=2048 fragmented=0
[  119.666690][ T6278]   btree: buckets=11 sectors=2816 fragmented=0
[  119.666690][ T6278]   user: buckets=1 sectors=16 fragmented=240
[  119.666690][ T6278]   cached: buckets=0 sectors=0 fragmented=0
[  119.666690][ T6278]   parity: buckets=0 sectors=0 fragmented=0
[  119.666690][ T6278]   stripe: buckets=0 sectors=0 fragmented=0
[  119.666690][ T6278]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  119.666690][ T6278]   need_discard: buckets=0 sectors=0 fragmented=0
[  119.666690][ T6278] log: 
[  119.666690][ T6278] clock: write=1280
[  119.666690][ T6278] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ve
[  119.672518][ T6278] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  119.824361][ T6286] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.871368][ T6294] loop2: detected capacity change from 0 to 256
[  120.054640][ T6286] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  120.401790][ T6294] exfat: Deprecated parameter 'utf8'
[  120.455533][ T6294] exfat: Deprecated parameter 'namecase'
[  120.485864][ T6294] exfat: Deprecated parameter 'namecase'
[  120.525385][ T6294] exfat: Deprecated parameter 'utf8'
[  120.707563][ T6294] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  120.829802][ T5860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.048920][ T6259] wlan1 speed is unknown, defaulting to 1000
[  123.575777][ T6310] netlink: 12 bytes leftover after parsing attributes in process `syz.3.102'.
[  124.035407][ T5929] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  124.261610][ T6318] syz.0.106 (6318): drop_caches: 2
[  124.269845][ T5929] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  124.284715][ T5929] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  124.287659][ T6259] wlan1 speed is unknown, defaulting to 1000
[  124.301876][ T5929] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  124.354339][ T5929] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  124.376893][ T5929] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  124.390073][ T5929] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.417559][ T5929] usb 3-1: config 0 descriptor??
[  124.964393][ T6259] wlan1 speed is unknown, defaulting to 1000
[  125.047382][ T5929] usbhid 3-1:0.0: can't add hid device: -71
[  125.053419][ T5929] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  125.093155][ T5929] usb 3-1: USB disconnect, device number 3
[  126.119813][ T6259] wlan1 speed is unknown, defaulting to 1000
[  126.165564][ T5943] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  126.335476][ T5943] usb 1-1: Using ep0 maxpacket: 16
[  126.544379][ T5943] usb 1-1: config 1 has an invalid interface number: 3 but max is 2
[  126.627983][ T5943] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  126.738803][ T5943] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  126.796583][ T5943] usb 1-1: config 1 has no interface number 1
[  126.811336][ T5943] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  126.865356][ T5943] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.081745][ T5943] usb 1-1: Product: syz
[  127.086314][ T5943] usb 1-1: Manufacturer: syz
[  127.095458][ T5943] usb 1-1: SerialNumber: syz
[  127.178207][ T6342] loop2: detected capacity change from 0 to 1024
[  127.313917][ T6346] syz.1.113 (6346): drop_caches: 2
[  127.326194][ T5943] usb 1-1: 0:2 : does not exist
[  127.332940][ T5943] usb 1-1: unit 6 not found!
[  127.357910][ T6342] netlink: 20 bytes leftover after parsing attributes in process `syz.2.114'.
[  127.431364][ T5943] usb 1-1: USB disconnect, device number 3
[  127.493062][ T1166] hfsplus: b-tree write err: -5, ino 4
[  127.973084][ T5866] udevd[5866]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  128.141051][ T6355] loop0: detected capacity change from 0 to 1024
[  128.177658][ T6354] loop2: detected capacity change from 0 to 1024
[  128.189588][ T6355] netlink: 20 bytes leftover after parsing attributes in process `syz.0.117'.
[  128.213573][ T6354] EXT4-fs: Ignoring removed bh option
[  128.254596][ T6354] EXT4-fs: inline encryption not supported
[  128.278063][ T6354] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  128.300421][   T50] hfsplus: b-tree write err: -5, ino 4
[  128.318200][ T6354] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  128.376549][ T6354] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.118: lblock 2 mapped to illegal pblock 2 (length 1)
[  128.473066][ T6354] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  128.583177][ T6354] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.118: lblock 0 mapped to illegal pblock 48 (length 1)
[  128.585451][ T5936] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  128.807119][ T6354] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  129.060759][ T6354] EXT4-fs error (device loop2): ext4_acquire_dquot:6943: comm syz.2.118: Failed to acquire dquot type 0
[  129.085639][ T5936] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  129.120286][ T5936] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  129.141083][ T6354] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  129.153530][ T5936] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  129.165211][ T6354] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.118: mark_inode_dirty error
[  129.175340][ T5936] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  129.194895][ T6354] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  129.206254][ T5936] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  129.223095][ T6354] EXT4-fs (loop2): 1 orphan inode deleted
[  129.231512][ T6354] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.234600][ T5936] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.249887][ T6369] loop4: detected capacity change from 0 to 512
[  129.256737][ T1004] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  129.295627][ T1004] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  129.332699][ T1004] EXT4-fs error (device loop2): ext4_release_dquot:6979: comm kworker/u8:5: Failed to release dquot type 0
[  129.348690][ T5936] usb 2-1: config 0 descriptor??
[  129.397974][ T6369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.415699][ T6369] ext4 filesystem being mounted at /18/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.453740][ T6354] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.118: lblock 0 mapped to illegal pblock 48 (length 1)
[  129.482071][ T6354] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=-117
[  130.224087][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.233652][ T5936] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  130.333019][ T5936] usb 2-1: USB disconnect, device number 4
[  130.439230][ T5865] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2962: inode #15: comm syz-executor: corrupted xattr block 33: overlapping e_value 
[  130.483991][ T5865] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  130.553495][ T6382] siw: device registration error -23
[  130.594643][ T6379] fido_id[6379]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  130.622518][ T6381] wlan1 speed is unknown, defaulting to 1000
[  130.644205][ T5865] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.814568][ T6389] syz.4.126 (6389): drop_caches: 2
[  131.072775][ T6393] loop4: detected capacity change from 0 to 512
[  131.144480][ T5929] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  131.365495][ T5929] usb 4-1: Using ep0 maxpacket: 16
[  132.717403][ T5929] usb 4-1: config 1 has an invalid interface number: 3 but max is 2
[  132.728460][ T6393] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.751282][ T5929] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  132.793437][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  132.799763][ T5929] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  132.799884][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  132.819276][ T6393] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  132.878815][ T5929] usb 4-1: config 1 has no interface number 1
[  132.918422][ T5929] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  132.953712][ T5929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.110052][ T6401] loop1: detected capacity change from 0 to 32768
[  133.117627][ T6401] xfs: Unknown parameter 'ikeep'
[  133.222024][ T5929] usb 4-1: Product: syz
[  133.235970][ T5865] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.248427][ T5929] usb 4-1: Manufacturer: syz
[  133.291975][ T5929] usb 4-1: SerialNumber: syz
[  133.522381][ T5929] usb 4-1: 0:2 : does not exist
[  133.538311][ T5929] usb 4-1: unit 6 not found!
[  133.654432][ T5929] usb 4-1: USB disconnect, device number 3
[  133.793125][ T6400] rdma_rxe: rxe_newlink: failed to add wlan1
[  134.093372][ T6412] syz.4.135 (6412): drop_caches: 2
[  134.281349][ T5866] udevd[5866]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  135.413208][ T6426] rdma_op ffff88802475f1f0 conn xmit_rdma 0000000000000000
[  136.405607][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  136.666445][ T6443] syz.1.145 (6443): drop_caches: 2
[  137.012939][   T24] usb 1-1: Using ep0 maxpacket: 32
[  137.089529][ T6440] loop3: detected capacity change from 0 to 256
[  137.089658][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.194036][ T6440] exfat: Deprecated parameter 'utf8'
[  137.221514][ T6440] exfat: Deprecated parameter 'namecase'
[  137.272001][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.328281][ T6447] rdma_rxe: rxe_newlink: failed to add wlan1
[  137.362056][ T6440] exfat: Deprecated parameter 'namecase'
[  137.363948][   T24] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  137.559057][ T6440] exfat: Deprecated parameter 'utf8'
[  137.559126][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.614554][ T6447] loop1: detected capacity change from 0 to 32768
[  137.621716][ T6447] xfs: Unknown parameter 'ikeep'
[  137.696225][ T6448] loop4: detected capacity change from 0 to 256
[  137.799551][   T24] usb 1-1: config 0 descriptor??
[  137.815959][ T6448] exfat: Deprecated parameter 'utf8'
[  137.828951][ T6448] exfat: Deprecated parameter 'namecase'
[  137.835595][ T6448] exfat: Deprecated parameter 'namecase'
[  137.841353][ T6448] exfat: Deprecated parameter 'utf8'
[  138.093455][ T6440] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  138.139628][ T6448] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  138.362168][   T24] savu 0003:1E7D:2D5A.0003: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  138.371994][ T6440] exFAT-fs (loop3): start_clu is invalid cluster(0x400)
[  138.766658][ T6454] loop0: detected capacity change from 0 to 2048
[  138.827975][ T6455] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  138.866697][ T6430] NILFS error (device loop0): nilfs_lookup: deleted inode referenced: 12
[  138.926504][ T6430] Remounting filesystem read-only
[  139.315452][ T5936] usb 1-1: USB disconnect, device number 4
[  141.432443][ T6470] loop2: detected capacity change from 0 to 512
[  142.061499][ T6470] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.135553][ T6470] ext4 filesystem being mounted at /31/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.139166][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  142.305859][    T9] usb 2-1: Using ep0 maxpacket: 16
[  142.312376][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  142.322876][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  142.369047][    T9] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  142.396980][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.442771][    T9] usb 2-1: Product: syz
[  142.452585][    T9] usb 2-1: Manufacturer: syz
[  142.467652][    T9] usb 2-1: SerialNumber: syz
[  142.502058][    T9] usb 2-1: config 0 descriptor??
[  142.648620][ T5864] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2962: inode #15: comm syz-executor: corrupted xattr block 33: overlapping e_value 
[  142.691935][ T5864] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  142.780856][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.846931][ T6484] syz.4.157 (6484): drop_caches: 2
[  144.645728][   T10] usb 2-1: USB disconnect, device number 5
[  144.782828][ T6506] syz.2.163 (6506): drop_caches: 2
[  144.945264][ T6509] batadv1: entered promiscuous mode
[  146.760669][ T6532] loop4: detected capacity change from 0 to 2048
[  146.913195][ T5866] Alternate GPT is invalid, using primary GPT.
[  146.953878][ T5866]  loop4: p2 p3 p7
[  147.147596][ T6532] Alternate GPT is invalid, using primary GPT.
[  147.186449][ T6532]  loop4: p2 p3 p7
[  147.337869][ T6536] loop1: detected capacity change from 0 to 32768
[  147.390882][ T6536] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  147.390882][ T6536] clean (size 2912):
[  147.390882][ T6536] flags:          0
[  147.390882][ T6536] journal_seq:    10
[  147.390882][ T6536] usage: type=inodes v=8
[  147.390882][ T6536] usage: type=key_version v=0
[  147.390882][ T6536] usage: type=reserved v=0
[  147.390882][ T6536] usage: type=reserved v=0
[  147.390882][ T6536] usage: type=reserved v=0
[  147.390882][ T6536] usage: type=reserved v=0
[  147.390882][ T6536] data_usage: btree: 1/1 [0]=2816
[  147.390882][ T6536] data_usage: journal: 1/1 [0]=0
[  147.390882][ T6536] data_usage: user: 1/1 [0]=16
[  147.390882][ T6536] dev_usage: dev=0  
[  147.390882][ T6536]   free: buckets=83 sectors=0 fragmented=0
[  147.390882][ T6536]   sb: buckets=25 sectors=6152 fragmented=248
[  147.390882][ T6536]   journal: buckets=8 sectors=2048 fragmented=0
[  147.390882][ T6536]   btree: buckets=11 sectors=2816 fragmented=0
[  147.390882][ T6536]   user: buckets=1 sectors=16 fragmented=240
[  147.390882][ T6536]   cached: buckets=0 sectors=0 fragmented=0
[  147.390882][ T6536]   parity: buckets=0 sectors=0 fragmented=0
[  147.390882][ T6536]   stripe: buckets=0 sectors=0 fragmented=0
[  147.390882][ T6536]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  147.390882][ T6536]   need_discard: buckets=0 sectors=0 fragmented=0
[  147.390882][ T6536] log: 
[  147.390882][ T6536] clock: write=1280
[  147.390882][ T6536] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ve
[  147.391025][ T6536] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  148.152761][ T6537] loop3: detected capacity change from 0 to 256
[  148.294716][ T5857] udevd[5857]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  148.309724][ T5866] udevd[5866]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  148.316041][ T6537] exfat: Deprecated parameter 'utf8'
[  148.329236][ T6192] udevd[6192]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  148.340250][ T6537] exfat: Deprecated parameter 'namecase'
[  148.356852][ T6537] exfat: Deprecated parameter 'namecase'
[  148.362664][ T6537] exfat: Deprecated parameter 'utf8'
[  148.549260][ T5867] udevd[5867]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  148.554354][ T6194] udevd[6194]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  148.563255][ T5866] udevd[5866]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  148.762795][ T6537] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  149.009967][ T6550] loop2: detected capacity change from 0 to 2048
[  149.043171][ T6543] netlink: 8 bytes leftover after parsing attributes in process `syz.1.177'.
[  149.120719][ T6550] Alternate GPT is invalid, using primary GPT.
[  149.157719][ T6550]  loop2: p2 p3 p7
[  149.298997][ T6555] syz.0.182 (6555): drop_caches: 2
[  149.638310][ T6554] netlink: 'syz.1.183': attribute type 10 has an invalid length.
[  149.646237][ T6554] bridge0: port 3(team0) entered blocking state
[  149.669989][ T6554] bridge0: port 3(team0) entered disabled state
[  149.699209][ T6554] team0: entered allmulticast mode
[  149.732537][ T6554] team_slave_0: entered allmulticast mode
[  149.775451][ T6554] team_slave_1: entered allmulticast mode
[  149.961385][ T6554] team0: entered promiscuous mode
[  150.025384][ T6554] team_slave_0: entered promiscuous mode
[  150.093305][ T6560] loop2: detected capacity change from 0 to 1764
[  150.144040][ T6554] team_slave_1: entered promiscuous mode
[  150.190656][ T6554] bridge0: port 3(team0) entered blocking state
[  150.197309][ T6554] bridge0: port 3(team0) entered forwarding state
[  150.269222][ T6562] loop4: detected capacity change from 0 to 164
[  150.327389][ T6192] udevd[6192]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  150.327671][ T5866] udevd[5866]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  150.405990][ T6562] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  150.455091][ T6562] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  150.520448][ T6565] netlink: 24 bytes leftover after parsing attributes in process `syz.0.187'.
[  152.485211][ T6583] loop3: detected capacity change from 0 to 2048
[  152.650185][ T5866] Alternate GPT is invalid, using primary GPT.
[  152.670466][ T5866]  loop3: p2 p3 p7
[  152.743861][ T6583] Alternate GPT is invalid, using primary GPT.
[  152.765784][ T6583]  loop3: p2 p3 p7
[  152.773791][ T2961] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.990923][ T5857] udevd[5857]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[  153.003452][ T5869] udevd[5869]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  153.049213][ T2961] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.348174][ T2961] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.402350][ T6591] loop4: detected capacity change from 0 to 2048
[  153.498975][ T5866] Alternate GPT is invalid, using primary GPT.
[  153.524955][ T5866]  loop4: p2 p3 p7
[  153.552655][ T1004] nci: nci_ntf_packet: unknown ntf opcode 0x13d
[  153.569916][ T2961] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.628823][ T6591] Alternate GPT is invalid, using primary GPT.
[  153.673619][ T6591]  loop4: p2 p3 p7
[  153.877966][ T5857] udevd[5857]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  153.902399][ T6192] udevd[6192]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  153.917864][ T5866] udevd[5866]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  155.073909][ T5866] udevd[5866]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  155.095191][ T5857] udevd[5857]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  155.116074][ T5869] udevd[5869]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  155.141292][ T2961] bridge_slave_1: left allmulticast mode
[  155.176159][ T2961] bridge_slave_1: left promiscuous mode
[  155.193309][ T5862] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  155.204257][ T5862] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  155.216995][ T5862] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  155.226553][ T2961] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.237122][ T5862] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  155.248658][ T5862] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  155.406608][ T2961] bridge_slave_0: left allmulticast mode
[  155.412386][ T2961] bridge_slave_0: left promiscuous mode
[  155.445981][ T2961] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.495377][ T5943] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  157.055860][ T5943] usb 4-1: Using ep0 maxpacket: 16
[  157.099224][ T5943] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  157.148115][ T5943] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  157.157274][ T5943] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.165242][ T5943] usb 4-1: Product: syz
[  157.169412][ T5943] usb 4-1: Manufacturer: syz
[  157.173985][ T5943] usb 4-1: SerialNumber: syz
[  157.186271][ T5943] usb 4-1: config 0 descriptor??
[  157.265960][ T5873] Bluetooth: hci4: command tx timeout
[  157.481240][ T6626] loop1: detected capacity change from 0 to 32768
[  157.506761][ T6626] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  157.506761][ T6626] clean (size 2912):
[  157.506761][ T6626] flags:          0
[  157.506761][ T6626] journal_seq:    10
[  157.506761][ T6626] usage: type=inodes v=8
[  157.506761][ T6626] usage: type=key_version v=0
[  157.506761][ T6626] usage: type=reserved v=0
[  157.506761][ T6626] usage: type=reserved v=0
[  157.506761][ T6626] usage: type=reserved v=0
[  157.506761][ T6626] usage: type=reserved v=0
[  157.506761][ T6626] data_usage: btree: 1/1 [0]=2816
[  157.506761][ T6626] data_usage: journal: 1/1 [0]=0
[  157.506761][ T6626] data_usage: user: 1/1 [0]=16
[  157.506761][ T6626] dev_usage: dev=0  
[  157.506761][ T6626]   free: buckets=83 sectors=0 fragmented=0
[  157.506761][ T6626]   sb: buckets=25 sectors=6152 fragmented=248
[  157.506761][ T6626]   journal: buckets=8 sectors=2048 fragmented=0
[  157.506761][ T6626]   btree: buckets=11 sectors=2816 fragmented=0
[  157.506761][ T6626]   user: buckets=1 sectors=16 fragmented=240
[  157.506761][ T6626]   cached: buckets=0 sectors=0 fragmented=0
[  157.506761][ T6626]   parity: buckets=0 sectors=0 fragmented=0
[  157.506761][ T6626]   stripe: buckets=0 sectors=0 fragmented=0
[  157.506761][ T6626]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  157.506761][ T6626]   need_discard: buckets=0 sectors=0 fragmented=0
[  157.506761][ T6626] log: 
[  157.506761][ T6626] clock: write=1280
[  157.506761][ T6626] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ve
[  157.506893][ T6626] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  158.273347][ T6642] siw: device registration error -23
[  158.461088][ T6568] syz.0.187: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  158.480288][ T6568] CPU: 0 UID: 0 PID: 6568 Comm: syz.0.187 Not tainted syzkaller #0 PREEMPT(full) 
[  158.480308][ T6568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  158.480324][ T6568] Call Trace:
[  158.480330][ T6568]  <TASK>
[  158.480337][ T6568]  dump_stack_lvl+0x189/0x250
[  158.480364][ T6568]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.480383][ T6568]  ? __pfx__printk+0x10/0x10
[  158.480407][ T6568]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  158.480426][ T6568]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  158.480446][ T6568]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  158.480468][ T6568]  warn_alloc+0x214/0x310
[  158.480499][ T6568]  ? __pfx_warn_alloc+0x10/0x10
[  158.480532][ T6568]  ? __get_vm_area_node+0x28f/0x300
[  158.480555][ T6568]  ? hash_netport4_resize+0x235/0x1b60
[  158.480579][ T6568]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  158.480610][ T6568]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.480653][ T6568]  ? alloc_pages_mpol+0x3cd/0x4a0
[  158.480679][ T6568]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  158.480706][ T6568]  ? rcu_is_watching+0x15/0xb0
[  158.480727][ T6568]  ? hash_netport4_resize+0x235/0x1b60
[  158.480742][ T6568]  __kvmalloc_node_noprof+0x674/0x910
[  158.480762][ T6568]  ? hash_netport4_resize+0x235/0x1b60
[  158.480785][ T6568]  hash_netport4_resize+0x235/0x1b60
[  158.480800][ T6568]  ? hash_netport4_uadt+0xc97/0xf30
[  158.480820][ T6568]  ? __pfx_hash_netport4_add+0x10/0x10
[  158.480834][ T6568]  ? __pfx_hash_netport4_uadt+0x10/0x10
[  158.480858][ T6568]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  158.480889][ T6568]  call_ad+0x44e/0xb00
[  158.480915][ T6568]  ? __pfx_call_ad+0x10/0x10
[  158.480946][ T6568]  ? __nla_parse+0x40/0x60
[  158.480966][ T6568]  ip_set_ad+0x791/0x930
[  158.480992][ T6568]  ? __pfx_ip_set_ad+0x10/0x10
[  158.481045][ T6568]  nfnetlink_rcv_msg+0xb4a/0x1130
[  158.481066][ T6568]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  158.481101][ T6568]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  158.481117][ T6568]  ? kmem_cache_free+0x19a/0x690
[  158.481181][ T6568]  netlink_rcv_skb+0x205/0x470
[  158.481203][ T6568]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  158.481224][ T6568]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  158.481255][ T6568]  ? bpf_lsm_capable+0x9/0x20
[  158.481271][ T6568]  ? security_capable+0x7e/0x2e0
[  158.481298][ T6568]  nfnetlink_rcv+0x26a/0x2520
[  158.481320][ T6568]  ? __dev_queue_xmit+0x1d79/0x3b50
[  158.481335][ T6568]  ? kasan_save_track+0x3e/0x80
[  158.481351][ T6568]  ? __kasan_slab_alloc+0x6c/0x80
[  158.481368][ T6568]  ? kmem_cache_alloc_noprof+0x367/0x6e0
[  158.481392][ T6568]  ? __dev_queue_xmit+0x27b/0x3b50
[  158.481421][ T6568]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  158.481439][ T6568]  ? __pfx___dev_queue_xmit+0x10/0x10
[  158.481468][ T6568]  ? ref_tracker_free+0x63a/0x7d0
[  158.481484][ T6568]  ? __asan_memcpy+0x40/0x70
[  158.481499][ T6568]  ? __pfx_ref_tracker_free+0x10/0x10
[  158.481511][ T6568]  ? __skb_clone+0x63/0x7a0
[  158.481532][ T6568]  ? __skb_clone+0x483/0x7a0
[  158.481554][ T6568]  ? skb_clone+0x246/0x3a0
[  158.481573][ T6568]  ? __netlink_deliver_tap+0x807/0x850
[  158.481601][ T6568]  ? netlink_deliver_tap+0x2e/0x1b0
[  158.481629][ T6568]  ? netlink_deliver_tap+0x2e/0x1b0
[  158.481658][ T6568]  netlink_unicast+0x82c/0x9e0
[  158.481686][ T6568]  ? __pfx_netlink_unicast+0x10/0x10
[  158.481707][ T6568]  ? netlink_sendmsg+0x642/0xb30
[  158.481719][ T6568]  ? skb_put+0x11b/0x210
[  158.481736][ T6568]  netlink_sendmsg+0x805/0xb30
[  158.481759][ T6568]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.481777][ T6568]  ? aa_sock_msg_perm+0xf1/0x1d0
[  158.481800][ T6568]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  158.481815][ T6568]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.481830][ T6568]  __sock_sendmsg+0x21c/0x270
[  158.481853][ T6568]  ____sys_sendmsg+0x505/0x830
[  158.481875][ T6568]  ? __pfx_____sys_sendmsg+0x10/0x10
[  158.481900][ T6568]  ? import_iovec+0x74/0xa0
[  158.481922][ T6568]  ___sys_sendmsg+0x21f/0x2a0
[  158.481940][ T6568]  ? __pfx____sys_sendmsg+0x10/0x10
[  158.481991][ T6568]  ? __fget_files+0x2a/0x420
[  158.482010][ T6568]  ? __fget_files+0x3a0/0x420
[  158.482039][ T6568]  __x64_sys_sendmsg+0x19b/0x260
[  158.482058][ T6568]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  158.482091][ T6568]  ? do_syscall_64+0xbe/0xfa0
[  158.482109][ T6568]  do_syscall_64+0xfa/0xfa0
[  158.482121][ T6568]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.482143][ T6568]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.482157][ T6568]  ? clear_bhb_loop+0x60/0xb0
[  158.482177][ T6568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.482192][ T6568] RIP: 0033:0x7f96d7b8eba9
[  158.482214][ T6568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.482226][ T6568] RSP: 002b:00007f96d8ac6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  158.482242][ T6568] RAX: ffffffffffffffda RBX: 00007f96d7dd6090 RCX: 00007f96d7b8eba9
[  158.482254][ T6568] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 000000000000000c
[  158.482263][ T6568] RBP: 00007f96d7c11e19 R08: 0000000000000000 R09: 0000000000000000
[  158.482272][ T6568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  158.482280][ T6568] R13: 00007f96d7dd6128 R14: 00007f96d7dd6090 R15: 00007ffdcef2c818
[  158.482309][ T6568]  </TASK>
[  158.482319][ T6568] Mem-Info:
[  158.827994][ T5929] usb 4-1: USB disconnect, device number 4
[  159.013364][ T6568] active_anon:6106 inactive_anon:0 isolated_anon:0
[  159.013364][ T6568]  active_file:18001 inactive_file:39907 isolated_file:0
[  159.013364][ T6568]  unevictable:768 dirty:263 writeback:0
[  159.013364][ T6568]  slab_reclaimable:6421 slab_unreclaimable:97327
[  159.013364][ T6568]  mapped:29823 shmem:1583 pagetables:1214
[  159.013364][ T6568]  sec_pagetables:0 bounce:0
[  159.013364][ T6568]  kernel_misc_reclaimable:0
[  159.013364][ T6568]  free:1311558 free_pcp:24986 free_cma:0
[  159.068425][ T6568] Node 0 active_anon:24424kB inactive_anon:0kB active_file:72004kB inactive_file:159428kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119292kB dirty:1052kB writeback:0kB shmem:4796kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11712kB pagetables:4724kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  159.102406][ T6568] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:80kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  159.144722][ T6568] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  159.176512][ T6568] lowmem_reserve[]: 0 2497 2498 2498 2498
[  159.182344][ T6568] Node 0 DMA32 free:1340092kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24476kB inactive_anon:0kB active_file:72004kB inactive_file:158116kB unevictable:1536kB writepending:1052kB zspages:0kB present:3129332kB managed:2557032kB mlocked:0kB bounce:0kB free_pcp:77056kB local_pcp:37556kB free_cma:0kB
[  159.259972][ T6568] lowmem_reserve[]: 0 0 1 1 1
[  159.275768][ T6568] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  159.308324][ T6649] loop4: detected capacity change from 0 to 1024
[  159.321751][ T6649] EXT4-fs: Ignoring removed bh option
[  159.327404][ T6649] EXT4-fs: inline encryption not supported
[  159.333613][ T6568] lowmem_reserve[]: 0 0 0 0 0
[  159.341304][ T6568] Node 1 Normal free:3891088kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:22280kB local_pcp:13896kB free_cma:0kB
[  159.376731][ T2961] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  159.386279][ T5873] Bluetooth: hci4: command tx timeout
[  159.392605][ T6649] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  159.393443][ T6568] lowmem_reserve[]: 0 0 0 0 0
[  159.413781][ T6568] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  159.426993][ T6568] Node 0 DMA32: 335*4kB (UME) 144*8kB (UME) 126*16kB (UME) 330*32kB (UME) 396*64kB (UME) 287*128kB (UME) 120*256kB (UME) 51*512kB (UME) 27*1024kB (UME) 8*2048kB (UME) 284*4096kB (UM) = 1341276kB
[  159.446647][ T6568] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  159.448373][ T2961] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  159.459235][ T6568] Node 1 Normal: 206*4kB (UE) 51*8kB (UME) 46*16kB (UME) 73*32kB (UME) 25*64kB (UME) 9*128kB (UME) 4*256kB (UM) 2*512kB (M) 3*1024kB (UME) 2*2048kB (UE) 946*4096kB (M) = 3891088kB
[  159.459427][ T6568] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  159.459441][ T6568] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  159.473621][ T6649] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  159.526134][ T6568] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  159.544529][ T2961] bond0 (unregistering): Released all slaves
[  159.563521][ T6568] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  159.591357][ T6568] 59608 total pagecache pages
[  159.596651][ T6649] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.213: lblock 2 mapped to illegal pblock 2 (length 1)
[  159.599580][ T6639] wlan1 speed is unknown, defaulting to 1000
[  159.621674][ T6568] 0 pages in swap cache
[  159.647694][ T6649] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  159.655916][ T6649] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.213: lblock 0 mapped to illegal pblock 48 (length 1)
[  159.671418][ T6649] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  159.678439][ T6568] Free swap  = 124996kB
[  159.682139][ T6649] EXT4-fs error (device loop4): ext4_acquire_dquot:6943: comm syz.4.213: Failed to acquire dquot type 0
[  159.695116][ T6568] Total swap = 124996kB
[  159.699658][ T6649] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  159.720810][ T6568] 2097051 pages RAM
[  159.724650][ T6568] 0 pages HighMem/MovableOnly
[  159.731079][ T6649] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.213: mark_inode_dirty error
[  159.742373][ T6568] 425831 pages reserved
[  159.756342][ T6568] 0 pages cma reserved
[  159.800923][ T6649] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  159.818816][ T6649] EXT4-fs (loop4): 1 orphan inode deleted
[  159.848168][   T12] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  159.884185][ T6649] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.898437][   T12] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  159.935823][   T12] EXT4-fs error (device loop4): ext4_release_dquot:6979: comm kworker/u8:0: Failed to release dquot type 0
[  159.975855][ T6658] netlink: 'syz.0.216': attribute type 10 has an invalid length.
[  160.049788][ T6658] bridge0: port 3(team0) entered blocking state
[  160.052976][ T6661] loop3: detected capacity change from 0 to 2048
[  160.076173][ T6658] bridge0: port 3(team0) entered disabled state
[  160.082623][ T6658] team0: entered allmulticast mode
[  160.123256][ T6658] team_slave_0: entered allmulticast mode
[  160.137400][ T6649] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.213: lblock 0 mapped to illegal pblock 48 (length 1)
[  160.146000][ T5866] Alternate GPT is invalid, using primary GPT.
[  160.166153][ T5866]  loop3: p2 p3 p7
[  160.175862][ T6658] team_slave_1: entered allmulticast mode
[  160.185698][ T6649] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=-117
[  160.219729][ T6658] team0: entered promiscuous mode
[  160.224809][ T6658] team_slave_0: entered promiscuous mode
[  160.249096][ T6661] Alternate GPT is invalid, using primary GPT.
[  160.263420][ T6661]  loop3: p2 p3 p7
[  160.282139][ T6658] team_slave_1: entered promiscuous mode
[  160.289260][ T6658] bridge0: port 3(team0) entered blocking state
[  160.295664][ T6658] bridge0: port 3(team0) entered forwarding state
[  160.322983][ T5865] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.355830][ T6610] wlan1 speed is unknown, defaulting to 1000
[  160.560260][ T5866] udevd[5866]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  160.573756][ T5869] udevd[5869]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  160.594837][ T5857] udevd[5857]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[  160.749023][ T5857] udevd[5857]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  160.766107][ T6192] udevd[6192]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[  160.779672][ T5869] udevd[5869]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  161.445569][ T5873] Bluetooth: hci4: command tx timeout
[  162.893956][ T2961] hsr_slave_0: left promiscuous mode
[  162.931319][ T2961] hsr_slave_1: left promiscuous mode
[  162.987640][ T2961] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.039172][ T2961] batman_adv: batadv0: Removing interface: batadv_slave_0
[  163.060354][ T2961] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  163.076831][ T2961] batman_adv: batadv0: Removing interface: batadv_slave_1
[  163.109291][ T2961] veth1_macvtap: left promiscuous mode
[  163.115079][ T2961] veth0_macvtap: left promiscuous mode
[  163.137641][ T2961] veth1_vlan: left promiscuous mode
[  163.143191][ T2961] veth0_vlan: left promiscuous mode
[  163.507026][ T5873] Bluetooth: hci4: command tx timeout
[  163.809285][   T30] audit: type=1326 audit(1757479648.875:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6718 comm="syz.3.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffade98eba9 code=0x7ffc0000
[  163.886283][ T6722] loop0: detected capacity change from 0 to 256
[  163.906452][   T30] audit: type=1326 audit(1757479648.885:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6718 comm="syz.3.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffade98eba9 code=0x7ffc0000
[  163.952017][   T30] audit: type=1326 audit(1757479648.915:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6718 comm="syz.3.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffade98eba9 code=0x7ffc0000
[  163.995191][   T30] audit: type=1326 audit(1757479648.915:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6718 comm="syz.3.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffade98eba9 code=0x7ffc0000
[  164.019722][   T30] audit: type=1326 audit(1757479648.915:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6718 comm="syz.3.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffade98eba9 code=0x7ffc0000
[  164.100746][   T30] audit: type=1326 audit(1757479648.915:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6718 comm="syz.3.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffade98eba9 code=0x7ffc0000
[  164.272173][ T6724] loop3: detected capacity change from 0 to 32768
[  164.296274][ T6724] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  164.296274][ T6724] clean (size 2912):
[  164.296274][ T6724] flags:          0
[  164.296274][ T6724] journal_seq:    10
[  164.296274][ T6724] usage: type=inodes v=8
[  164.296274][ T6724] usage: type=key_version v=0
[  164.296274][ T6724] usage: type=reserved v=0
[  164.296274][ T6724] usage: type=reserved v=0
[  164.296274][ T6724] usage: type=reserved v=0
[  164.296274][ T6724] usage: type=reserved v=0
[  164.296274][ T6724] data_usage: btree: 1/1 [0]=2816
[  164.296274][ T6724] data_usage: journal: 1/1 [0]=0
[  164.296274][ T6724] data_usage: user: 1/1 [0]=16
[  164.296274][ T6724] dev_usage: dev=0  
[  164.296274][ T6724]   free: buckets=83 sectors=0 fragmented=0
[  164.296274][ T6724]   sb: buckets=25 sectors=6152 fragmented=248
[  164.296274][ T6724]   journal: buckets=8 sectors=2048 fragmented=0
[  164.296274][ T6724]   btree: buckets=11 sectors=2816 fragmented=0
[  164.296274][ T6724]   user: buckets=1 sectors=16 fragmented=240
[  164.296274][ T6724]   cached: buckets=0 sectors=0 fragmented=0
[  164.296274][ T6724]   parity: buckets=0 sectors=0 fragmented=0
[  164.296274][ T6724]   stripe: buckets=0 sectors=0 fragmented=0
[  164.296274][ T6724]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  164.296274][ T6724]   need_discard: buckets=0 sectors=0 fragmented=0
[  164.296274][ T6724] log: 
[  164.296274][ T6724] clock: write=1280
[  164.296274][ T6724] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ve
[  164.296402][ T6724] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  164.528356][ T6722] syz.0.229: attempt to access beyond end of device
[  164.528356][ T6722] loop0: rw=2049, sector=256, nr_sectors = 40 limit=256
[  166.367786][ T2961] team0 (unregistering): Port device team_slave_1 removed
[  166.761985][ T2961] team0 (unregistering): Port device team_slave_0 removed
[  169.343291][ T6610] chnl_net:caif_netlink_parms(): no params data found
[  169.755724][ T6610] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.762987][ T6610] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.793274][ T6610] bridge_slave_0: entered allmulticast mode
[  170.516486][ T6610] bridge_slave_0: entered promiscuous mode
[  170.532250][ T6610] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.604909][ T6610] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.688690][ T6610] bridge_slave_1: entered allmulticast mode
[  170.735895][ T6610] bridge_slave_1: entered promiscuous mode
[  170.938632][ T6787] siw: device registration error -23
[  171.560874][ T6610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.684978][ T6610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.719141][ T6785] wlan1 speed is unknown, defaulting to 1000
[  172.001978][ T6610] team0: Port device team_slave_0 added
[  172.015178][ T6610] team0: Port device team_slave_1 added
[  172.225201][ T6610] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.232724][ T6610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.259855][ T6610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.311912][ T6610] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.350587][ T6610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.408491][ T6610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.557792][ T6610] hsr_slave_0: entered promiscuous mode
[  172.564084][ T6610] hsr_slave_1: entered promiscuous mode
[  172.581369][ T6610] debugfs: 'hsr0' already exists in 'hsr'
[  172.590184][ T6610] Cannot create hsr debugfs directory
[  172.749293][ T6805] loop0: detected capacity change from 0 to 256
[  172.809609][ T6805] syz.0.249: attempt to access beyond end of device
[  172.809609][ T6805] loop0: rw=2049, sector=256, nr_sectors = 68 limit=256
[  173.144125][ T6816] loop0: detected capacity change from 0 to 512
[  173.185490][ T6816] EXT4-fs: Ignoring removed mblk_io_submit option
[  173.230460][ T6816] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  173.281588][ T6816] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  173.333575][ T6816] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  173.373634][ T6816] System zones: 1-12
[  173.400021][ T6816] EXT4-fs (loop0): 1 truncate cleaned up
[  173.427137][ T6816] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.466788][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  173.466800][   T30] audit: type=1804 audit(1757479658.535:16): pid=6816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.252" name="/newroot/52/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  173.653998][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.714497][ T6610] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  173.775164][ T6610] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  173.828748][ T6610] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  173.872175][ T6610] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  174.344114][ T6843] loop4: detected capacity change from 0 to 256
[  174.351756][ T6843] exfat: Deprecated parameter 'utf8'
[  174.390121][ T6843] exfat: Deprecated parameter 'namecase'
[  174.407669][ T6843] exfat: Deprecated parameter 'namecase'
[  174.414376][ T6843] exfat: Deprecated parameter 'utf8'
[  174.417371][ T6610] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.449756][ T6843] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  175.077100][ T6610] 8021q: adding VLAN 0 to HW filter on device team0
[  175.547653][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.554870][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.632272][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.639530][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.684468][ T6866] netlink: 36 bytes leftover after parsing attributes in process `syz.3.264'.
[  175.697043][ T6866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.264'.
[  175.744206][ T6868] pimreg: entered allmulticast mode
[  175.791332][ T6869] pimreg: left allmulticast mode
[  175.808803][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  175.820866][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  175.829585][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  175.838195][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  175.846026][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  175.853629][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  175.868606][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  175.902541][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  175.928471][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  175.944612][ T5953] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  176.027027][ T5953] hid-generic 0003:0004:0000.0004: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  176.329788][ T6875] fido_id[6875]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  176.444152][ T6884] loop0: detected capacity change from 0 to 256
[  177.676880][ T6884] syz.0.270: attempt to access beyond end of device
[  177.676880][ T6884] loop0: rw=2049, sector=256, nr_sectors = 68 limit=256
[  177.740625][ T6891] syz.0.270: attempt to access beyond end of device
[  177.740625][ T6891] loop0: rw=2049, sector=260, nr_sectors = 4 limit=256
[  178.056508][ T6891] Buffer I/O error on dev loop0, logical block 65, lost async page write
[  178.095261][ T6891] syz.0.270: attempt to access beyond end of device
[  178.095261][ T6891] loop0: rw=2049, sector=264, nr_sectors = 32 limit=256
[  178.299314][ T6610] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.578936][ T6901] syz.4.273 (6901): drop_caches: 2
[  179.297616][ T6919] netlink: 36 bytes leftover after parsing attributes in process `syz.0.276'.
[  179.349743][ T6919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.276'.
[  179.528454][ T6923] loop1: detected capacity change from 0 to 256
[  179.588409][ T6923] exfat: Deprecated parameter 'utf8'
[  179.608206][ T6923] exfat: Deprecated parameter 'namecase'
[  179.746670][ T6923] exfat: Deprecated parameter 'namecase'
[  179.765581][ T6923] exfat: Deprecated parameter 'utf8'
[  180.524712][ T6923] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  181.075940][ T6610] veth0_vlan: entered promiscuous mode
[  181.653513][ T6610] veth1_vlan: entered promiscuous mode
[  181.893865][ T6610] veth0_macvtap: entered promiscuous mode
[  181.944760][ T6610] veth1_macvtap: entered promiscuous mode
[  181.989648][ T6959] loop1: detected capacity change from 0 to 512
[  182.177274][ T6959] EXT4-fs: Ignoring removed mblk_io_submit option
[  182.179444][ T6610] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.529591][ T6959] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  182.548717][ T6610] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.568150][ T6334] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.584181][ T6960] syz.0.290 (6960): drop_caches: 2
[  182.597711][ T6959] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  182.605887][ T6959] System zones: 1-12
[  182.613561][ T6334] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.630830][ T6959] EXT4-fs (loop1): 1 truncate cleaned up
[  182.638282][ T6334] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.684881][ T6334] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.698709][ T6959] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.846970][   T30] audit: type=1804 audit(1757479667.915:17): pid=6959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.289" name="/newroot/52/bus/bus" dev="loop1" ino=18 res=1 errno=0
[  183.116158][ T6334] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.170617][ T6334] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.223143][ T5860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.290482][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.316969][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.479070][ T6978] loop1: detected capacity change from 0 to 1024
[  183.521069][ T6978] EXT4-fs: Ignoring removed bh option
[  183.527013][ T6978] EXT4-fs: inline encryption not supported
[  183.565828][ T6978] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  183.664136][ T6978] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  183.721148][ T6978] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.293: lblock 2 mapped to illegal pblock 2 (length 1)
[  183.789438][ T6978] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  183.864120][ T6978] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.293: lblock 0 mapped to illegal pblock 48 (length 1)
[  183.945387][ T6978] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  184.056096][ T6978] EXT4-fs error (device loop1): ext4_acquire_dquot:6943: comm syz.1.293: Failed to acquire dquot type 0
[  184.131527][ T6978] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  184.180250][ T6978] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.293: mark_inode_dirty error
[  184.214386][ T6978] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  184.288311][ T6978] EXT4-fs (loop1): 1 orphan inode deleted
[  184.306836][ T2961] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  184.327921][ T6978] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.371270][ T2961] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  184.390313][ T2961] EXT4-fs error (device loop1): ext4_release_dquot:6979: comm kworker/u8:7: Failed to release dquot type 0
[  184.462150][ T6978] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.293: lblock 0 mapped to illegal pblock 48 (length 1)
[  184.462458][ T6953] warn_alloc: 1 callbacks suppressed
[  184.462471][ T6953] syz.3.288: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  184.504409][ T6978] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=-117
[  184.531313][ T6953] CPU: 1 UID: 0 PID: 6953 Comm: syz.3.288 Not tainted syzkaller #0 PREEMPT(full) 
[  184.531336][ T6953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  184.531347][ T6953] Call Trace:
[  184.531354][ T6953]  <TASK>
[  184.531362][ T6953]  dump_stack_lvl+0x189/0x250
[  184.531387][ T6953]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  184.531411][ T6953]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.531432][ T6953]  ? __pfx__printk+0x10/0x10
[  184.531456][ T6953]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  184.531475][ T6953]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  184.531502][ T6953]  warn_alloc+0x214/0x310
[  184.531533][ T6953]  ? __pfx_warn_alloc+0x10/0x10
[  184.531566][ T6953]  ? __get_vm_area_node+0x28f/0x300
[  184.531588][ T6953]  ? hash_netport4_resize+0x235/0x1b60
[  184.531612][ T6953]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  184.531634][ T6953]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.531694][ T6953]  ? alloc_pages_mpol+0x3cd/0x4a0
[  184.531721][ T6953]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  184.531749][ T6953]  ? rcu_is_watching+0x15/0xb0
[  184.531775][ T6953]  ? hash_netport4_resize+0x235/0x1b60
[  184.531795][ T6953]  __kvmalloc_node_noprof+0x674/0x910
[  184.531826][ T6953]  ? hash_netport4_resize+0x235/0x1b60
[  184.531856][ T6953]  hash_netport4_resize+0x235/0x1b60
[  184.531875][ T6953]  ? hash_netport4_uadt+0xc97/0xf30
[  184.531900][ T6953]  ? __pfx_hash_netport4_add+0x10/0x10
[  184.531920][ T6953]  ? __pfx_hash_netport4_uadt+0x10/0x10
[  184.531950][ T6953]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  184.531987][ T6953]  call_ad+0x44e/0xb00
[  184.532021][ T6953]  ? __pfx_call_ad+0x10/0x10
[  184.532058][ T6953]  ? __nla_parse+0x40/0x60
[  184.532082][ T6953]  ip_set_ad+0x791/0x930
[  184.532116][ T6953]  ? __pfx_ip_set_ad+0x10/0x10
[  184.532182][ T6953]  nfnetlink_rcv_msg+0xb4a/0x1130
[  184.532209][ T6953]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  184.532254][ T6953]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  184.532276][ T6953]  ? kmem_cache_free+0x19a/0x690
[  184.532357][ T6953]  netlink_rcv_skb+0x205/0x470
[  184.532386][ T6953]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  184.532411][ T6953]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  184.532451][ T6953]  ? bpf_lsm_capable+0x9/0x20
[  184.532471][ T6953]  ? security_capable+0x7e/0x2e0
[  184.532503][ T6953]  nfnetlink_rcv+0x26a/0x2520
[  184.532531][ T6953]  ? __dev_queue_xmit+0x1d79/0x3b50
[  184.532550][ T6953]  ? kasan_save_track+0x3e/0x80
[  184.532569][ T6953]  ? __kasan_slab_alloc+0x6c/0x80
[  184.532590][ T6953]  ? kmem_cache_alloc_noprof+0x367/0x6e0
[  184.532618][ T6953]  ? __dev_queue_xmit+0x27b/0x3b50
[  184.532650][ T6953]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  184.532669][ T6953]  ? __pfx___dev_queue_xmit+0x10/0x10
[  184.532699][ T6953]  ? ref_tracker_free+0x63a/0x7d0
[  184.532716][ T6953]  ? __asan_memcpy+0x40/0x70
[  184.532731][ T6953]  ? __pfx_ref_tracker_free+0x10/0x10
[  184.532746][ T6953]  ? __skb_clone+0x63/0x7a0
[  184.532769][ T6953]  ? __skb_clone+0x483/0x7a0
[  184.532795][ T6953]  ? skb_clone+0x246/0x3a0
[  184.532825][ T6953]  ? __netlink_deliver_tap+0x807/0x850
[  184.532851][ T6953]  ? netlink_deliver_tap+0x2e/0x1b0
[  184.532883][ T6953]  ? netlink_deliver_tap+0x2e/0x1b0
[  184.532919][ T6953]  netlink_unicast+0x82c/0x9e0
[  184.532951][ T6953]  ? __pfx_netlink_unicast+0x10/0x10
[  184.532977][ T6953]  ? netlink_sendmsg+0x642/0xb30
[  184.532992][ T6953]  ? skb_put+0x11b/0x210
[  184.533014][ T6953]  netlink_sendmsg+0x805/0xb30
[  184.533043][ T6953]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.533064][ T6953]  ? aa_sock_msg_perm+0xf1/0x1d0
[  184.533094][ T6953]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  184.533111][ T6953]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.533128][ T6953]  __sock_sendmsg+0x21c/0x270
[  184.533155][ T6953]  ____sys_sendmsg+0x505/0x830
[  184.533182][ T6953]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.533210][ T6953]  ? import_iovec+0x74/0xa0
[  184.533235][ T6953]  ___sys_sendmsg+0x21f/0x2a0
[  184.533257][ T6953]  ? __pfx____sys_sendmsg+0x10/0x10
[  184.533317][ T6953]  ? __fget_files+0x2a/0x420
[  184.533341][ T6953]  ? __fget_files+0x3a0/0x420
[  184.533375][ T6953]  __x64_sys_sendmsg+0x19b/0x260
[  184.533398][ T6953]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  184.533436][ T6953]  ? do_syscall_64+0xbe/0xfa0
[  184.533458][ T6953]  do_syscall_64+0xfa/0xfa0
[  184.533471][ T6953]  ? lockdep_hardirqs_on+0x9c/0x150
[  184.533495][ T6953]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.533513][ T6953]  ? clear_bhb_loop+0x60/0xb0
[  184.533536][ T6953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.533553][ T6953] RIP: 0033:0x7ffade98eba9
[  184.533570][ T6953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.533585][ T6953] RSP: 002b:00007ffadf7b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.533604][ T6953] RAX: ffffffffffffffda RBX: 00007ffadebd5fa0 RCX: 00007ffade98eba9
[  184.533618][ T6953] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 000000000000000c
[  184.533628][ T6953] RBP: 00007ffadea11e19 R08: 0000000000000000 R09: 0000000000000000
[  184.533638][ T6953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  184.533648][ T6953] R13: 00007ffadebd6038 R14: 00007ffadebd5fa0 R15: 00007ffe5af06a18
[  184.533677][ T6953]  </TASK>
[  184.533789][ T6953] Mem-Info:
[  185.105849][ T6953] active_anon:6675 inactive_anon:0 isolated_anon:0
[  185.105849][ T6953]  active_file:17991 inactive_file:39931 isolated_file:0
[  185.105849][ T6953]  unevictable:768 dirty:253 writeback:0
[  185.105849][ T6953]  slab_reclaimable:6249 slab_unreclaimable:99359
[  185.105849][ T6953]  mapped:29865 shmem:1709 pagetables:1394
[  185.105849][ T6953]  sec_pagetables:0 bounce:0
[  185.105849][ T6953]  kernel_misc_reclaimable:0
[  185.105849][ T6953]  free:1315704 free_pcp:17123 free_cma:0
[  185.162002][ T6953] Node 0 active_anon:26700kB inactive_anon:0kB active_file:71964kB inactive_file:159524kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119460kB dirty:1012kB writeback:0kB shmem:5300kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12308kB pagetables:5444kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  185.279802][ T6953] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:80kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  185.400987][ T6953] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  185.434563][ T5860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.528488][ T6953] lowmem_reserve[]: 0 2497 2498 2498 2498
[  185.534316][ T6953] Node 0 DMA32 free:1358004kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:25852kB inactive_anon:0kB active_file:71964kB inactive_file:158212kB unevictable:1536kB writepending:1012kB zspages:0kB present:3129332kB managed:2557032kB mlocked:0kB bounce:0kB free_pcp:48940kB local_pcp:27156kB free_cma:0kB
[  185.652373][ T6953] lowmem_reserve[]: 0 0 1 1 1
[  185.741799][ T6953] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  186.011965][ T6953] lowmem_reserve[]: 0 0 0 0 0
[  186.104223][ T6953] Node 1 Normal free:3891036kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:22248kB local_pcp:8352kB free_cma:0kB
[  186.158782][ T6953] lowmem_reserve[]: 0 0 0 0 0
[  186.163836][ T6953] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  186.192098][ T6953] Node 0 DMA32: 307*4kB (UME) 118*8kB (UME) 76*16kB (UME) 213*32kB (UME) 314*64kB (ME) 246*128kB (UME) 123*256kB (UME) 61*512kB (UME) 38*1024kB (UME) 13*2048kB (UME) 285*4096kB (M) = 1357404kB
[  186.224438][ T6953] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  186.332672][ T6953] Node 1 Normal: 205*4kB (UE) 51*8kB (UME) 46*16kB (UME) 74*32kB (UME) 25*64kB (UME) 9*128kB (UME) 4*256kB (UM) 2*512kB (M) 3*1024kB (UME) 2*2048kB (UE) 946*4096kB (M) = 3891116kB
[  186.555998][ T6953] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  186.796622][ T6953] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  186.806369][ T6953] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  186.818081][ T6953] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  186.828926][ T6953] 59485 total pagecache pages
[  186.833592][ T6953] 0 pages in swap cache
[  186.842063][ T6953] Free swap  = 124996kB
[  186.846631][ T6953] Total swap = 124996kB
[  186.870889][ T6953] 2097051 pages RAM
[  186.895404][ T6953] 0 pages HighMem/MovableOnly
[  186.905339][ T6953] 425831 pages reserved
[  186.909526][ T6953] 0 pages cma reserved
[  186.951124][ T6998] Can't find ip_set type hash:i
[  187.414736][ T5953] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  187.514605][ T7053] loop0: detected capacity change from 0 to 1024
[  187.543630][ T7053] EXT4-fs: Ignoring removed bh option
[  187.595337][ T5953] usb 2-1: Using ep0 maxpacket: 16
[  187.647409][ T7053] EXT4-fs: inline encryption not supported
[  187.647595][ T5953] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  187.686720][ T7059] netlink: 24 bytes leftover after parsing attributes in process `syz.3.314'.
[  187.703257][ T5953] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  187.740566][ T7053] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  187.760918][ T5953] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  187.770296][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.786611][ T5953] usb 2-1: Product: syz
[  187.806811][ T5953] usb 2-1: Manufacturer: syz
[  187.827411][ T5953] usb 2-1: SerialNumber: syz
[  187.884869][ T5953] usb 2-1: config 0 descriptor??
[  187.896530][ T7053] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  187.960208][ T5953] em28xx 2-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[  187.991868][ T7053] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.313: lblock 2 mapped to illegal pblock 2 (length 1)
[  188.039440][ T7053] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  188.072512][ T7069] netlink: 12 bytes leftover after parsing attributes in process `syz.3.315'.
[  188.083762][ T7053] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.313: lblock 0 mapped to illegal pblock 48 (length 1)
[  188.158868][ T7053] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  188.198842][ T7053] EXT4-fs error (device loop0): ext4_acquire_dquot:6943: comm syz.0.313: Failed to acquire dquot type 0
[  188.258930][ T7053] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  188.289147][ T7053] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.313: mark_inode_dirty error
[  188.331391][ T7076] loop4: detected capacity change from 0 to 512
[  188.350572][ T7076] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.365714][ T7053] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  188.396247][ T7076] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  188.405388][ T7053] EXT4-fs (loop0): 1 orphan inode deleted
[  188.423111][ T7053] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.443973][   T12] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  188.459656][ T7076] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  188.479755][ T7076] System zones: 1-12
[  188.505901][   T12] Quota error (device loop0): remove_tree: Can't read quota data block 1
[  188.514570][ T7076] EXT4-fs (loop4): 1 truncate cleaned up
[  188.536737][ T7076] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.559178][   T12] EXT4-fs error (device loop0): ext4_release_dquot:6979: comm kworker/u8:0: Failed to release dquot type 0
[  188.616195][ T7053] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.313: lblock 0 mapped to illegal pblock 48 (length 1)
[  188.646650][   T30] audit: type=1804 audit(1757479673.725:18): pid=7076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.317" name="/newroot/63/bus/bus" dev="loop4" ino=18 res=1 errno=0
[  188.674031][ T7053] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=-117
[  188.780057][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.841243][ T5865] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.239253][ T7109] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  190.663887][   T24] IPVS: starting estimator thread 0...
[  190.731068][ T1211] usb 2-1: USB disconnect, device number 6
[  190.805447][ T7111] IPVS: using max 33 ests per chain, 79200 per kthread
[  190.854679][ T7119] loop1: detected capacity change from 0 to 256
[  191.011743][ T7127] loop0: detected capacity change from 0 to 512
[  191.061509][ T7127] EXT4-fs: Ignoring removed mblk_io_submit option
[  191.078368][ T7125] loop3: detected capacity change from 0 to 1024
[  191.100630][ T7127] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  191.172620][ T7127] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  191.185909][ T7127] System zones: 1-12
[  191.198389][ T7127] EXT4-fs (loop0): 1 truncate cleaned up
[  191.237062][ T7127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.340996][ T7134] loop4: detected capacity change from 0 to 1024
[  191.386789][ T7134] EXT4-fs: Ignoring removed orlov option
[  191.409821][ T6334] hfsplus: b-tree write err: -5, ino 4
[  191.422174][   T30] audit: type=1804 audit(1757479676.485:19): pid=7127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.328" name="/newroot/75/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  191.493801][ T7134] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  191.520843][ T7134] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  191.588281][   T30] audit: type=1326 audit(1757479676.655:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7141 comm="syz.5.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ece18eba9 code=0x7ffc0000
[  191.628010][ T7134] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.330: lblock 3 mapped to illegal pblock 3 (length 1)
[  191.678581][ T7134] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  191.773646][ T7134] EXT4-fs (loop4): This should not happen!! Data will be lost
[  191.773646][ T7134] 
[  191.885496][   T30] audit: type=1326 audit(1757479676.655:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7141 comm="syz.5.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ece18eba9 code=0x7ffc0000
[  191.909297][   T30] audit: type=1326 audit(1757479676.725:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7141 comm="syz.5.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ece18eba9 code=0x7ffc0000
[  191.929397][ T7145] syz.1.331 (7145): drop_caches: 2
[  191.931513][   T30] audit: type=1326 audit(1757479676.725:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7141 comm="syz.5.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ece18eba9 code=0x7ffc0000
[  192.077284][ T7133] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #15: block 3: comm syz.4.330: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.233592][ T7147] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #15: block 3: comm syz.4.330: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.457627][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.547957][ T7133] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #15: block 3: comm syz.4.330: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.619293][ T7147] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #15: block 3: comm syz.4.330: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.735586][ T7134] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: comm syz.4.330: lblock 0 mapped to illegal pblock 0 (length 1)
[  192.782200][ T7147] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #15: block 3: comm syz.4.330: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.959503][ T7147] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #15: block 3: comm syz.4.330: lblock 3 mapped to illegal pblock 3 (length 1)
[  193.246092][ T7147] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #15: block 3: comm syz.4.330: lblock 3 mapped to illegal pblock 3 (length 1)
[  193.327947][ T7134] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #15: block 3: comm syz.4.330: lblock 3 mapped to illegal pblock 3 (length 1)
[  193.463718][ T5865] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  193.611335][ T7167] loop0: detected capacity change from 0 to 512
[  193.629550][ T7167] EXT4-fs: Ignoring removed mblk_io_submit option
[  193.652347][ T7167] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  193.763061][ T7167] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  193.808162][ T7167] System zones: 1-12
[  193.938363][ T7167] EXT4-fs (loop0): 1 truncate cleaned up
[  193.993777][ T7167] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.144602][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  194.144619][   T30] audit: type=1804 audit(1757479679.215:33): pid=7167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.340" name="/newroot/78/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  194.279601][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.321577][ T7177] loop3: detected capacity change from 0 to 1024
[  195.304044][ T2978] hfsplus: b-tree write err: -5, ino 4
[  195.333182][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.467492][ T7189] netlink: 32 bytes leftover after parsing attributes in process `syz.3.345'.
[  195.494017][ T7189] netlink: 'syz.3.345': attribute type 10 has an invalid length.
[  195.595431][ T7189] bridge0: port 3(team0) entered blocking state
[  195.601805][ T7189] bridge0: port 3(team0) entered disabled state
[  195.659653][ T7189] team0: entered allmulticast mode
[  196.044686][ T7189] team_slave_0: entered allmulticast mode
[  196.081865][ T7189] team_slave_1: entered allmulticast mode
[  196.149658][ T7189] team0: entered promiscuous mode
[  196.172357][ T7189] team_slave_0: entered promiscuous mode
[  196.188470][ T7189] team_slave_1: entered promiscuous mode
[  196.223120][ T7189] bridge0: port 3(team0) entered blocking state
[  196.229570][ T7189] bridge0: port 3(team0) entered forwarding state
[  196.561396][ T7208] loop3: detected capacity change from 0 to 2048
[  196.640192][ T7208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  197.017566][ T7175] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  198.302935][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  198.321652][ T7226] loop0: detected capacity change from 0 to 1024
[  198.775768][ T1166] hfsplus: b-tree write err: -5, ino 4
[  198.879561][ T7228] loop3: detected capacity change from 0 to 512
[  198.914698][ T7228] EXT4-fs: Ignoring removed mblk_io_submit option
[  198.984182][ T7228] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  200.065837][ T7228] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  200.073885][ T7228] System zones: 1-12
[  200.116824][ T7228] EXT4-fs (loop3): 1 truncate cleaned up
[  200.177719][ T7228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.202644][ T7203] warn_alloc: 1 callbacks suppressed
[  200.202662][ T7203] syz.1.350: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  200.227437][ T7203] CPU: 1 UID: 0 PID: 7203 Comm: syz.1.350 Not tainted syzkaller #0 PREEMPT(full) 
[  200.227460][ T7203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  200.227469][ T7203] Call Trace:
[  200.227477][ T7203]  <TASK>
[  200.227484][ T7203]  dump_stack_lvl+0x189/0x250
[  200.227511][ T7203]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  200.227531][ T7203]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.227549][ T7203]  ? __pfx__printk+0x10/0x10
[  200.227572][ T7203]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  200.227588][ T7203]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  200.227611][ T7203]  warn_alloc+0x214/0x310
[  200.227639][ T7203]  ? __pfx_warn_alloc+0x10/0x10
[  200.227669][ T7203]  ? __get_vm_area_node+0x28f/0x300
[  200.227689][ T7203]  ? hash_netport4_resize+0x235/0x1b60
[  200.227711][ T7203]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  200.227734][ T7203]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.227775][ T7203]  ? alloc_pages_mpol+0x3cd/0x4a0
[  200.227802][ T7203]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  200.227829][ T7203]  ? rcu_is_watching+0x15/0xb0
[  200.227855][ T7203]  ? hash_netport4_resize+0x235/0x1b60
[  200.227875][ T7203]  __kvmalloc_node_noprof+0x674/0x910
[  200.227900][ T7203]  ? hash_netport4_resize+0x235/0x1b60
[  200.227928][ T7203]  hash_netport4_resize+0x235/0x1b60
[  200.227948][ T7203]  ? hash_netport4_uadt+0xc97/0xf30
[  200.227972][ T7203]  ? __pfx_hash_netport4_add+0x10/0x10
[  200.227992][ T7203]  ? __pfx_hash_netport4_uadt+0x10/0x10
[  200.228021][ T7203]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  200.228057][ T7203]  call_ad+0x44e/0xb00
[  200.228092][ T7203]  ? __pfx_call_ad+0x10/0x10
[  200.228132][ T7203]  ? __nla_parse+0x40/0x60
[  200.228157][ T7203]  ip_set_ad+0x791/0x930
[  200.228191][ T7203]  ? __pfx_ip_set_ad+0x10/0x10
[  200.228254][ T7203]  nfnetlink_rcv_msg+0xb4a/0x1130
[  200.228280][ T7203]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  200.228322][ T7203]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  200.228354][ T7203]  ? kmem_cache_free+0x19a/0x690
[  200.228425][ T7203]  netlink_rcv_skb+0x205/0x470
[  200.228453][ T7203]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  200.228478][ T7203]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  200.228518][ T7203]  ? bpf_lsm_capable+0x9/0x20
[  200.228539][ T7203]  ? security_capable+0x7e/0x2e0
[  200.228572][ T7203]  nfnetlink_rcv+0x26a/0x2520
[  200.228599][ T7203]  ? __dev_queue_xmit+0x1d79/0x3b50
[  200.228618][ T7203]  ? kasan_save_track+0x3e/0x80
[  200.228638][ T7203]  ? __kasan_slab_alloc+0x6c/0x80
[  200.228658][ T7203]  ? kmem_cache_alloc_noprof+0x367/0x6e0
[  200.228688][ T7203]  ? __dev_queue_xmit+0x27b/0x3b50
[  200.228723][ T7203]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  200.228746][ T7203]  ? __pfx___dev_queue_xmit+0x10/0x10
[  200.228783][ T7203]  ? ref_tracker_free+0x63a/0x7d0
[  200.228801][ T7203]  ? __asan_memcpy+0x40/0x70
[  200.228820][ T7203]  ? __pfx_ref_tracker_free+0x10/0x10
[  200.228835][ T7203]  ? __skb_clone+0x63/0x7a0
[  200.228860][ T7203]  ? __skb_clone+0x483/0x7a0
[  200.228886][ T7203]  ? skb_clone+0x246/0x3a0
[  200.228910][ T7203]  ? __netlink_deliver_tap+0x807/0x850
[  200.228935][ T7203]  ? netlink_deliver_tap+0x2e/0x1b0
[  200.228968][ T7203]  ? netlink_deliver_tap+0x2e/0x1b0
[  200.229003][ T7203]  netlink_unicast+0x82c/0x9e0
[  200.229037][ T7203]  ? __pfx_netlink_unicast+0x10/0x10
[  200.229063][ T7203]  ? netlink_sendmsg+0x642/0xb30
[  200.229078][ T7203]  ? skb_put+0x11b/0x210
[  200.229099][ T7203]  netlink_sendmsg+0x805/0xb30
[  200.229127][ T7203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.229148][ T7203]  ? aa_sock_msg_perm+0xf1/0x1d0
[  200.229177][ T7203]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  200.229194][ T7203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.229213][ T7203]  __sock_sendmsg+0x21c/0x270
[  200.229240][ T7203]  ____sys_sendmsg+0x505/0x830
[  200.229266][ T7203]  ? __pfx_____sys_sendmsg+0x10/0x10
[  200.229296][ T7203]  ? import_iovec+0x74/0xa0
[  200.229321][ T7203]  ___sys_sendmsg+0x21f/0x2a0
[  200.229349][ T7203]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.229409][ T7203]  ? __fget_files+0x2a/0x420
[  200.229432][ T7203]  ? __fget_files+0x3a0/0x420
[  200.229467][ T7203]  __x64_sys_sendmsg+0x19b/0x260
[  200.229489][ T7203]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  200.229528][ T7203]  ? do_syscall_64+0xbe/0xfa0
[  200.229549][ T7203]  do_syscall_64+0xfa/0xfa0
[  200.229564][ T7203]  ? lockdep_hardirqs_on+0x9c/0x150
[  200.229589][ T7203]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.229607][ T7203]  ? clear_bhb_loop+0x60/0xb0
[  200.229630][ T7203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.229647][ T7203] RIP: 0033:0x7f283dd8eba9
[  200.229664][ T7203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.229678][ T7203] RSP: 002b:00007f283ec11038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.229697][ T7203] RAX: ffffffffffffffda RBX: 00007f283dfd5fa0 RCX: 00007f283dd8eba9
[  200.229710][ T7203] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 000000000000000c
[  200.229722][ T7203] RBP: 00007f283de11e19 R08: 0000000000000000 R09: 0000000000000000
[  200.229733][ T7203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  200.229743][ T7203] R13: 00007f283dfd6038 R14: 00007f283dfd5fa0 R15: 00007ffe10a02498
[  200.229777][ T7203]  </TASK>
[  200.230087][ T7203] Mem-Info:
[  200.368771][   T30] audit: type=1800 audit(1757479685.435:34): pid=7241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.356" name="bus" dev="loop3" ino=18 res=0 errno=0
[  200.374265][ T7203] active_anon:18446 inactive_anon:0 isolated_anon:0
[  200.374265][ T7203]  active_file:17991 inactive_file:39927 isolated_file:0
[  200.374265][ T7203]  unevictable:768 dirty:130 writeback:0
[  200.374265][ T7203]  slab_reclaimable:6347 slab_unreclaimable:101447
[  200.374265][ T7203]  mapped:36619 shmem:13536 pagetables:1346
[  200.374265][ T7203]  sec_pagetables:0 bounce:0
[  200.374265][ T7203]  kernel_misc_reclaimable:0
[  200.374265][ T7203]  free:1299145 free_pcp:19974 free_cma:0
[  200.404195][   T30] audit: type=1804 audit(1757479685.445:35): pid=7228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.356" name="/newroot/79/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  200.408844][ T7203] Node 0 active_anon:73784kB inactive_anon:0kB active_file:71964kB inactive_file:159508kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:146476kB dirty:520kB writeback:0kB shmem:52608kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12248kB pagetables:5252kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  200.886119][ T7203] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:80kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  200.923442][ T7243] loop5: detected capacity change from 0 to 256
[  200.950692][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.024278][ T7203] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  201.122709][ T7203] lowmem_reserve[]: 0 2497 2498 2498 2498
[  201.139004][ T7203] Node 0 DMA32 free:1302504kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:62000kB inactive_anon:0kB active_file:71964kB inactive_file:158304kB unevictable:1536kB writepending:644kB zspages:0kB present:3129332kB managed:2557032kB mlocked:0kB bounce:0kB free_pcp:56920kB local_pcp:35724kB free_cma:0kB
[  201.142134][ T7243] syz.5.360: attempt to access beyond end of device
[  201.142134][ T7243] loop5: rw=2049, sector=256, nr_sectors = 68 limit=256
[  201.342649][ T7203] lowmem_reserve[]: 0 0 1 1 1
[  201.351064][ T7203] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  201.394180][ T7203] lowmem_reserve[]: 0 0 0 0 0
[  201.400917][ T7203] Node 1 Normal free:3891372kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:21992kB local_pcp:8096kB free_cma:0kB
[  201.436365][ T7203] lowmem_reserve[]: 0 0 0 0 0
[  201.449305][ T7203] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  201.464751][ T7203] Node 0 DMA32: 2*4kB (UM) 28*8kB (E) 32*16kB (UME) 175*32kB (UE) 64*64kB (ME) 121*128kB (ME) 103*256kB (UME) 48*512kB (UME) 30*1024kB (UME) 12*2048kB (ME) 285*4096kB (UM) = 1299528kB
[  201.484825][ T7203] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  201.497625][ T7203] Node 1 Normal: 205*4kB (UE) 51*8kB (UME) 46*16kB (UME) 82*32kB (UME) 25*64kB (UME) 9*128kB (UME) 4*256kB (UM) 2*512kB (M) 3*1024kB (UME) 2*2048kB (UE) 946*4096kB (M) = 3891372kB
[  201.516751][ T7203] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  201.538760][ T7203] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  201.548482][ T7203] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  201.558859][ T7203] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  201.569805][ T7203] 71435 total pagecache pages
[  201.574498][ T7203] 0 pages in swap cache
[  201.585303][ T7203] Free swap  = 124996kB
[  201.590376][ T7203] Total swap = 124996kB
[  201.600082][ T7203] 2097051 pages RAM
[  201.604236][ T7203] 0 pages HighMem/MovableOnly
[  201.616200][ T7203] 425831 pages reserved
[  201.620547][ T7203] 0 pages cma reserved
[  202.105648][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  202.112595][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  202.118769][ T5873] Bluetooth: hci1: command 0x0406 tx timeout
[  202.124791][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  202.946434][ T7265] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  204.692463][ T7278] loop0: detected capacity change from 0 to 512
[  204.983464][ T7278] EXT4-fs: Ignoring removed mblk_io_submit option
[  205.050089][ T7281] overlayfs: failed to resolve './file0': -2
[  205.083934][ T7278] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  205.109153][ T7282] loop3: detected capacity change from 0 to 512
[  205.294500][ T7282] EXT4-fs: Ignoring removed mblk_io_submit option
[  205.340455][ T7278] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  205.385076][ T7282] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  205.437674][ T7278] System zones: 1-12
[  205.473957][ T7278] EXT4-fs (loop0): 1 truncate cleaned up
[  205.531253][ T7278] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.543458][ T7282] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  205.625458][ T7282] System zones: 1-12
[  205.629866][ T7282] EXT4-fs (loop3): 1 truncate cleaned up
[  205.638533][   T30] audit: type=1804 audit(1757479690.715:36): pid=7278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.370" name="/newroot/88/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  205.661026][ T7282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.793472][   T30] audit: type=1804 audit(1757479690.825:37): pid=7282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.372" name="/newroot/81/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  205.852732][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.827019][ T7300] syz.1.374 (7300): drop_caches: 2
[  207.172816][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.466078][ T7320] overlayfs: failed to resolve './file0': -2
[  208.932007][ T7325] loop3: detected capacity change from 0 to 1024
[  208.994980][ T7325] EXT4-fs: Ignoring removed oldalloc option
[  209.037278][ T7325] EXT4-fs: Ignoring removed nobh option
[  209.045061][ T7330] loop4: detected capacity change from 0 to 512
[  209.068415][ T7330] EXT4-fs: Ignoring removed mblk_io_submit option
[  209.078215][ T7325] ext4: Invalid uid '0x00000000ffffffff'
[  209.150967][ T7330] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  209.230024][ T7330] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  209.258141][ T7330] System zones: 1-12
[  209.318977][ T7310] loop0: detected capacity change from 0 to 32768
[  209.337233][ T7310] bcachefs (/dev/loop0): error reading default superblock: Bad minimum version 0.24: unwritten_extents, greater than version field 0.9: (unknown version)
[  209.356204][ T7330] EXT4-fs (loop4): 1 truncate cleaned up
[  209.363918][ T7330] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.406617][ T7310] bcachefs (/dev/loop0): error validating superblock: Invalid option metadata_replicas_required: too small (min 1)
[  209.424548][ T7310] bcachefs: bch2_fs_get_tree() error: ERANGE_option_too_small
[  209.470985][ T7332] loop5: detected capacity change from 0 to 1024
[  209.484836][ T7332] EXT4-fs: Ignoring removed orlov option
[  209.514302][   T30] audit: type=1804 audit(1757479694.585:38): pid=7330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.386" name="/newroot/73/bus/bus" dev="loop4" ino=18 res=1 errno=0
[  209.667437][ T7332] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  209.745799][ T7332] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.873251][ T7332] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.387: lblock 3 mapped to illegal pblock 3 (length 1)
[  209.955447][ T7332] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  209.982045][ T5865] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.991283][ T7332] EXT4-fs (loop5): This should not happen!! Data will be lost
[  209.991283][ T7332] 
[  210.037019][ T7341] loop1: detected capacity change from 0 to 1024
[  210.072189][ T7342] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.387: lblock 3 mapped to illegal pblock 3 (length 1)
[  210.163177][ T7331] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.387: lblock 3 mapped to illegal pblock 3 (length 1)
[  210.275508][ T7331] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.387: lblock 3 mapped to illegal pblock 3 (length 1)
[  210.341432][ T7331] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.387: lblock 3 mapped to illegal pblock 3 (length 1)
[  210.448478][ T7342] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.387: lblock 3 mapped to illegal pblock 3 (length 1)
[  210.480719][   T50] hfsplus: b-tree write err: -5, ino 4
[  210.484017][ T7332] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: comm syz.5.387: lblock 0 mapped to illegal pblock 0 (length 1)
[  210.490045][ T7342] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.387: lblock 3 mapped to illegal pblock 3 (length 1)
[  210.515070][ T7353] netlink: 20 bytes leftover after parsing attributes in process `syz.3.394'.
[  210.569947][ T7342] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.387: lblock 3 mapped to illegal pblock 3 (length 1)
[  210.622304][ T7332] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.387: lblock 3 mapped to illegal pblock 3 (length 1)
[  210.949285][ T7353] loop3: detected capacity change from 0 to 32768
[  210.956810][ T7353] xfs: Unknown parameter 'ikeep'
[  211.673407][ T6610] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  211.837665][ T7363] loop3: detected capacity change from 0 to 2048
[  211.920996][ T7363] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  212.121813][ T7369] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  212.169991][ T7369] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 300 with error 28
[  212.203750][ T7369] EXT4-fs (loop3): This should not happen!! Data will be lost
[  212.203750][ T7369] 
[  212.230645][ T7369] EXT4-fs (loop3): Total free blocks count 0
[  212.245176][ T7369] EXT4-fs (loop3): Free/Dirty block details
[  212.264078][ T7369] EXT4-fs (loop3): free_blocks=2415919104
[  212.281915][ T7369] EXT4-fs (loop3): dirty_blocks=304
[  212.299080][ T7369] EXT4-fs (loop3): Block reservation details
[  212.375369][ T7369] EXT4-fs (loop3): i_reserved_data_blocks=19
[  212.763995][ T7381] loop4: detected capacity change from 0 to 256
[  212.784184][ T7381] exfat: Deprecated parameter 'utf8'
[  212.817867][ T7381] exfat: Deprecated parameter 'namecase'
[  212.830628][ T6856] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  212.836117][ T7381] exfat: Deprecated parameter 'namecase'
[  212.896318][ T7381] exfat: Deprecated parameter 'utf8'
[  213.014640][ T7386] netlink: 12 bytes leftover after parsing attributes in process `syz.0.405'.
[  213.041954][ T7381] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  213.273385][ T7393] syz.3.407 (7393): drop_caches: 2
[  213.432350][ T7395] loop0: detected capacity change from 0 to 1024
[  213.451300][ T7395] EXT4-fs: Ignoring removed orlov option
[  213.521046][ T7368] loop1: detected capacity change from 0 to 32768
[  213.562214][ T7368] bcachefs (/dev/loop1): error reading default superblock: Bad minimum version 0.24: unwritten_extents, greater than version field 0.9: (unknown version)
[  213.572118][ T7395] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  213.650114][ T7368] bcachefs (/dev/loop1): error validating superblock: Invalid option metadata_replicas_required: too small (min 1)
[  213.680340][ T7368] bcachefs: bch2_fs_get_tree() error: ERANGE_option_too_small
[  213.857405][ T7395] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.904915][ T7395] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  213.969268][ T7395] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  214.022741][ T7395] EXT4-fs (loop0): This should not happen!! Data will be lost
[  214.022741][ T7395] 
[  214.089070][ T7402] netlink: 20 bytes leftover after parsing attributes in process `syz.5.409'.
[  214.107001][ T7398] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  214.123942][ T7398] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  214.144022][ T7398] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  214.169143][ T7398] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  214.342350][ T7402] loop5: detected capacity change from 0 to 32768
[  214.349900][ T7402] xfs: Unknown parameter 'ikeep'
[  214.432225][ T7394] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  214.461516][ T7394] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  214.476220][ T5953] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  214.511330][ T7398] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  214.537446][ T7394] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  214.581424][ T7398] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: block 3: comm syz.0.408: lblock 3 mapped to illegal pblock 3 (length 1)
[  214.637365][ T5953] usb 2-1: Using ep0 maxpacket: 16
[  214.660028][ T5953] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  214.687598][ T5953] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  214.719009][ T5953] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  214.728968][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.737453][ T5953] usb 2-1: Product: syz
[  214.744065][ T5953] usb 2-1: Manufacturer: syz
[  214.751187][ T5953] usb 2-1: SerialNumber: syz
[  214.950662][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  214.971650][ T5953] usb 2-1: 0:2 : does not exist
[  214.984563][ T5953] usb 2-1: unit 6 not found!
[  215.034032][ T5953] usb 2-1: USB disconnect, device number 7
[  215.138842][ T5866] udevd[5866]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  215.427185][ T7412] syz.0.414 (7412): drop_caches: 2
[  215.679731][ T7418] loop1: detected capacity change from 0 to 1024
[  215.689313][ T7418] EXT4-fs: Ignoring removed bh option
[  215.709400][ T7418] EXT4-fs: inline encryption not supported
[  215.723954][ T7418] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  215.752565][ T7418] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  215.773438][ T7418] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.417: lblock 2 mapped to illegal pblock 2 (length 1)
[  215.794569][ T7418] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  215.808281][ T7418] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.417: lblock 0 mapped to illegal pblock 48 (length 1)
[  215.827624][ T7418] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  215.837028][ T7418] EXT4-fs error (device loop1): ext4_acquire_dquot:6943: comm syz.1.417: Failed to acquire dquot type 0
[  217.070635][ T7418] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  217.081483][ T7418] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.417: mark_inode_dirty error
[  217.096002][ T7418] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  217.110228][ T7418] EXT4-fs (loop1): 1 orphan inode deleted
[  217.117945][ T7418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.130663][ T6856] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 1)
[  217.178785][ T6856] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  217.253206][ T6856] EXT4-fs error (device loop1): ext4_release_dquot:6979: comm kworker/u8:11: Failed to release dquot type 0
[  217.271866][ T7418] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.417: lblock 0 mapped to illegal pblock 48 (length 1)
[  217.291242][ T7423] loop0: detected capacity change from 0 to 512
[  217.304978][ T7423] EXT4-fs: Ignoring removed mblk_io_submit option
[  217.348986][ T7423] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  217.368332][ T7418] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=-117
[  217.445913][ T7423] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  217.456270][ T7423] System zones: 1-12
[  217.478141][ T7423] EXT4-fs (loop0): 1 truncate cleaned up
[  217.484502][ T5860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.494753][ T7423] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.519256][   T30] audit: type=1804 audit(1757479702.595:39): pid=7423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.418" name="/newroot/102/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  218.066548][ T7434] loop4: detected capacity change from 0 to 136
[  218.384149][ T7436] warning: `syz.4.423' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  218.512870][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.685722][   T24] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  218.886913][   T24] usb 4-1: Using ep0 maxpacket: 32
[  218.957702][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  219.070846][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  219.182465][   T24] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  219.215359][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.233079][ T7450] ptrace attach of "./syz-executor exec"[6610] was attempted by "./syz-executor exec"[7450]
[  219.313315][   T24] usb 4-1: config 0 descriptor??
[  220.021002][   T24] savu 0003:1E7D:2D5A.0005: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  220.046462][ T7461] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.432'.
[  220.164570][ T7464] loop4: detected capacity change from 0 to 128
[  220.229066][   T30] audit: type=1800 audit(1757479705.295:40): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.433" name="file2" dev="loop4" ino=1048616 res=0 errno=0
[  220.253897][ T7464] syz.4.433: attempt to access beyond end of device
[  220.253897][ T7464] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128
[  220.278718][ T7438] loop3: detected capacity change from 0 to 2048
[  220.345340][ T7467] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  220.356998][ T7438] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  220.377262][ T7438] Remounting filesystem read-only
[  220.788178][ T5953] usb 4-1: USB disconnect, device number 5
[  220.861223][ T7463] fido_id[7463]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  220.919077][ T7472] loop0: detected capacity change from 0 to 256
[  222.938792][ T7503] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.444'.
[  223.363336][ T7512] loop5: detected capacity change from 0 to 256
[  224.178945][ T7507] syz.1.446 (7507): drop_caches: 2
[  224.375052][ T7525] netlink: 60 bytes leftover after parsing attributes in process `syz.0.451'.
[  225.030401][ T7520] loop4: detected capacity change from 0 to 32768
[  225.490597][ T7520] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  226.118705][ T7539] loop1: detected capacity change from 0 to 512
[  226.162909][ T7520] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  226.379282][ T7539] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.426977][ T7547] loop0: detected capacity change from 0 to 256
[  226.436515][ T7539] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.450503][ T5865] ocfs2: Unmounting device (7,4) on (node local)
[  227.122293][   T50] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  227.176865][   T50] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 5 with max blocks 163 with error 28
[  227.220930][   T50] EXT4-fs (loop1): This should not happen!! Data will be lost
[  227.220930][   T50] 
[  227.243934][   T50] EXT4-fs (loop1): Total free blocks count 0
[  227.255904][   T50] EXT4-fs (loop1): Free/Dirty block details
[  227.274267][ T7552] netlink: 28 bytes leftover after parsing attributes in process `syz.5.463'.
[  227.283299][   T50] EXT4-fs (loop1): free_blocks=65280
[  227.283335][   T50] EXT4-fs (loop1): dirty_blocks=165
[  227.283349][   T50] EXT4-fs (loop1): Block reservation details
[  227.283361][   T50] EXT4-fs (loop1): i_reserved_data_blocks=165
[  227.315737][ T5860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.335368][ T7552] netlink: 8 bytes leftover after parsing attributes in process `syz.5.463'.
[  227.992778][ T7569] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  228.706850][ T7572] netlink: 'syz.0.468': attribute type 1 has an invalid length.
[  228.779320][ T7572] netlink: 16150 bytes leftover after parsing attributes in process `syz.0.468'.
[  228.832367][ T5943] IPVS: starting estimator thread 0...
[  228.925577][ T7577] IPVS: using max 27 ests per chain, 64800 per kthread
[  229.061071][ T7574] syzkaller0: entered promiscuous mode
[  229.088154][ T7574] syzkaller0: entered allmulticast mode
[  229.162414][ T7589] loop1: detected capacity change from 0 to 1024
[  229.259612][ T7589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.542559][ T5860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.665970][ T7600] loop1: detected capacity change from 0 to 256
[  229.733647][ T7580] loop5: detected capacity change from 0 to 32768
[  229.773259][ T7580] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  229.844518][ T7580] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  230.182893][ T7608] loop1: detected capacity change from 0 to 1024
[  230.226200][ T6610] ocfs2: Unmounting device (7,5) on (node local)
[  230.233443][ T7608] EXT4-fs: Ignoring removed oldalloc option
[  230.305738][ T7608] EXT4-fs: Ignoring removed nobh option
[  230.321952][ T7608] ext4: Invalid uid '0x00000000ffffffff'
[  232.169878][ T7616] netlink: 96 bytes leftover after parsing attributes in process `syz.0.479'.
[  232.323573][ T7625] netlink: 'syz.5.482': attribute type 1 has an invalid length.
[  232.368697][ T7625] netlink: 16150 bytes leftover after parsing attributes in process `syz.5.482'.
[  232.430114][ T7632] loop3: detected capacity change from 0 to 256
[  232.726722][ T1211] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  233.015619][ T1211] usb 2-1: Using ep0 maxpacket: 16
[  233.085884][ T1211] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  233.181056][ T1211] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  233.205840][ T1211] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  233.216715][ T1211] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.224869][ T1211] usb 2-1: Product: syz
[  233.229800][ T1211] usb 2-1: Manufacturer: syz
[  233.237979][ T1211] usb 2-1: SerialNumber: syz
[  233.269258][ T1211] usb 2-1: config 0 descriptor??
[  233.280915][ T1211] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  233.291040][ T1211] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  233.663584][ T7649] loop4: detected capacity change from 0 to 2048
[  233.756662][ T7649] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.883578][ T1211] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  233.890422][ T1211] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  234.099659][ T1211] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[  234.109715][ T1211] em28xx 2-1:0.0: No AC97 audio processor
[  234.763196][ T5865] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.889446][ T7659] loop3: detected capacity change from 0 to 2048
[  234.963403][ T7659] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  235.032080][ T7669] netlink: 96 bytes leftover after parsing attributes in process `syz.5.494'.
[  235.081661][ T7671] netlink: 96 bytes leftover after parsing attributes in process `syz.5.496'.
[  236.296456][ T5953] usb 2-1: USB disconnect, device number 8
[  236.303202][ T5953] em28xx 2-1:0.0: Disconnecting em28xx
[  236.331183][ T5953] ==================================================================
[  236.339267][ T5953] BUG: KASAN: slab-use-after-free in media_devnode_unregister+0xe2/0xf0
[  236.347578][ T5953] Read of size 4 at addr ffff8880590c34f0 by task kworker/0:4/5953
[  236.355448][ T5953] 
[  236.357810][ T5953] CPU: 0 UID: 0 PID: 5953 Comm: kworker/0:4 Not tainted syzkaller #0 PREEMPT(full) 
[  236.357824][ T5953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  236.357832][ T5953] Workqueue: usb_hub_wq hub_event
[  236.357848][ T5953] Call Trace:
[  236.357853][ T5953]  <TASK>
[  236.357858][ T5953]  dump_stack_lvl+0x189/0x250
[  236.357872][ T5953]  ? rcu_is_watching+0x15/0xb0
[  236.357887][ T5953]  ? __kasan_check_byte+0x12/0x40
[  236.357900][ T5953]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.357911][ T5953]  ? rcu_is_watching+0x15/0xb0
[  236.357924][ T5953]  ? lock_release+0x4b/0x3e0
[  236.357936][ T5953]  ? __virt_addr_valid+0x1c8/0x5c0
[  236.357947][ T5953]  ? __virt_addr_valid+0x4a5/0x5c0
[  236.357958][ T5953]  print_report+0xca/0x240
[  236.357968][ T5953]  ? media_devnode_unregister+0xe2/0xf0
[  236.357980][ T5953]  kasan_report+0x118/0x150
[  236.357992][ T5953]  ? media_devnode_unregister+0xe2/0xf0
[  236.358005][ T5953]  media_devnode_unregister+0xe2/0xf0
[  236.358017][ T5953]  media_device_unregister+0x37c/0x400
[  236.358029][ T5953]  ? em28xx_audio_fini+0x59/0x1b0
[  236.358041][ T5953]  em28xx_release_resources+0xac/0x240
[  236.358055][ T5953]  em28xx_usb_disconnect+0x19f/0x2f0
[  236.358069][ T5953]  usb_unbind_interface+0x26e/0x910
[  236.358082][ T5953]  ? __pfx_usb_unbind_interface+0x10/0x10
[  236.358093][ T5953]  device_release_driver_internal+0x4d6/0x800
[  236.358104][ T5953]  bus_remove_device+0x34d/0x410
[  236.358116][ T5953]  device_del+0x511/0x8e0
[  236.358130][ T5953]  ? __pfx_device_del+0x10/0x10
[  236.358142][ T5953]  ? kobject_put+0x446/0x480
[  236.358153][ T5953]  usb_disable_device+0x3e9/0x8a0
[  236.358164][ T5953]  usb_disconnect+0x330/0x950
[  236.358174][ T5953]  hub_event+0x1cf5/0x4a20
[  236.358189][ T5953]  ? do_raw_spin_lock+0x121/0x290
[  236.358199][ T5953]  ? register_lock_class+0x51/0x320
[  236.358214][ T5953]  ? __pfx_hub_event+0x10/0x10
[  236.358225][ T5953]  ? process_scheduled_works+0x9ef/0x17b0
[  236.358240][ T5953]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.358252][ T5953]  ? process_scheduled_works+0x9ef/0x17b0
[  236.358264][ T5953]  ? process_scheduled_works+0x9ef/0x17b0
[  236.358276][ T5953]  process_scheduled_works+0xae1/0x17b0
[  236.358294][ T5953]  ? __pfx_process_scheduled_works+0x10/0x10
[  236.358310][ T5953]  worker_thread+0x8a0/0xda0
[  236.358322][ T5953]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  236.358337][ T5953]  ? __kthread_parkme+0x7b/0x200
[  236.358347][ T5953]  kthread+0x711/0x8a0
[  236.358357][ T5953]  ? __pfx_worker_thread+0x10/0x10
[  236.358369][ T5953]  ? __pfx_kthread+0x10/0x10
[  236.358378][ T5953]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.358390][ T5953]  ? lockdep_hardirqs_on+0x9c/0x150
[  236.358402][ T5953]  ? __pfx_kthread+0x10/0x10
[  236.358411][ T5953]  ret_from_fork+0x47c/0x820
[  236.358424][ T5953]  ? __pfx_ret_from_fork+0x10/0x10
[  236.358437][ T5953]  ? __switch_to_asm+0x39/0x70
[  236.358448][ T5953]  ? __switch_to_asm+0x33/0x70
[  236.358459][ T5953]  ? __pfx_kthread+0x10/0x10
[  236.358468][ T5953]  ret_from_fork_asm+0x1a/0x30
[  236.358483][ T5953]  </TASK>
[  236.358487][ T5953] 
[  236.650053][ T5953] Allocated by task 1211:
[  236.654355][ T5953]  kasan_save_track+0x3e/0x80
[  236.659010][ T5953]  __kasan_kmalloc+0x93/0xb0
[  236.663577][ T5953]  __kmalloc_cache_noprof+0x3d5/0x6f0
[  236.668922][ T5953]  __media_device_register+0x58/0x280
[  236.674271][ T5953]  em28xx_usb_probe+0x1764/0x2a20
[  236.679270][ T5953]  usb_probe_interface+0x665/0xc30
[  236.684359][ T5953]  really_probe+0x26a/0x9e0
[  236.688834][ T5953]  __driver_probe_device+0x18c/0x2f0
[  236.694102][ T5953]  driver_probe_device+0x4f/0x430
[  236.699105][ T5953]  __device_attach_driver+0x2ce/0x530
[  236.704447][ T5953]  bus_for_each_drv+0x251/0x2e0
[  236.709270][ T5953]  __device_attach+0x2b8/0x400
[  236.714009][ T5953]  bus_probe_device+0x185/0x260
[  236.718833][ T5953]  device_add+0x7b6/0xb50
[  236.723139][ T5953]  usb_set_configuration+0x1a87/0x20e0
[  236.728573][ T5953]  usb_generic_driver_probe+0x8d/0x150
[  236.734006][ T5953]  usb_probe_device+0x1c1/0x390
[  236.738829][ T5953]  really_probe+0x26a/0x9e0
[  236.743304][ T5953]  __driver_probe_device+0x18c/0x2f0
[  236.748562][ T5953]  driver_probe_device+0x4f/0x430
[  236.753559][ T5953]  __device_attach_driver+0x2ce/0x530
[  236.758901][ T5953]  bus_for_each_drv+0x251/0x2e0
[  236.763722][ T5953]  __device_attach+0x2b8/0x400
[  236.768459][ T5953]  bus_probe_device+0x185/0x260
[  236.773306][ T5953]  device_add+0x7b6/0xb50
[  236.777623][ T5953]  usb_new_device+0xa39/0x16f0
[  236.782373][ T5953]  hub_event+0x2958/0x4a20
[  236.786766][ T5953]  process_scheduled_works+0xae1/0x17b0
[  236.792288][ T5953]  worker_thread+0x8a0/0xda0
[  236.796858][ T5953]  kthread+0x711/0x8a0
[  236.800912][ T5953]  ret_from_fork+0x47c/0x820
[  236.805484][ T5953]  ret_from_fork_asm+0x1a/0x30
[  236.810230][ T5953] 
[  236.812530][ T5953] Freed by task 5953:
[  236.816483][ T5953]  kasan_save_track+0x3e/0x80
[  236.821140][ T5953]  __kasan_save_free_info+0x46/0x50
[  236.826314][ T5953]  __kasan_slab_free+0x5b/0x80
[  236.831053][ T5953]  kfree+0x199/0x6d0
[  236.834924][ T5953]  media_devnode_release+0x61/0xa0
[  236.840025][ T5953]  device_release+0x9c/0x1c0
[  236.844586][ T5953]  kobject_put+0x228/0x480
[  236.848977][ T5953]  media_devnode_unregister+0x6d/0xf0
[  236.854334][ T5953]  media_device_unregister+0x37c/0x400
[  236.859863][ T5953]  em28xx_release_resources+0xac/0x240
[  236.865309][ T5953]  em28xx_usb_disconnect+0x19f/0x2f0
[  236.870671][ T5953]  usb_unbind_interface+0x26e/0x910
[  236.875869][ T5953]  device_release_driver_internal+0x4d6/0x800
[  236.881925][ T5953]  bus_remove_device+0x34d/0x410
[  236.886844][ T5953]  device_del+0x511/0x8e0
[  236.891151][ T5953]  usb_disable_device+0x3e9/0x8a0
[  236.896154][ T5953]  usb_disconnect+0x330/0x950
[  236.900823][ T5953]  hub_event+0x1cf5/0x4a20
[  236.905212][ T5953]  process_scheduled_works+0xae1/0x17b0
[  236.910746][ T5953]  worker_thread+0x8a0/0xda0
[  236.915316][ T5953]  kthread+0x711/0x8a0
[  236.919357][ T5953]  ret_from_fork+0x47c/0x820
[  236.923934][ T5953]  ret_from_fork_asm+0x1a/0x30
[  236.928677][ T5953] 
[  236.930980][ T5953] The buggy address belongs to the object at ffff8880590c3000
[  236.930980][ T5953]  which belongs to the cache kmalloc-2k of size 2048
[  236.945006][ T5953] The buggy address is located 1264 bytes inside of
[  236.945006][ T5953]  freed 2048-byte region [ffff8880590c3000, ffff8880590c3800)
[  236.958947][ T5953] 
[  236.961249][ T5953] The buggy address belongs to the physical page:
[  236.967654][ T5953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x590c0
[  236.976386][ T5953] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  236.984858][ T5953] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  236.992807][ T5953] page_type: f5(slab)
[  236.996764][ T5953] raw: 00fff00000000040 ffff88801a842000 0000000000000000 dead000000000001
[  237.005332][ T5953] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  237.013903][ T5953] head: 00fff00000000040 ffff88801a842000 0000000000000000 dead000000000001
[  237.022547][ T5953] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  237.031190][ T5953] head: 00fff00000000003 ffffea0001643001 00000000ffffffff 00000000ffffffff
[  237.039833][ T5953] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  237.048478][ T5953] page dumped because: kasan: bad access detected
[  237.054882][ T5953] page_owner tracks the page as allocated
[  237.060581][ T5953] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5856, tgid 5856 (syz-executor), ts 76685255257, free_ts 21458614156
[  237.081917][ T5953]  post_alloc_hook+0x240/0x2a0
[  237.086686][ T5953]  get_page_from_freelist+0x21e4/0x22c0
[  237.092216][ T5953]  __alloc_frozen_pages_noprof+0x181/0x370
[  237.097999][ T5953]  alloc_pages_mpol+0x232/0x4a0
[  237.102830][ T5953]  allocate_slab+0x8a/0x330
[  237.107310][ T5953]  ___slab_alloc+0xbd1/0x13f0
[  237.111963][ T5953]  __slab_alloc+0x55/0xa0
[  237.116282][ T5953]  __kmalloc_cache_noprof+0x411/0x6f0
[  237.121629][ T5953]  rtnl_newlink+0xed/0x1c70
[  237.126110][ T5953]  rtnetlink_rcv_msg+0x7cc/0xb70
[  237.131023][ T5953]  netlink_rcv_skb+0x205/0x470
[  237.135762][ T5953]  netlink_unicast+0x82c/0x9e0
[  237.140501][ T5953]  netlink_sendmsg+0x805/0xb30
[  237.145233][ T5953]  __sock_sendmsg+0x21c/0x270
[  237.149894][ T5953]  __sys_sendto+0x3bd/0x520
[  237.154369][ T5953]  __x64_sys_sendto+0xde/0x100
[  237.159102][ T5953] page last free pid 1 tgid 1 stack trace:
[  237.164878][ T5953]  __free_frozen_pages+0xbc4/0xd30
[  237.169992][ T5953]  free_contig_range+0x1bd/0x4a0
[  237.174919][ T5953]  destroy_args+0x69/0x660
[  237.179314][ T5953]  debug_vm_pgtable+0x39f/0x3b0
[  237.184138][ T5953]  do_one_initcall+0x233/0x820
[  237.188877][ T5953]  do_initcall_level+0x104/0x190
[  237.193791][ T5953]  do_initcalls+0x59/0xa0
[  237.198094][ T5953]  kernel_init_freeable+0x334/0x4b0
[  237.203273][ T5953]  kernel_init+0x1d/0x1d0
[  237.207600][ T5953]  ret_from_fork+0x47c/0x820
[  237.212166][ T5953]  ret_from_fork_asm+0x1a/0x30
[  237.216907][ T5953] 
[  237.219208][ T5953] Memory state around the buggy address:
[  237.224809][ T5953]  ffff8880590c3380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  237.232864][ T5953]  ffff8880590c3400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  237.240899][ T5953] >ffff8880590c3480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  237.248932][ T5953]                                                              ^
[  237.256620][ T5953]  ffff8880590c3500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  237.264652][ T5953]  ffff8880590c3580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  237.272685][ T5953] ==================================================================
[  237.770971][ T5953] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  237.778214][ T5953] CPU: 0 UID: 0 PID: 5953 Comm: kworker/0:4 Not tainted syzkaller #0 PREEMPT(full) 
[  237.787583][ T5953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  237.797630][ T5953] Workqueue: usb_hub_wq hub_event
[  237.802656][ T5953] Call Trace:
[  237.805917][ T5953]  <TASK>
[  237.808834][ T5953]  dump_stack_lvl+0x99/0x250
[  237.813416][ T5953]  ? __asan_memcpy+0x40/0x70
[  237.817987][ T5953]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.823170][ T5953]  ? __pfx__printk+0x10/0x10
[  237.827752][ T5953]  vpanic+0x237/0x6d0
[  237.831893][ T5953]  ? __pfx_vpanic+0x10/0x10
[  237.836378][ T5953]  ? preempt_schedule+0xae/0xc0
[  237.841224][ T5953]  ? __pfx_preempt_schedule+0x10/0x10
[  237.846599][ T5953]  panic+0xb9/0xc0
[  237.850306][ T5953]  ? __pfx_panic+0x10/0x10
[  237.854707][ T5953]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  237.860588][ T5953]  ? media_devnode_unregister+0xe2/0xf0
[  237.866126][ T5953]  check_panic_on_warn+0x89/0xb0
[  237.871045][ T5953]  ? media_devnode_unregister+0xe2/0xf0
[  237.876572][ T5953]  end_report+0x78/0x160
[  237.880801][ T5953]  kasan_report+0x129/0x150
[  237.885292][ T5953]  ? media_devnode_unregister+0xe2/0xf0
[  237.890827][ T5953]  media_devnode_unregister+0xe2/0xf0
[  237.896183][ T5953]  media_device_unregister+0x37c/0x400
[  237.901625][ T5953]  ? em28xx_audio_fini+0x59/0x1b0
[  237.906635][ T5953]  em28xx_release_resources+0xac/0x240
[  237.912083][ T5953]  em28xx_usb_disconnect+0x19f/0x2f0
[  237.917355][ T5953]  usb_unbind_interface+0x26e/0x910
[  237.922550][ T5953]  ? __pfx_usb_unbind_interface+0x10/0x10
[  237.928254][ T5953]  device_release_driver_internal+0x4d6/0x800
[  237.934310][ T5953]  bus_remove_device+0x34d/0x410
[  237.939239][ T5953]  device_del+0x511/0x8e0
[  237.943560][ T5953]  ? __pfx_device_del+0x10/0x10
[  237.948395][ T5953]  ? kobject_put+0x446/0x480
[  237.952971][ T5953]  usb_disable_device+0x3e9/0x8a0
[  237.957987][ T5953]  usb_disconnect+0x330/0x950
[  237.962651][ T5953]  hub_event+0x1cf5/0x4a20
[  237.967063][ T5953]  ? do_raw_spin_lock+0x121/0x290
[  237.972072][ T5953]  ? register_lock_class+0x51/0x320
[  237.977262][ T5953]  ? __pfx_hub_event+0x10/0x10
[  237.982006][ T5953]  ? process_scheduled_works+0x9ef/0x17b0
[  237.987712][ T5953]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.992898][ T5953]  ? process_scheduled_works+0x9ef/0x17b0
[  237.998601][ T5953]  ? process_scheduled_works+0x9ef/0x17b0
[  238.004492][ T5953]  process_scheduled_works+0xae1/0x17b0
[  238.010051][ T5953]  ? __pfx_process_scheduled_works+0x10/0x10
[  238.016029][ T5953]  worker_thread+0x8a0/0xda0
[  238.020617][ T5953]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  238.026941][ T5953]  ? __kthread_parkme+0x7b/0x200
[  238.031871][ T5953]  kthread+0x711/0x8a0
[  238.035924][ T5953]  ? __pfx_worker_thread+0x10/0x10
[  238.041025][ T5953]  ? __pfx_kthread+0x10/0x10
[  238.045596][ T5953]  ? _raw_spin_unlock_irq+0x23/0x50
[  238.050782][ T5953]  ? lockdep_hardirqs_on+0x9c/0x150
[  238.055966][ T5953]  ? __pfx_kthread+0x10/0x10
[  238.060538][ T5953]  ret_from_fork+0x47c/0x820
[  238.065117][ T5953]  ? __pfx_ret_from_fork+0x10/0x10
[  238.070214][ T5953]  ? __switch_to_asm+0x39/0x70
[  238.074963][ T5953]  ? __switch_to_asm+0x33/0x70
[  238.079710][ T5953]  ? __pfx_kthread+0x10/0x10
[  238.084284][ T5953]  ret_from_fork_asm+0x1a/0x30
[  238.089035][ T5953]  </TASK>
[  238.092295][ T5953] Kernel Offset: disabled
[  238.096601][ T5953] Rebooting in 86400 seconds..