last executing test programs:

2m32.286789037s ago: executing program 3 (id=129):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000000c0)='M', 0x1)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)

2m32.068306827s ago: executing program 3 (id=132):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$key(0xf, 0x3, 0x2)
splice(r3, 0x0, r2, 0x0, 0xf3a, 0x0)
timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

2m31.055865005s ago: executing program 3 (id=141):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f00000000c0), 0x2, 0x0)
r2 = openat$cgroup_procs(r0, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000180), 0x12)
write$cgroup_freezer_state(r1, &(0x7f0000000200)='THAWED\x00', 0x7)

2m30.731412554s ago: executing program 3 (id=144):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file2\x00', 0x0, &(0x7f0000000780)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x8}}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrKpupOkcdvgQ1UQfSqoFZ+ENSaTEDLJLMmk3YTFpvgqCCJa8EWffBH8AwTpi+8iFOq7qChSs/qg0PbKnbnTTWZnkhRncpfk94Oz9557Zu73ncnOybkzN/cGcGE9GRHTETEWEc9ExFSxPS1K7HdK/rh7B3eX8pJElr30dhJJsa27r8vF8lrxtImI+MZXI76bPBh3e3dvfbHRqG8V9ZnWRvJOlu3dWNtYXK2v1jfn5+eeW3h+4ebC7FD6WY2IF77815/88JdfeeG3n33lT7f+Pv29PK3/Ztmr0dOPYep0vdJ+LbrGI2JrFMFKMt7uYcfNknMBAOB4+Xz/wxHxyfb8fyrG2rM5AAAA4DzJvjAZ7yQRGQAAAHBupRExGUlaK873nSzOWL0WER+Nq2mjud36zEpzZ3M5b4uoRiVdWWvUZ2Oife5ANSpJXp8rzrHt1p/tqc9HxKMR8eOpK+16banZWC77ww8AAAC4IK71HP//eypNa7Wicb/k5AAAAIDhqZadAAAAADByjv8BAADg/Ktmfe7Q9aB09JkAAAAAI/C1F1/MS9a9//Xyy7s7682XbyzXt9drGztLtaXm1u3aarO52r5m38ZJ+2s0m7c/F5s7d2Za9e3WzPbu3q2N5s5m69bakVtgAwAAAGfo0U+88cckIvY/f6VdcpeKtkpENnb4weNlZAiMygc6p+cvo8sDOHuHf79fKTEP4OyZ0sPFVSk7AaB0J/0B0MCTd34//FwAAIDRuP6xwd//v71SamrAiBXf/yenugAIcK6MlZ0AUJrO93/vZR1lZwOcpcpxMwAHBXDupcP5/v+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSVbWGvXZiPhQRLw1Vbmc1+faz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3s8HLiX/mWovI+KVn7300zuLrdbWXL79n+9vb71ebH+2jE8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNO9g7tL97Isyw7uLp1l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjh56XRMTYEOLvvxYRj/WLn+RpRbXI4kj8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK0+/uavZwbGfy3i8fH+4083fpLvr0/8p07Zx+98c29vUFv2i4jr/ca/5GismdbG7Znt3b0baxuLq/XV+ub8/NxzC88v3FyYnVlZa9SLf/vG+NHHf/Pe/dq7D/T/6jHjb7v/A17/p0/Z/3ffvHPwkc5qz08mKvHzLJt+qv/P/7F88en+8fP/E58qfg/k7flrmL7+rb7xn/jVH54YlFve/+UB/Z/o6f/lnv5Pn7L/z3z9+38+5UMBgDOwvbu3vtho1LesHF6J6kORxsO7ks87S08jiSTylbeONC2Wn1hn5dXiPbbY6L7bhrTn3xUHR6NMvqTxCAAAGJ37k/7elqSchAAAAAAAAAAAAAAAAAAAAOACOvEyYIOa0oi4v+XbPzjmamS9MffL6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLH+FwAA//8tudaU")
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x80, &(0x7f0000003880)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
fallocate(r0, 0x0, 0x10fff9, 0x10fff9)

2m29.762869378s ago: executing program 3 (id=152):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000340)={{0x1, 0x53000, 0x3, 0xad, 0x3, 0x4, 0x7f, 0x7, 0x0, 0x2b, 0x9}, {0x8000000, 0x30000, 0xf, 0x24, 0x8, 0x0, 0x7f, 0x1, 0x3, 0xf0, 0x9}, {0x2, 0x5000, 0x8, 0x5, 0x1, 0x1, 0x0, 0x4, 0x1, 0x5, 0xb, 0x5}, {0xdddd0000, 0xffff1000, 0x0, 0xe7, 0x4, 0x2, 0x1, 0x3c, 0x8, 0x8b, 0xd, 0xed}, {0x4, 0x8080000, 0xd, 0x3, 0x5, 0x86, 0x9, 0x7e, 0xa, 0x0, 0xf2, 0x43}, {0x70000, 0x6000, 0xb, 0x7c, 0xb1, 0x24, 0x7f, 0xaf, 0x80, 0x3, 0x8, 0x3d}, {0xd000, 0x100002, 0x9, 0x3, 0x8, 0x5, 0x1, 0x3, 0x5, 0x46, 0x3}, {0x5000, 0x60000, 0x4, 0x5, 0x9, 0x8, 0x3, 0x37, 0x0, 0x9, 0xf0}, {0xeeee8000, 0x2070}, {0x4000, 0x7}, 0x80000033, 0x0, 0xeeef0000, 0x2104, 0x4, 0x0, 0x80a0000, [0x1, 0x7, 0x7, 0x3]})

2m28.647212536s ago: executing program 3 (id=160):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
setresuid(0x0, 0xee00, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@cgroup, 0x6, 0x0, 0x50d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

2m28.14754281s ago: executing program 32 (id=160):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
setresuid(0x0, 0xee00, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@cgroup, 0x6, 0x0, 0x50d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

2m19.615343318s ago: executing program 2 (id=209):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

2m19.365241199s ago: executing program 2 (id=210):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
mlock2(&(0x7f00001e2000/0x3000)=nil, 0x3000, 0x1)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000372000/0x2000)=nil, 0x2000)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

2m19.084480684s ago: executing program 2 (id=211):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4090}, 0x0)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x271e, 0x0, &(0x7f0000000040))

2m18.752401563s ago: executing program 2 (id=213):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
chroot(&(0x7f0000000140)='./file0\x00')
umount2(&(0x7f0000000100)='./file0\x00', 0x2)
syz_fuse_handle_req(r0, &(0x7f0000004140)="a1af56567af19ce4706948d30f35abf6494690656d554e6190797369db23a30bf328aa47a2e54509379ba2e477e6e0461d2e45920d509fa49de04732cd2f4a4e34d73eb464d09605a698ad2219a2175ebcc560f740fe531ba46ded4232d273d1865282844f5a3b54d7f154c21a8a82228e27b2c1af662a92e53d81cae3ea68707ce43f89c3321797039a0a39e24b83035dbfb1ac9668b5f87c4ae50250e92c8b113ed58f60015d9c1990253e6646c02901b08a2ec0acceb7ac1e28f59b1e22663432bd5435083b604934bda5f4897467677ac5609bb6e1d1f938a1a8238d2df6db69fcffa48a08ef9231830ceb045a999a9ba43b4d605ce7bb4736ee8bdaac3399576ad3d434c12f1ae8fc5e06dbbfac985d7105c3b7f431854465b6f732e1397e4647e88e86b0a3b01c1ef689a4bd3963deb3b06190576c690ab257b9845b4d412f248184e124b5228f4236d020d4b80ff0772d9515685918c41cad06498a6833d591c191916067759bfeceec176d582621bf23b8d827e2c8977822d64ca19c168fa8a4ea90a60ed60854342e7c42ce11f414dcff1fff715d10ed263d305e5c563ee13a1527795b012e01b8442026032a761cf5104f00dc28a761596d8393e3750be1a8788fa7152a3cd8e051a963120417af9bd3e659bbaac6406a70ba347641aeffac9436fc2352bf7822dabd7a4911a5b947f9c07f805e67ec8c7d787ff358b426494b87aaac46c2d4061ccf3d19201d8d099dddf2b257cacbba656cb7626b0d3fa11881e99799b92f0a07813eac359a64a61a03d6527a24a4fee8e6cbd74932adba5ad3a865788e874b796cc8555522b19f76676646f21f31fad8c360982ce2b23fd4aec43bff16e0f3f1e1e804daf28f236081d0686108fde25f7e6a7bef08b793beca5b21b5f4893543ef1e3a216378cb76a54fa879ad9624a60a0b3306c8548e1a22b735213969421dc9ef70338bb780ad55adfb6b4f4ca3d8ce7c697ce3f0a6210a27cc900ea2218c52ac06bbcbb91adff643f1a3b93db67d7902f23eb89ab2f892970551127b39e7bb9f37c62adb8abed20c8c84531d143c6be2b8b05766e248a94aae400b36a3399ba174ffe14ffd354f508ce30ea991f57018a3534e0eac9cb49d0e6085f93b367d817ee83b24c11f9d38044a9739f4fd41b6a8129fda808bb930beba6223dfe154b23d7c39ac4fb6656169275c31e15d37d3d96b0aaa13637f1c28178f5fc4ebbe1af6acc985c783a30dffde8d7eb0c8863e3481caf2606a4b6930c234736404d4eeefdda697193f57d332540a423831db671d7d3e8e15ef3d6a26b83a5053bdc2f0b378c6b39ad0b8b9c7bd5c4bf81018ce15d0b344772f6c6f469e40c9848cbcb1b3ccb721b4b1f895a6e034380d882bd30a20f1c2b8ae138e6728306e16f6093774d21b798cd73a16bc577be751deb434ef019dd454fa3ce3cc3b2634ea4957548bf226d0b24bce757382c639dae891e55dcb24ffc9dc2c08acfafabd4565dbcad34e1a8e781c56e9144f0e85a5cf6c79a5d1a8b3479cdc178215f05081eebdc03607798c66fd043824756e896c2b69fe5e843e0eb26c86a37a8944e93a7f3b2a863136d56579d0377f9424cf00dd6da7b19066f990ce05e1b93479f125cbcc5c91aea56ef04950164079f5e22ebfd77d54676b2de392ab20298876bce1ae9941ae109d7088edb29d02539aec8f276b862bb28fa6a68bb1a0bda1b0ec6e5891e93777d9b126d6add7eb36a7f75c435618d368c04156f8a116d0c843ad04842d7b7c84cd87e75fb81ec16ef184fd3119c16c950b84bca9a12a86f0e333d9fe34622f5a51e9772dc8b94c491e16db0c537e211b01c9f13f9e7a7b2f4d8053baded5d6018561b547562efbeab2946f3ef872d0256196c75fd7f520da7aea0f63a278052925c6c88307bed0336c5632ca98086e7712af309f99a6adb3ec4417eaa9aefe3fd43c4402bc13868832d6dfaa97de7ed43fe3711917de97058d60067d5eeb90ecb428182d07092c516e6eef6781756e308926faa9796dd1a29dd4c3827115fa8e14bbe449f4144785b9581a198273adb8bab0d4080adbb592b25fd74d426233f537562a4a98b07f4b2060b4f496c66a0169391b713fdd991fa90cfc313245f57900d980adcbd46ada0a7bdfdfec4bf8ba12e37724c9dfd7fbbe4541bf21cc393249a555746268e7e33bdb43f2cd4932e39fc818e49d0e588d12a3a297be074ad83db57be9d4455ab0685b087e8ee9f5c7c33e10c9d6be572b58c88b79756c45eb9eed6d0275944d9cc1cbc8c498917aa2fd79c00567d4f9f768579f891e23fa9548c5fbff150d2873ecc72da8d0077a223f9d18700b690d8046783bba756a2c9863b7ffc7022b2da68a332f72f704bc38a0fcc4f445891f1ca1ef5dad28b87ce8bdef23ffe29ee23f2c0a002c80cf99399dc7276aec6f9d8b6ff3d7554409a4e38d2029a43f8a70da62b33c44f5f4f299eec825302c52e5f83d462b81512775107059826c8880578f01d8cb53af86ad61a7e36c2ccdf55ce197ec2a78219a5b952a9bd12ac2cc3271e84e6dad464c7ec9d9f0310614200a98cfa933d5db05c00c95c59fc5bb8844ff856ee7f9b091700b1a93ae1c00a40d9e5e6ce036f90a6dc34faa9dc8e8972c49b055f9a43ae10251705a960f2cfc8430cf9bcafc26c8eccc8b75a788beb41d180d4364f3083f3ffb5e39049979903c76f440810b7ea608ff84f5e56f9e0653bf15b6b6332d458f8d2e2b17d7bd2305a8909996d2ebfc2ee2ff697fccb215bd8c73d4b9f5b597308f98ed8fbda58f52cf8443f5a9db7f0f6e75e1c9e47d73f8d0624e9e6f33c2dee3c6ff394082d78ffd3a68309b3085e1a7c106f62c3959a353672cadadf6c058fe366b03fcd95a23f564c55a3ce9a914c11c8b2d6040147a1539b106adecce531646fea4db06775fe5d1bf9cb0107941b620043ac9b7936b2af9849eca9c46062945b137dfa355a7ee0c81a0193fa60a70e59b407af06a7f181a3e4ccc81f2c580a6c6cf67a8bf93eb8ff2151b7074144bf7c5cff97814e0c00c138d984559ac8b95a45a4497174130bbb0db22fa53187db1d923d9ded441a4d2fcbe0ff5736ecc3d94bfbb2df632ac88a02f2c9f73312e7a9c2d8d6c0bbfc774595e2e63669f2b5bbf6ee6a1ab0c25e313d819b02c785494eda4cace033e96b1ecc5b155a14e0c8d51d54d8bf33e499d0913d9605a419bc6c73c6bb07d1a306adb27dfedbe81a386fb3bb659764442c4d9d66673a916ee5a6ae59abc994fff64f2db0c83e2b18944f619cfdea0ea0911064ab690b2e03670a3e3667651c1980d0491a40312307e4534671c9c8ca8712506eff211577783c81dc05ffae4a9c6d7554f9fec07b25451c70e6f4d4b160544b66d66dd88ef1c77f09133db317c39fca05b68ef3eee3c28cbe31982adb0693fe9699d06654150346915ccdb17c69ea3aa8bb36b5f321060f6237dec73a011b233b81a6337bd77da5da753593fe30282456a0da2c4a18911ab5a8af13c8f623e5684f74f322ba103482d9abec31a684707671759ac8bb2592d66350745f77f18bd6a6cba542644f1fdf0dca14a08f4ffd1365969ee896cb39e845f71590eb4c73cc624cdcfbdea2352ad5173e5e919fcb98f6d960341047d181075ec8b1e92f40ecd5a1bf157925329748cc7af0239a7803a0c947479e070b026baf6738c29c9a8351685abd43775726ec0bfeff4d51fd3fcb04b108de286c5f61a82ef496e20133ef8b4ae243e81b20822ea6285c70bf1a33cb9f4ceeec053f60992c0023bd5acb0d4a9a55ef377f2837784ada634070a85b0a42fabf288130d6b74ca23473fbce932bedb44cd51dae78efd058dde5d7eb4aadfe3dd8346420567e745ced5189db6df22edbc66580a236f6ab148a3efd69bdea3dac7cffb47df44dbef7fcb436902bb30d65d65d5320c3b76ac17f43d27b2deda8692ba03ac2ae60e4ed2a9232c71a98b9869259a410b901f38cd6712f69f2dc3f92b7c5909f3595e99c9fc77d4d33f9a0e57d5f121e2de782b22cf7fb9bf22fc6afde5e42876ff8005f8a042bb5a9b67d60f40a7ad1cd73810a4f704f14823d4074e5a32b028c8360432b8aff539705961fee84d6c60b2b4d2efad60fb20c1da653869349b81e6c3d56c96ce56a833ee9a2b3e92a4b96c5a545910406751b4e7da24a328de0e20042d1ecc3bf7fd97071bb2740f497307501d90fa9c8e5cd63a703096955f4934d9140ad295cae59232cf005574d875e098637ecb757305a51d102ae5323b23a61c1a1b888c5974a243e42bfc391114ba5ba28e2375cf1d6d1a63e6bd5cf9aff9af16bdc927f642151597fe6d18ab008426f25054ee8e39136e2c217ad1f4cbfccdaf9a0cbd97edef5fef9b2ec486a4b21d79021103deec2ceb26c0b0035856ea2370aa3a8de925797722aeeee2d504184988f9f8727915c389f043c3de2b0d8e3046c46b33cb1615f291f272ade0029cad1f1d2e723e62cf739b667b005de14c3ed265e3bc2d553bb232f88b92a8284996c50e141608623ca7677a9cefb85fb0e0e77e23b9767dd65fbc119a15969ecd10f8033d9f37a748a895fd39390563f5f7998bb10eda8610855eaeb2499d8234975edb16c438069e8701bec0a86ae108a19b9f54782648af4b7b04a1d7b6b3a853c24f2393120918d1eed7b40f467c88857ee9cddf5f01db495f3138984387adfe3cf51a47dca021f9f31b44af1d12e7c9f4c768f2a46d5c012a937985f56436ae15528ae3597590c927be9676a4ca80a19d44457b06991c02488c96e31094cd963b64e8623fc7000009ddb29b0dbb13671c321d24e322a05cf215dd04eabc2cc6fdaed762d3f9da0f1e0e4b7ba13a6036771c9403457dfddecb71579de33c597860a2e49d7b5052a6b018ddb409a7a84f8f6651d070a4c913b7a721490c8f97c085de8315019952deae16434a3e5fd5d242b1b333d8a801aaa67e4aa599b818c8e747ecac2e9c6176bec7e34ecb84450903f5aa6c6c6bf539b240506562d73c5dfbacdfbcc9db3089701f2c7fe6d6b8d6728f8a1b90a911338463e6fd824ecda51578865b3c363b4b79f6c698e27760c1090f8ae52d6fd3f0f9488f1c25feab4b48c03ddcf74a8b6d2b0fc6b5a89b8051c99edee357fcb875f523f7a88a5f25222fc0ba159873b47fe906e88f920943e453048cdea455dd98fe77f55d9c92e205b87120ac5ef791cd7d6ce7d2cfe689db61096c6e4fc359c9aa4dd3d1205358da38882073ef7268239f7c74b0f3cd60ca239b2fcdc3f5c774559ffbb2b821f1314987d8cbe5342db9567a864d569abfde85f1124e2b178be4d020c4244ddb0cf4ef7124f295a81b9c10227ea886e6f6ea2dca031a026a4f946f49598b76141a0b18170bb3cfa9136c49c69d71732aa223db1e65553aa03bec9b0a35c31eb4e6b0dab02ec2c2d851a731be9cec6078456631c68761e14dbc9afa2c3f631a160ebf9d1fd3c2ecccf6d4aebaf0fafe2e9f47ea9d386425a7950671cde77c6951ef43a1ed32f0ed6fcda74ca9333d2513e4a40cfca01a17bfbc13b0229e2b16400880d96e4c687fc54ed0b34326126f845bd7cd2063c51abbf8bb61f6f1dc3606959f2dececc6e3e08d808841c4779ca0f5f51e7e03260d0b75b1b0355f8544c1639b2f0bfd6f95c4f6d151073a086ecc890d6366acbcee869020cf347e700a8361bd8d5c53e6480526aaf31c9c655eae11831184746a709387e60d68c062e5e05e578d11687f6a5411ffac4cfd62331f63a9726ae77c5799bcca05d6983c985cd23d025e3367ef8c7ee903de557322f38629628ee3076ac483f8257c6335a478412cad1d73b6fd43c37a62dd7a0ae7601f12b4478c3f2ee105a915ff2052d23a8b9af3ca59013f553006259d4cce52212862d22c08c29affa3520b33a6b68cf2b9f91d9258dc5052bf360977ba81a37701118f635379d852b6481843604c111bcfa4970afd5a0fa52824cb27ac9a77b7575e3e0cd043c29c5682a47fe94fd6c2c225b6d9939b99c18b5fb898c5f28e87a5b6a0bbeaa2c4725cf5494765d79a50d2417e84130bb37f540e8db7064e57935ec3c6f9caa2a9a1ced0f8c6eebcb9b688490b31f864dcd9b726628218b42f45aa82f2bcdf2c7532c9669ea7ffb6842451ac314a35cdb0855312448c24efd6583a582e15ad5e7f7b714f0ac703a24e2ee8769a868079af8660931ba325ea1c9b636ef7b13776204dd733c3bc69f11e026c382ac0fa5ce8413fb9f84408e4648a5e66b8592093a17a42cb105b616b8239d2031200eecb9beca6d411a71f072fd159eac0a4f4392a0cedb96248dad497b2379f3162254045ce276503093e5e7ab062b942cf6f2302a5ab9af1b3a315ec67faf84b70fdbdb39044a22cd7bd0f62ba66ce2257f3aa0f56d53c8157c4db3297087e25ec24696813430f386f5ad55bf6289f62e1492dc6ac3bb5047e933d54ec338cafb3bfae8336215611bc3e8a5cafaca7c70f580570518a675cc2075c7593e1d98ef02b74f06b041b6ed9b06e820d32b413de06235441a52346c3fd2e723816c7b481fbf564a525646ba62c615060b2f9fb0ff0f00c376c6dfcdb060aca7af2f07f6030a2ca324c8380c11f9c1182acdea2123c52f5a40b44909180a14037c760c4ecc10f20206445aa65cf835f09633491f608598f1fe5cb5175ddc48070fe0608335af27ded864f97dd52c235b7c4ece6bda153224b773c64235c1099054a55849cd1af7832abd1383e82f63715c9cc24543397bd56e34fd5d28e49021bb483617a3444fdcf8cdeb33bd8675334a897e17966fcbc1e5c5c5399bb6bf02a9bbfaa5f3c58d2efd007dcb1190af4ab4b71987ff7824bd9b9c6d6fb0b144c1fd462805aabf2c7fbb043ff22b496e41a4a81957892efe74d614d62d4b04bbf544fb03826e9baa2a84f32da4d1154c1d0fbdcc17f24a49633761d2b5962e618d8a9be2bf373cdc9c45ecff0148f355075fde5ad5e8da5d59498eb2b7f77a4c0622edd29d7dfedd748b750d0b48057fa7b8ff575714a408a926f6e0cad081eb24780fdbb116fb8dfefb2006f765ff95fe4def6b83fa97b3f54204a0c00cf71c4a1efeface1198a94610570816d08c19af76b03afa42f722abbfebb2c99a905300918dbcd131fce84632bf4f7f5dabd1b5b05742755b45e50eb89ee278e0f6f1a8ad3d9f907b9accbe4845f6591f8361b52e4dd8f19823efd7e89c2ba80c70671eea397e1953daa12907ce59d940a6dcfb3eef7ba7405bb489c38319ac4fee62dec986f4f0975dc1b9f576ebdbca90c42e7f3b1928154af66de5e54b16d8b6541f55daa90812ea7dab78a87d969e4bf95c47f70ce84f9e41e542bbb91f77105c8314e8bd5d8d37e11d9af07c5dcedfab1f21642bb30fb332f7c6bfe13cde2f28f104344777066afe5b0f6db14390f587e64417b0dab027cef4c5daedc75812a7452d45e57e8e274ad8cd8a10b2b9ce0f371809101e9340f2fa0a59501020e48f862572fef70b350938e00a921fb1c080e933eaad2d56daeed692e7d69d4b95a2d1a620da88247314bd73a20cc7a504427df77ba969b5adbf74321e982c2a1913b66a8687960c8fb71a850c1003c76fe1c3bbbc8eb142dfa01f5df52b72bde0c8884374f72eeb8038ad57beb6c732c511bd5847ae8d4b69e195f87b03379279936dda69e11cfda279f37e53a05cb787f118d66f62a87037981937d6083e47e31de6a2700cb7976c0dfcf972bdd458e561f13b3e30368c8bacb722611db7627ad4e00a34f69a5eb9edc7eae464b2422a4c38bed04c49b15fce25ccd22347720273127236d6e8178cb414d1b4dc36cabd19f713782bde48db7094577042083cf5d42224eaa69e0d70b57e6f1764a825909c48858cda13ab13ee203fd0d57291acf508f91f9bc428d4c9ea06a9df3c9ce183e0c101a4d52fd87866c2146219beb15e616ce239cb025ef3dfdb3a2568a833c88a66a580ca9d3f2b770647d5baa42a707351688dc0be3b15d2cead64792e9f9688ef95ea5274c08ee13c4a3797ce346dceeaf7d81a18181839ebeed412baf43ec1abb35b7930ed7a528f9a0bbccd1ea6eb525488c6731150afe791bf58e524de4cc62e174d134bf5d170132efdb2cbb42b882219de563cbe6280ce4cd8482699442b236d1bd54517c3ad25fb3d68a649920357d85f343f0b46ce4a78b1836b6ecb198f1f1686597206c09ad4534717402eefc0d5a90639f91b84d3de00e7d815059640ada64140687c3e404432c74e91907cdcf3e07e997eed9de114767829833920a9fa5bebf7d99fc4f461375f3426b136b680230c7aa135f0d2d72be7bdf8667a8cf0dd0bf5490e393b5a465d37b9ee0d659c8c0f96681b71a867978b3503a45dfe95e49b9d11b8ca953ab01ec1714ca9ca1e1ed5998e02934901dcac10a2553a94618db7d79c4a48741afe3bceaa994833595808f8080f6eafadd31caee252a7d115db962320be9503147d39adbd11b1cd4cf2cd4bf94d9036ea61b2d4791c6326af653847d2b6dd83f5df51eb9473ae0c305abe5f3896175d82a2b569bf100166004886dc58432cd678c0a4a152013b2646a68284567b898e6f3d38a9187b6d10075234b2e11b7c929b308bbcb82f4a8ceafc503f18536092f2965d13875060c926b5404ccf3bcfb1389688fb4bf57ff79201d8a00cbb54a12b3be4693b4a295284c90e7d0f08b632eb0411bbd01d51112afe5db173a8159dd38fe6e9804f6ae779479ffdc697ec572b0934704dfcc3e9b2bec95587285299d1d79192b2324e4eaf4de74df050170562c08e0a821f47745f63ecbbb767846ddcc331f459013ec90de697346f1e57345a51fd9d2233cb3591c406bc25ff5c098c331cd026aca7ac1fb1c35c3d3597c7deb89620a364044b30c77d5071bea5b196a0c380ad40370985713838b1c830130a5fc15c5501748a2c8369e77c3fd4ec2f5de572ee183f526359f28865d68eb87c21f8fcd4a09d76ee6d9ef31561d9c97ae3672500e342a798b04177f2c5896bd06b4c96a58aa839185ae44b838d763872bbf1e7b665848f1e186b5ab6cd4628f4725324981b0aff0b9af2f78883dc8433d2dc26c1766e0ec77c4eb63da1f859c09ace8889fd2c5ec7f7e11eeb547900dd9332b7b96ea6be35aea692e54c1cc3d1211bc843f8e8ce71abb88873e132fe214a7e7670fcac38516b6935b9e0a2eeb43a0aebd25676db551d8cff4fe0b6cecbd59701317022511a2d612864c09496c99af48e1cd066c5bae55b415ec08e99947ac94885ddf875d8f8af199aba32c0bfc27f6e19e57380618e7940481077edf6270ea3befce28a55c2a68a961142e959690ba294afd57c5530a5fbd5f60d791a3f06720947c74cec26a571a9f2e5cf98cccefba8beff72f2570f8a0e1a130c0e85d4fbb6a6f0b881af274c9eb063ef09176d43f8f18bdb35a0acb1c6305ba5563d1b6baff53b1251305de413052667c4cf9f94460bf348fb27ab5719ae44faf02dae55d8eab643040834b04aab15a197568e8ebd296638b01e5ea34e39ed47ffb58a47027d4b7d978028b7812a141df233065e93c20dc736af1cdcedcf7e766eab238b3b4d3df022f50b43973c47d1c80055e4fdf569e50fd382e840b76a6db6c06b1f0603a2234b9175c5e15a22855b57cd5257d9b5a456712f281f83e1c6c87f58be8166f8b2e85e9f54d24fe3b420d77a22745dfc7ebc89e21acf1c6649324f4c5bf53e188ce3216dbdec21a06fa9e61d830814697727305fb48c705c4d6c4bdfb874e43a8fb1423e2d2d6bdfe22a0d2b211d3beb86937c639c934cfe9a4b6c2853ff353829028854e8d7d75f29f01c4d7c297fe0236345ecce914b3be4907788a39c093c9f9e2c930a15563cc453d08123deadf853c83db0e3986d993e44e441a874411b7905708462e1ba42ea22521d7c57089a77b14b6dbe57f0ce69c7c4f1c0d53385655a8ed6294f113d33ad8867ac05e80403e6a8103d1574fab80f43a4a3af93a67678346d7b3b977a1381afb93990b1cc3aa73cc463f72bd898f647f3f5a3b342fb5e37140ddc499edda92ee624039ef3f802c9055e20b7d6e4f5a109cb4ca1bf84d37d1e78d45a10f45602b61216ea8969eba3a0075256faf8e577de835bf0b37311d16310645effca6751cf502a035d7ac7d1ca2c23547a739116efb586dfe2762ca4bf5ce5fc48913efb41a4a93fdb240f0895cdf306ddd13337d38a58402561dd663bbc675e1a378d4f770ba5e308c6ada84faf18ab2b387b0ac139a57dc534e278a1afecafcaed3746701cee14edcd3f35cc39c91ed5be8a178d2fcd97567e8ab661d573278062bfc3c83acbfcdeec7f08d3c1197ccf830c883eaaa01e2cc44e91cdc1c47c03797528a9dd63cde259b4b211b57af121b125fefb26c110da83bbc150e2663a22273cc855cb3c52d02fd92db59a7c876d1a18e66cd64708aa478f3f10e726210dbbe2fb1afedb2034a7d59ad774e73f97d7b4b121cc25b90dd4fb5179816174dc4650b2da366d11a519f4310972944625c839b01040c712c635d967269c6c07189b5b1b496403e35e9ef01ecf7e795c357ae08b4736d2c1bcbe556cc671ffa37677b740baebaeb1b74c922d1ac83cb3ab86735d07ebffe072ca08ebd56d0ae89d5535a63bee75810468b1560534ecdb4a16495f9a7f42164df055942e94011848c5dac783a69fbdcac9c477850320af0c10da48775434088c7d090202f927463123639dbc1d48a871e4f20f75563f6dba586db6d12e2e7f36e7da4915037fcddb4413336b423f6b888bcf297fb8d33493e9fc2e992afeb1b83aaeaf46f4aba9bb0aa2708272ce5b0c90ef9f6c366c20e90d0f87aeba828196acdc4306131c515319776dfab27de1e3a501cfc560bd3a1dd29e54b87de9a01d0351184ed5cc3323cef72fd423dfbb0ac90eeec5474432ec1e4c64d68605c378320c0e97a3d89a409b7d969d6e116c2ba861f57418d8eaac5bff85c416ec5224d92df53d8f272c7e02e832bd21ef4d6b4a9bd307f8c1756c3e6c155bb2ce5807311d60b2fb31357c89119af443af2d3a4d08fb6221aaeee97bfdae51ebf6c51f98300033ec513ad6996041441d474ccf3a2548a11b94527ebc2e24d7519b1ded645da3af62060a4ae19eddc3bf331c4c762d9672de22558c655ba05338d985da134230fef2d0639743bdb4695517dd9e3733827050617b3cc792d12b3280e0000b22ad5130b27f9a5e25b965028874db5b5efdf881043e1279187294bbc35865af7662b23b9adf614a9af41fe4d0c9cfe62106a2bb6d294d3ca554062b2c7a0299f82fd5eb6841fedf096753b1a63a6b4dcce3837ee36062055c9f52b3272f411709db86d59db530fd1ed9cc2138817c290a2777d1d54cf4b7b2f8737444b58334a1c26f63ffda10b749b5796fa61ce6f74fecef2c4766a05d0468c1d7056beb8fa9cf7d51d5115690bcb889f09dbe01b1c55ac860a00cc159f6683d33fdca16d815fab5bbf00", 0x2000, &(0x7f0000000440)={&(0x7f0000000340)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x29, 0x0, 0x2000}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2m18.202483601s ago: executing program 2 (id=215):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="400000001000390400000000fbdbdf2500000061", @ANYRES32=r2, @ANYBLOB="01980400419a04002000128008000100736974001400028008000300ac1414bb050004"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendto$packet(r0, &(0x7f0000000400)="05d936277c6f5422007f83477ca1b278e3e4018a34e7bfd3de1a00ad6762646c95c716727eb53bcc", 0x28, 0x40880, &(0x7f0000000440)={0x11, 0x86dd, r2, 0x1, 0x4, 0x6, @local}, 0x14)

2m15.718001079s ago: executing program 2 (id=230):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "e88800", 0x14, 0x6, 0x0, @remote, @mcast2, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

2m15.068700936s ago: executing program 33 (id=230):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "e88800", 0x14, 0x6, 0x0, @remote, @mcast2, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

1m46.119258642s ago: executing program 4 (id=424):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='fd\x00')
fchdir(r0)
exit(0x3)
open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)

1m45.127901249s ago: executing program 4 (id=431):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240), 0x50)
unshare(0x20040400)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0x3)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x4, 0x9, 0x0, 0x2, 0x300}, {0x6e}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xc, 0x9}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m44.868506422s ago: executing program 4 (id=432):
rseq(&(0x7f0000001080)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
unshare(0x400)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000880)={[{@jqfmt_vfsv0}, {@nodioread_nolock}, {@noblock_validity}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@nodioread_nolock}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@noinit_itable}, {@mb_optimize_scan}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141442, 0x40)
fallocate(r0, 0x0, 0xfff, 0x9)
pwrite64(r0, &(0x7f0000000140)="48e5", 0x2, 0x6)

1m44.226669668s ago: executing program 4 (id=436):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x3000080, &(0x7f0000000300)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYRES8], 0x15, 0x2e3, &(0x7f0000000380)="$eJzs3U1rFEkcx/Ff9UySyWbIdh6WhT1mN7B7WbLZy7KXCTIvQjyImhkhOEQ0EdSLUTyJ6N27b8G3IHhR9CroyZMvYAShpaprnnu6ZyTTncHvBwyd7vp3/2v6oeo/YFoAfljn6h+e//vJ/jNSSSXp0f9SIKkilSX9ol8rtw6PD45bzUbKftqRY6OM4kgz0mj/sJkUW5GP8EL7W1nV/nWYjSiK9j5KOio6ERTK3f0JAmnJ351ueyX3zNLd/864k1POY94Ye1Zva7XoPAAAxfLjf+DH+aqfvweBtO2H/TM5/scWpo5ozySPsyRK3Wraavvx31VZkbHn92e3qVfvuRLObg86VeIkRx4+G4uKr6yBCabJqipdLsHy1YNW8+/9661GoAeqeX3NNt3PRnzpdmRku5VQm456P+HeFN8rSTPKFdeHBduH3TH5byTtbppPe1rmlXljLppQz9Tozv/KkbGnyZ2pcOhMxfnvjN+j62VoW8k/Nmq1WjDQZM0d5Dd/BC+jl5XkikSdK2pNg18QhFl5uqj1oai4d/9kRG3EUXvLA1G7nd/GRG0OHMv2pns1jz/erJkn5rzZ0me9UL1v/h/Y/LaVemf27hqzHQ8F7hOP+7OYfLiy22c4MnKc6EJ1cE33U1wal/qXKHUzvHf+CXwvpc1jXdF/Wj26c/daqdVq3rQLlxMWblS7axYeSoltClgI1Fujk96mJcVfRI5EdQalPFP961R3aJ8fmY3tXZZLB8/MlVDEQv11vhdSEQt5PKhQtN5Jz2z6MpeEkDc374rrv756ZcdN9uyPMGWenl5k9iqgyM6xuxVQZSB+3S39NFUFtzK+gpu05vr9T+mP7qqvUcYRQ5/nfIjSpn6WqeutLvH9PwAAAAAAAAAAAAAAAAAAwLzJ478TFN1HAAAAAAAAAAAAAAAAAAAAAADmXff9v+q8/1eTvf93+C9/l+I3vJzK+3+fHor3/wKz9y0AAP//SPqKJA==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x13760f6, 0x0)

1m42.660947195s ago: executing program 4 (id=448):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xe}, {0xffff, 0xffff}, {0x3, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{0xa, 0x29, 0x80, 0x9, 0xffffffff, 0x80091b1}, [@TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x3fff8000, 0xf7f, 0x4, 0x1}}]}]}}}]}, 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x2)
connect$inet6(r2, &(0x7f00000054c0)={0xa, 0x4e20, 0x0, @empty, 0x7}, 0x1c)
sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0)

1m42.165006648s ago: executing program 4 (id=450):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x1, 0x5800003a, r0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
read$FUSE(r1, &(0x7f0000004fc0)={0x2020}, 0x2020)

1m41.58604942s ago: executing program 34 (id=450):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x1, 0x5800003a, r0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
read$FUSE(r1, &(0x7f0000004fc0)={0x2020}, 0x2020)

1m37.867474045s ago: executing program 5 (id=482):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x4400, &(0x7f0000000640), 0x41, 0x75e, &(0x7f0000001100)="$eJzs3M9rHGUfAPDvTLNNf+R9Ny+8h/f1IEILLZROkubSnowX8VIoFLzWJZmEsJNsyW5qEwttPQu1uSgIonePXoVS/wBvUlDwLojWeBAvkdls0jbNxm2bZGv8fGCyz/PMPPt9vjuTJzOQZwP4x3qt/JFEDEXEpYiodtrTiDjcLh2JuLV+3OrDG5PllsTa2uWfk7JbrK5VN98r6bwej3aX+F9E3K9EnHn/6bjNpeV6rSjyhU59pDV3daS5tHx2dq42k8/k82PjF0bPj4+fHx3ftVxPvn3h6N1v3lxZ+fbL1p1XB84mMdHOOzq57Vqgx6x/JpWY2NI+vxfB+ijp4ZiBfRgHAAA7K+/zD3XuzSpRjUPu0gAAAODAWRtcAwAAAA68JPo9AgAAAGBvbfwfwMba3r1aB9vNT29ExPB28Qfaa4gjjkQlIo6tJk+sTEjWu8ELuXU7Iu5NbHP9JZ3r7/mNbqn3skaa/XWvnH8mtpt/0s35J7aZfwY2vjvhBXWf/x7FP9Rl/rvUY4yvPv1/pWv82xGvDGwXP9mMn3SJ/06P8e+sfHC32761zyNObfv3J3ki1g7fDzEyPVvs+Kt1/4/TD3bK/9hT8ZOkHTXZOf+rPeb/3uqv9W5zSRn/9Imdz/96/MEn+pXXxIedcaQRcbfzWtZXtsQ4Mffd109HTm5txJ/q8vlvf/7f2sz/sx7z/+GLwes9HgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtaUQMRZJmm+U0zbKI4xHx3ziWFo1m68x0Y3F+qtwXMRyVdHq2yEcjorpeT8r6WLv8qH5uS308Iv7z/dH1oLNFnk02iql+Jw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCm4xExFEmaRUQaEb9V0zTL+j0qAAAAYNcN93sAAAAAwJ7z/A8AAAAH3/M+/ye7PA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgQLt08WK5ra0+vDFZ1qeuLS3WG9fOTuXNeja3OJlNNhauZjONxkyRZ5ONub96vzQixi7E4vWRVt5sjTSXlq/MNRbnW1dm52oz+ZW8si9ZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8KyG2luSZhGRtstpmmUR/4qI4agk07NFPhoR/46IB9XKYFkf6/egAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2HXNpeV6rSjyBYW/YyGSiJdgGAr1WsSz9LoZL/uJ6/fMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAPzSXluu1osgXmv0eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP2V/phERLmdqp4c2rr3cPJ7tf0aEe9+cvmj67VWa2GsbP9ls731caf93GMdb+5nDgAAAHDgvf4sB288p288xwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPSqubRcrxVFvrCHhbjd7ywBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDn8WcAAAD//+Yew1w=")
chdir(&(0x7f0000000440)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x19)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x147040, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f00000000c0)={0x7f, 0x6, 0x401, 0x74, 0xf000000})
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f00000002c0)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

1m37.368809839s ago: executing program 5 (id=485):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r3=>0x0})
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/net\x00')
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010c25bd7000ffdbdf251400000008001d00", @ANYRES32=r4, @ANYBLOB="08000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x20040801}, 0x20000004)

1m35.07900337s ago: executing program 5 (id=500):
r0 = socket$inet6(0xa, 0x2, 0x0)
close(0x3)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0x3, 0x1, 0x8}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x2005, 0x4)
sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0xa, 0x1, 0x80000, @empty, 0xfffffffb}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=[@tclass={{0x18, 0x29, 0x32, 0xfffffff1}}], 0x18}, 0x40800)

1m34.803202553s ago: executing program 5 (id=503):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x3000080, &(0x7f0000000300)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYRES8], 0x15, 0x2e3, &(0x7f0000000380)="$eJzs3U1rFEkcx/Ff9UySyWbIdh6WhT1mN7B7WbLZy7KXCTIvQjyImhkhOEQ0EdSLUTyJ6N27b8G3IHhR9CroyZMvYAShpaprnnu6ZyTTncHvBwyd7vp3/2v6oeo/YFoAfljn6h+e//vJ/jNSSSXp0f9SIKkilSX9ol8rtw6PD45bzUbKftqRY6OM4kgz0mj/sJkUW5GP8EL7W1nV/nWYjSiK9j5KOio6ERTK3f0JAmnJ351ueyX3zNLd/864k1POY94Ye1Zva7XoPAAAxfLjf+DH+aqfvweBtO2H/TM5/scWpo5ozySPsyRK3Wraavvx31VZkbHn92e3qVfvuRLObg86VeIkRx4+G4uKr6yBCabJqipdLsHy1YNW8+/9661GoAeqeX3NNt3PRnzpdmRku5VQm456P+HeFN8rSTPKFdeHBduH3TH5byTtbppPe1rmlXljLppQz9Tozv/KkbGnyZ2pcOhMxfnvjN+j62VoW8k/Nmq1WjDQZM0d5Dd/BC+jl5XkikSdK2pNg18QhFl5uqj1oai4d/9kRG3EUXvLA1G7nd/GRG0OHMv2pns1jz/erJkn5rzZ0me9UL1v/h/Y/LaVemf27hqzHQ8F7hOP+7OYfLiy22c4MnKc6EJ1cE33U1wal/qXKHUzvHf+CXwvpc1jXdF/Wj26c/daqdVq3rQLlxMWblS7axYeSoltClgI1Fujk96mJcVfRI5EdQalPFP961R3aJ8fmY3tXZZLB8/MlVDEQv11vhdSEQt5PKhQtN5Jz2z6MpeEkDc374rrv756ZcdN9uyPMGWenl5k9iqgyM6xuxVQZSB+3S39NFUFtzK+gpu05vr9T+mP7qqvUcYRQ5/nfIjSpn6WqeutLvH9PwAAAAAAAAAAAAAAAAAAwLzJ478TFN1HAAAAAAAAAAAAAAAAAAAAAADmXff9v+q8/1eTvf93+C9/l+I3vJzK+3+fHor3/wKz9y0AAP//SPqKJA==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x13760f6, 0x0)

1m33.982877736s ago: executing program 5 (id=507):
pipe2(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3fe)
fcntl$setstatus(r0, 0x4, 0x7c00)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="44010000090601"], 0x144}, 0x1, 0x0, 0x0, 0x40015}, 0x44080)

1m33.325811653s ago: executing program 5 (id=510):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000370400000000ffffffff00000000", @ANYRES32=r2, @ANYBLOB="0b12050081010000240012800b00010069703667726500001400020008000100", @ANYRES32=r2, @ANYBLOB="0800050003"], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)

1m32.646145402s ago: executing program 35 (id=510):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000370400000000ffffffff00000000", @ANYRES32=r2, @ANYBLOB="0b12050081010000240012800b00010069703667726500001400020008000100", @ANYRES32=r2, @ANYBLOB="0800050003"], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)

5.336474993s ago: executing program 8 (id=1107):
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
r0 = syz_io_uring_setup(0x40f, &(0x7f0000000000)={0x0, 0x0, 0x300}, &(0x7f0000000180)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_setup(0x2bac, &(0x7f0000000340), &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000000))
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x2a, 0x0, @fd_index=0x3})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x80000004, 0x0, 0x4)
io_uring_enter(r0, 0x1469, 0x0, 0x0, 0x0, 0x0)

4.914741589s ago: executing program 8 (id=1111):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x800, 0xffffffff, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x300)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000480)="9a", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

4.68591501s ago: executing program 8 (id=1113):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x88, &(0x7f0000000080)={[{@barrier}, {@autodefrag}, {@noacl}, {@compress_algo={'compress', 0x3d, 'no'}}, {@clear_cache}, {@noacl}, {@max_inline={'max_inline', 0x3d, [0x30, 0x37, 0x34, 0x74]}}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents64(r0, 0x0, 0x0)
fdatasync(r0)
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000300))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a00)='./bus/file0\x00')

4.21943458s ago: executing program 1 (id=1117):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x3c}}, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000540)={'veth1_macvtap\x00', 0xc26d})

3.870514441s ago: executing program 1 (id=1121):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x2, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000340)='./file1\x00', 0x86442, 0x10)
dup3(r1, r0, 0x0)
io_setup(0x2, &(0x7f0000000400)=<r2=>0x0)
io_submit(r2, 0x3f0a, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x4, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}])

3.630568682s ago: executing program 7 (id=1123):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x0, 0x0, 0x0, 0x80000002}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
io_pgetevents(r0, 0x3, 0x3, &(0x7f0000000440)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)

3.588801286s ago: executing program 0 (id=1124):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x862b01)
r1 = syz_io_uring_setup(0x7aa5, &(0x7f0000000140)={0x0, 0x8aee2, 0x10, 0x1, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8040}})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000b40)={0x52, 0x1, 0x6, {0x1017, 0x1}, {0x5f, 0x1}, @cond=[{0x5, 0x6, 0x8, 0x8003, 0x3ecb, 0x9}, {0x600, 0x8000, 0x4, 0x4, 0x1ab1, 0xe00}]})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

3.369668875s ago: executing program 7 (id=1126):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfb, {{@in6=@private0, @in=@broadcast, 0x4e21, 0x4, 0x0, 0x0, 0xa, 0x60, 0x0, 0x3b, 0x0, 0xee01}, {0x0, 0x4001, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe, 0x8}, 0x9, 0x0, 0x0, 0x1, 0x2, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0xb8}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)

3.103004128s ago: executing program 0 (id=1128):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000500)={0xa4, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)=@x86={0x7f, 0x3, 0xfd, 0x0, 0x7fffffff, 0x7e, 0xcb, 0x10, 0x7, 0x9, 0xb, 0x8, 0x0, 0x10003, 0x3f, 0xff, 0x4, 0x2, 0x12, '\x00', 0xb})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000340))

3.090037459s ago: executing program 7 (id=1129):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_TSC_KHZ_cpu(r2, 0xaea2, 0xfffffffffffffffb)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.954178221s ago: executing program 0 (id=1130):
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="74000000090601"], 0x74}, 0x1, 0x0, 0x0, 0x10040007}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0b01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000140)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef)

2.895296536s ago: executing program 1 (id=1131):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000300)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
listen(r0, 0x9)
r1 = socket$netlink(0x10, 0x3, 0x4)
write(r1, &(0x7f00000002c0)="29000000140005b7ff00000004eabdeb0101b6ff02159f7e5520756b1933b49db96ad24d12595fbea5", 0x29)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r1)

2.633742259s ago: executing program 1 (id=1132):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x3, 0x0, 0x3fc, 0x7, 0x32}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

2.520825959s ago: executing program 6 (id=1133):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1000)

2.3993073s ago: executing program 7 (id=1134):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000400)='.\x00', 0xa4000921)
read(r0, 0x0, 0x20)
close(r0)
open(&(0x7f0000000040)='./file0\x00', 0x40, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x180)

2.161917891s ago: executing program 8 (id=1135):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a3000000000140000001100"], 0x50}}, 0x0)
sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x14, 0xa, 0xa, 0x101}, 0x14}}, 0x0)

2.141451603s ago: executing program 0 (id=1136):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b00"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='bridge0\x00', 0x10)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)

2.075243558s ago: executing program 7 (id=1137):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540))
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x12}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='ns\x00')
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000140)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff0924031300010005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)

1.959965639s ago: executing program 6 (id=1138):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000240)={@val={0x0, 0x805}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}, @val={@void, {0x88a8, 0x0, 0x0, 0x2}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x3, 0x14, 0x67, 0xe000, 0x7f, 0x73, 0x0, @private=0xa010101, @initdev={0xac, 0x1e, 0x3, 0x0}}}}}}}, 0x2a)

1.799810062s ago: executing program 1 (id=1139):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000240)='\xfb\\}\x00', 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x41}, 0x94)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ec2300003d00090000000000000000000100000004000000cc230180", @ANYRES32, @ANYBLOB="0400a180643f4c3a679d00c26d43e8a23cc5c94281f08c5e366ff4e93bf5650a2220d9cd7cb1c3d8487360df5297304716828683bba82a9a64d7826890fa2e2909f92ee062cfaea07cd7995764d62a81369439b199b40e01b59f534d406edd90f9ed655ff963723e1af22f5fc181762621f7718141bba2e06c266e1c961139e0fc7cb0d8de8241c32685d117bc132814f736a3749edd6a3a7a4355046793397aba77775dd22e36159b44d8e541cd6273e3aac7d6a6cd4698a70ff0e4c081fdfdb5fef6445c7610da3d96990a00a10886491df2b5e43cc775e3be6d25200be377c9f8f4f002ad08c42182a1c183ac9ead2da9107bff184fea0fe9853e0399866b288673671f65f182b4349c8ac28def62955c8ed40351c526ec392904a53cdfdd4df76a2c964d0202d7be23a151931e442aca8f8af928c5c3a3b74c80016b7879f64bd8e1e0b98506b1506a5fa122e1a456332305c47033195f519d0bd5e73ac0881358b403d4737b07f5ed562d1958faa2e637623818bcc0a25487e215ff4931c7afa9108103687eb8162c809ad3e90f37978d40e942d59f39dc72a67b1d6887b10462000b08acd583c28e7ff15fe5ed415c1ea3bc037976ab050b3427e95c603ab871a8b3e5895c9bf21ade1ac1ed7c03ff543a260df7816104092894754592e833f0a6ef878b1cb1462714301aa70081983111bae4392602aa6e99b88910d5c4a736a60e4012c15ab980ce40a24a8c6bdf42073767827e63d6d02b46c594628c18fbc55b0abfac7f675d518e30601b6620625fc3737accfd72ee88ddec50285efff663781edfd5db72715dfc536633c9b9a8e6ca19821b13d9568d1735710408967f5d6d6171f687a23a40479bb07d4279a0b7ea73c95cb6fd5bf8784df32576545df7ccfcf005330333da7a454760b34d3365b8ab9ecd563a7ebc7bc9fdf3086677ef1098e25277d233d77da69e9f1cebb5fbb519096175d710ceedceefdedba6bc18072f419469da64cdb69d0f7e57ab39b36455c6f683090fb0ef53a1e9f9b3d833bd68d01d06321cc53cbc893cc88ca88f845ac20560064a8fa769956177f9f60440f1f9d56bdb8fb0661afcf37f8c7edc7454d8bad14a9e40503da0008a61249f7e4741bf15fde0d0cd4e4bde7f7fcde001237fa36bed8c7e5c72a729135a11650dcb379c4e9e3372357c9a7ed16e7bf67bc808eebf60b174f783be8eba3c21c74bbc9c3650b064181b06980660966b83ae32885d30b0a6e07c2678fe75ada53604ed75a01bd99fac8c97921ef006de572091bf93bc7f833545f2be3dac8c2f141e3db24f1ec09a20de5d6d54262b6c3c6043b241a414de08beb86627b274a0b9d028951157622d3ee746c891c51309f430c3efe3e8f1bd79cdffcfd72d01bbbbb6ccd47e0caf8aa984d963d98086f3c27693080af978d997e2a4443b402b8db398302f45c8ee863bee8c57d6be969cb307b968a4da7710b799c37b37abf13532c2feb173aceb28b8013eb9a300df9c4aac76c8a2c41e25744512e134117025bd678d3f30e99302bd98047229c2456ccb4a46f23a47bd37ecfb45515f26071589368e8962a83f2ff117420f2a6efd44582ecd3a000c20dcaadeaf68251e5c5cc68d6edf08c58d023510dd42df1ed80c69aa7fba721209627d99dcbff01de6695676ff679a062edd8088ab2688f75472fa2ea059c629744db155506175eaa589d99ed13a39e4de5425a46e35a9a0522c8a2c99854b0fb25ba68cda6c3fe5220ad6f021c923e61ccb37bf1460832560667466559a2ab98b6c057282cd6c40f875045a58e57fdd2c50563e81436026f52742cda191a51cd9bc740add6b327d7baea3e2484ed17f3e44c654a941d3e3e4a4998789f4357dbc9c180ca328b256d81359b37d93cfd5e0e46231cf4eaac0b900a9172a939f373322a9262d65ea22b949acbc441c5d15d66e9e06f838d1eba5e489de0e485aad4680802eb8429a8c929cc2a0708d50fdedf0a9f82a8de8a4ec3c5ee90d114af6520b5fa8b806553a2f3e1a34e11c0910"], 0x23ec}}, 0x0)

1.37243407s ago: executing program 6 (id=1140):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x9, 0x4, 0x4, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x1, 0x8, 0x2, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r1}, 0xc)

1.300771646s ago: executing program 8 (id=1141):
r0 = fsopen(&(0x7f0000000140)='ocfs2_dlmfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x2100, 0x102)
lseek(r2, 0x103, 0x1)

1.162439358s ago: executing program 6 (id=1142):
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x11f8, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{0x0}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r0})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

997.736813ms ago: executing program 8 (id=1143):
syz_read_part_table(0x105c, &(0x7f0000002100)="$eJzsz7GNwkAUBNCxb6XzyTrsEkgQFVECEikduB4CaqAiMosQZIMQFQDBe8Fqdmd/8MOH/b/kcZ9cum3zk7TH+aVKWY9zqv+SdgrN/W9JMiznpqQqKTnthjapkyz6rKbmdzq650iGJOdr+upx3xzetSUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfLNbAAAA//9Begso")
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
syz_clone3(&(0x7f0000000300)={0x23800000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x8)

997.523802ms ago: executing program 0 (id=1144):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
inotify_init1(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x1, 0x2002, 0x6, 0x0, 0x1, 0xcaff}, 0x50)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8c, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

918.01202ms ago: executing program 6 (id=1145):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xd8}, 0x1, 0x0, 0x0, 0x20040000}, 0x48000)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
wait4(r0, 0x0, 0x8, 0x0)
ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000180)={0x0})

886.656902ms ago: executing program 1 (id=1146):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000080)={0x6b19, 0x1, 0xffff, 0x400e0a, 0x7f, "203c00ff765e000080ffffffff4000", 0x8, 0x5})
socket$inet6(0xa, 0x3, 0x6)
pipe(&(0x7f0000000780)={<r1=>0xffffffffffffffff})
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

355.255189ms ago: executing program 6 (id=1147):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080)={[{@auto_da_alloc}, {@mblk_io_submit}]}, 0x1, 0x569, &(0x7f0000000a00)="$eJzs3d1rm9UfAPDvkzZ7//3WwRgqIgUvnMyla+vLBC/mtQ4Gej9D+6yMpsto0rHWgduFu5bhnQPxXrz2UvwHvPBvGOhgyCiCeBN50idZ2iZtuqUvms8HnnK+z0vPOXlyTs7JSUgAQ2s8+1OIeDkivkoiTkZEkh8bjfzg+Np5q0/vzGRbEo3GJ38kzfOyuPW/Wtcdz4OXIuLnLyPOFTbnW1temS9XKuliHk/UF25O1JZXzl9fKM+lc+mNqenpi+9MT73/3rsDq+ubV7KCjOTRqQdJXIoTedRZjxdwtzMYj/H8MSnGpQ0nTg4gs4Mk6br3hz0vBzszkrfzYmR9wMkYyVs98N/3RUQ0gCGV7Lj9/1rcnZIAe6s1DmjN7Qc0D/7XePLh2gRoc/1H194biSPNudGx1WTdzCib744NIP8sjx9/f/gg22Jw70MAbOvuvYi4MDq6uf9L8v7v+V3o45yNeej/YO/8lI1/3uo2/im0xz/RZfxzvEvbfR7bt//C4wFk01M2/vug6/i3vWg1NpJH/2uO+YrJteuVNOvb/h8RZ6N4OIu3Ws+5uPqo0etY5/gv27L8W2PBvByPRw+vv2a2XC+/SJ07PbkX8UrX8W/Svv/J2v1ft8STPR5X+szjTPrwtV7Htq//7mp8F/FG1/v/rLrJ1uuTE83nw0TrWbHZn/fP/NIr//2uf3b/j21d/7Gkc722tvM8vj3ydxrt9eT11tU/+n/+H0o+baYP5ftul+v1xcmIQ8nH7f2F1v6pZ9e24tb5Wf3Pvr51/5d06f+ORsRnfdb//unvX+117CDc/9mu9789u91w/3eeePTR59/0yr+//u/tZupsvqef/q/fAr7IYwcAAAAAAAAHTSEiTkRSKLXThUKptPb5jtNxrFCp1urnrlWXbsxG87uyY1EstFa6T3Z8HmIyXzFsxVMb4umIOBURX48cbcalmWpldr8rDwAAAAAAAAAAAAAAAAAAAAfE8R7f/8/8NrLfpQN2nZ/8huG1bfsfxC89AQeS138YXto/DK++2n9x98sB7D2v/zC8tH8YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAADdeXy5WxrrD69M5PFs7eWl+art87PprX50sLSTGmmunizNFetzlXS0kx1Ybv/V6lWb05OxdLtiXpaq0/UlleuLlSXbtSvXl8oz6VXU78iBgAAAAAAAAAAAAAAAAAAAJvVllfmy5VKuigxxIm/Go3G814+ut+Fl9iVxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwzD8BAAD//1hdMq0=")
setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1)
syz_emit_ethernet(0x2e, &(0x7f0000000480)=ANY=[@ANYBLOB="0180c20000020000000000000004aa0095cc51490017813f5b24603720848d97371b53bd863b35e33b0639609514083e70bd6193bea83c3c99b472b1"], 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000000)=ANY=[], 0x361, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000340)='./file1\x00', &(0x7f0000000400), 0x0, 0x0, 0x2)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000440)=ANY=[], 0xfe37, 0x0)

198.809943ms ago: executing program 7 (id=1148):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200002343ffff0000000000000000850000004100000095"], &(0x7f00000000c0)='GPL\x00'}, 0x4e)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001580)={r1, r2, 0x25, 0x2, @val=@netkit}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000440)=ANY=[], 0x0)

0s ago: executing program 0 (id=1149):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x8c66)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x200000, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000240)={0x27800000000, 0x0, 0x1, r2, 0x1})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x27800000000, 0x0, 0x1, r2, 0x1})

kernel console output (not intermixed with test programs):

[  145.554200][    C1] Buffer I/O error on dev loop4, logical block 19, lost async page write
[  145.555495][   T11] loop: Write error at byte offset 9223372036854779903, length 512.
[  145.654727][ T5910] syz.6.437 (5910) used greatest stack depth: 19120 bytes left
[  145.680978][ T5927] loop5: detected capacity change from 0 to 8
[  145.762742][   T11] loop: Write error at byte offset 9223372036854779903, length 512.
[  145.815365][   T11] loop: Write error at byte offset 9223372036854779903, length 512.
[  145.876417][    C1] I/O error, dev loop4, sector 8 op 0x1:(WRITE) flags 0x0 phys_seg 4 prio class 2
[  145.885738][    C1] Buffer I/O error on dev loop4, logical block 8, lost async page write
[  145.894183][    C1] Buffer I/O error on dev loop4, logical block 9, lost async page write
[  145.902756][    C1] Buffer I/O error on dev loop4, logical block 10, lost async page write
[  146.133444][ T4274] hfs: walked past end of dir
[  146.160472][ T5937] input: syz0 as /devices/virtual/input/input11
[  146.233163][ T5939] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  146.284252][ T5939] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  146.298503][ T4769] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  146.340324][ T5942] loop0: detected capacity change from 0 to 4096
[  146.386703][ T5939] overlayfs: failed to create directory ./bus/work (errno: 17); mounting read-only
[  146.397782][ T5942] EXT4-fs: inline encryption not supported
[  146.437199][ T5942] EXT4-fs (loop0): Test dummy encryption mode enabled
[  146.460192][ T5942] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  146.486373][ T4769] usb 2-1: Using ep0 maxpacket: 16
[  146.494757][ T4769] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.506381][ T5942] System zones: 0-5
[  146.517683][ T5942] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  146.554958][ T4274] hfs: unable to read volume bitmap
[  146.578206][ T4769] usb 2-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  146.636370][ T4769] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.686779][ T4769] usb 2-1: config 0 descriptor??
[  146.787191][ T4266] EXT4-fs (loop0): unmounting filesystem.
[  146.922539][ T5887] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.066888][ T5887] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.157603][ T4769] magicmouse 0003:05AC:0269.0006: hidraw0: USB HID v0.00 Device [HID 05ac:0269] on usb-dummy_hcd.1-1/input0
[  147.268443][ T5887] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.367952][ T4769] usb 2-1: USB disconnect, device number 7
[  147.385424][ T5965] loop6: detected capacity change from 0 to 1024
[  147.439523][ T5887] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.496099][ T5958] fido_id[5958]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  147.563538][   T27] audit: type=1804 audit(1771622397.245:22): pid=5967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.454" name="/newroot/29/file1/file1" dev="loop6" ino=20 res=1 errno=0
[  147.585004][    C0] vkms_vblank_simulate: vblank timer overrun
[  147.612018][ T5967] hfsplus: request for non-existent node 16777216 in B*Tree
[  147.701668][ T5967] hfsplus: request for non-existent node 16777216 in B*Tree
[  147.709829][   T27] audit: type=1804 audit(1771622397.385:23): pid=5965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.454" name="/newroot/29/file1/file1" dev="loop6" ino=20 res=1 errno=0
[  147.813638][   T27] audit: type=1800 audit(1771622397.435:24): pid=5967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.454" name="file1" dev="loop6" ino=20 res=0 errno=0
[  147.851036][ T5973] netlink: 'syz.5.457': attribute type 11 has an invalid length.
[  147.925738][ T5887] tipc: Left network mode
[  148.344215][ T4283] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  148.357941][ T4283] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  148.378215][ T4283] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  148.388337][ T4283] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  148.396884][ T4283] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  148.405355][ T4283] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  148.466382][ T4848] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  148.656223][ T4848] usb 7-1: Using ep0 maxpacket: 32
[  148.664774][ T4848] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.713745][ T4848] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.755162][ T4848] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  148.785303][ T4848] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.800628][ T4848] usb 7-1: config 0 descriptor??
[  149.064123][ T6012] set_capacity_and_notify: 1 callbacks suppressed
[  149.064139][ T6012] loop1: detected capacity change from 0 to 1024
[  149.091068][ T6009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.468'.
[  149.125101][ T6009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.468'.
[  149.142872][ T6009] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  149.151952][ T6009] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  149.160793][ T6009] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  149.169644][ T6009] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  149.234517][ T6014] netlink: 4 bytes leftover after parsing attributes in process `syz.5.470'.
[  149.265912][   T27] audit: type=1804 audit(1771622398.945:25): pid=6016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.469" name="/newroot/101/file1/file1" dev="loop1" ino=20 res=1 errno=0
[  149.287002][    C0] vkms_vblank_simulate: vblank timer overrun
[  149.305317][ T4848] savu 0003:1E7D:2D5A.0007: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0
[  149.319964][   T27] audit: type=1800 audit(1771622399.005:26): pid=6012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.469" name="file1" dev="loop1" ino=20 res=0 errno=0
[  149.543372][ T4769] usb 7-1: USB disconnect, device number 3
[  149.607201][ T6017] fido_id[6017]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/7-1/report_descriptor': No such file or directory
[  149.620372][ T6020] loop1: detected capacity change from 0 to 1024
[  149.689417][ T6009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.468'.
[  149.714564][ T6009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.468'.
[  149.940605][ T5986] chnl_net:caif_netlink_parms(): no params data found
[  149.984606][ T4349] hfsplus: b-tree write err: -5, ino 3
[  150.112156][ T6030] loop5: detected capacity change from 0 to 512
[  150.142854][ T6030] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[  150.167404][ T6030] UDF-fs: Scanning with blocksize 512 failed
[  150.200166][ T6030] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[  150.242448][ T6030] UDF-fs: Scanning with blocksize 1024 failed
[  150.297240][ T6030] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[  150.336351][ T6030] UDF-fs: Scanning with blocksize 2048 failed
[  150.370247][ T6030] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  150.426471][ T4283] Bluetooth: hci4: command 0x0409 tx timeout
[  150.488055][ T6030] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  150.720203][ T6030] syz.5.475: attempt to access beyond end of device
[  150.720203][ T6030] loop5: rw=2049, sector=520, nr_sectors = 120 limit=512
[  150.864889][ T5986] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.910649][ T5986] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.936557][ T5986] device bridge_slave_0 entered promiscuous mode
[  150.978597][ T6054] loop0: detected capacity change from 0 to 2048
[  151.039098][ T6054] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  151.119394][ T6056] loop5: detected capacity change from 0 to 2048
[  151.120657][ T5887] device hsr_slave_0 left promiscuous mode
[  151.161696][ T4431] udevd[4431]: incorrect nilfs2 checksum on /dev/loop0
[  151.171283][ T5887] device hsr_slave_1 left promiscuous mode
[  151.178378][ T6062] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  151.209411][ T5887] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  151.227741][ T6056] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  151.242458][ T5887] batman_adv: batadv0: Removing interface: batadv_slave_0
[  151.249941][ T6056] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  151.279966][ T5887] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.298746][ T5887] batman_adv: batadv0: Removing interface: batadv_slave_1
[  151.338697][ T5887] device bridge_slave_1 left promiscuous mode
[  151.344969][ T5887] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.396492][ T5887] device bridge_slave_0 left promiscuous mode
[  151.407923][ T5887] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.432833][ T4886] EXT4-fs (loop5): unmounting filesystem.
[  151.552646][ T5887] device veth1_macvtap left promiscuous mode
[  151.570961][ T5887] device veth0_macvtap left promiscuous mode
[  151.584967][ T5887] device veth1_vlan left promiscuous mode
[  151.625212][ T5887] device veth0_vlan left promiscuous mode
[  152.435700][ T6099] loop6: detected capacity change from 0 to 128
[  152.464526][ T6099] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  152.487173][ T6099] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.506398][ T4275] Bluetooth: hci4: command 0x041b tx timeout
[  152.525102][ T6099] EXT4-fs error (device loop6): ext4_check_dx_root:2266: inode #2: comm syz.6.496: Corrupt dir, invalid name for '.', running e2fsck is recommended
[  152.597105][ T5160] EXT4-fs (loop6): unmounting filesystem.
[  152.657648][ T6104] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  153.022277][ T5887] team0 (unregistering): Port device team_slave_1 removed
[  153.070370][ T5887] team0 (unregistering): Port device team_slave_0 removed
[  153.115823][ T5887] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  153.161365][ T5887] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  153.478541][ T5887] bond0 (unregistering): Released all slaves
[  153.559471][ T5986] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.567421][ T5986] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.575500][ T5986] device bridge_slave_1 entered promiscuous mode
[  153.781269][ T5986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  153.816101][ T5986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  153.978492][ T5986] team0: Port device team_slave_0 added
[  154.014217][ T5986] team0: Port device team_slave_1 added
[  154.107392][ T6126] loop5: detected capacity change from 0 to 64
[  154.186359][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.204362][ T6126] loop5: detected capacity change from 64 to 0
[  154.208749][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.247129][   T33] lo_write_bvec: 25 callbacks suppressed
[  154.247143][   T33] loop: Write error at byte offset 9223372036854783999, length 512.
[  154.247860][ T5888] loop: Write error at byte offset 9223372036854807551, length 512.
[  154.258792][   T33] loop: Write error at byte offset 9223372036854783999, length 512.
[  154.302442][    C1] blk_print_req_error: 7 callbacks suppressed
[  154.302456][    C1] I/O error, dev loop5, sector 62 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  154.318154][    C1] buffer_io_error: 25 callbacks suppressed
[  154.318166][    C1] Buffer I/O error on dev loop5, logical block 62, lost sync page write
[  154.382554][    C1] I/O error, dev loop5, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  154.393354][ T6130] hfs: unable to read volume bitmap
[  154.393888][   T33] loop: Write error at byte offset 9223372036854783999, length 512.
[  154.413801][ T5986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.434580][   T33] loop: Write error at byte offset 9223372036854783999, length 512.
[  154.444872][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.477626][    C0] I/O error, dev loop5, sector 16 op 0x1:(WRITE) flags 0x0 phys_seg 4 prio class 2
[  154.487027][    C0] Buffer I/O error on dev loop5, logical block 16, lost async page write
[  154.495532][    C0] Buffer I/O error on dev loop5, logical block 17, lost async page write
[  154.504025][    C0] Buffer I/O error on dev loop5, logical block 18, lost async page write
[  154.512514][    C0] Buffer I/O error on dev loop5, logical block 19, lost async page write
[  154.521054][   T33] loop: Write error at byte offset 9223372036854779903, length 512.
[  154.529202][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.577784][   T33] loop: Write error at byte offset 9223372036854779903, length 512.
[  154.585822][   T33] loop: Write error at byte offset 9223372036854779903, length 512.
[  154.596443][ T4275] Bluetooth: hci4: command 0x040f tx timeout
[  154.605921][   T33] loop: Write error at byte offset 9223372036854779903, length 512.
[  154.626179][ T5986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.639262][    C0] I/O error, dev loop5, sector 8 op 0x1:(WRITE) flags 0x0 phys_seg 4 prio class 2
[  154.648542][    C0] Buffer I/O error on dev loop5, logical block 8, lost async page write
[  154.656957][    C0] Buffer I/O error on dev loop5, logical block 9, lost async page write
[  154.665325][    C0] Buffer I/O error on dev loop5, logical block 10, lost async page write
[  154.673838][    C0] Buffer I/O error on dev loop5, logical block 11, lost async page write
[  154.684348][ T4349] loop: Write error at byte offset 9223372036854783999, length 512.
[  154.707003][    C1] I/O error, dev loop5, sector 16 op 0x1:(WRITE) flags 0x800 phys_seg 4 prio class 2
[  154.716632][    C1] Buffer I/O error on dev loop5, logical block 16, lost async page write
[  154.734226][    C1] I/O error, dev loop5, sector 8 op 0x1:(WRITE) flags 0x800 phys_seg 4 prio class 2
[  154.795492][ T6137] loop1: detected capacity change from 0 to 256
[  154.812755][ T4886] hfs: walked past end of dir
[  154.844896][ T6137] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[  154.880610][ T5986] device hsr_slave_0 entered promiscuous mode
[  154.927714][ T5986] device hsr_slave_1 entered promiscuous mode
[  154.975391][ T5986] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  154.997242][ T6121] loop6: detected capacity change from 0 to 32768
[  155.018256][ T5986] Cannot create hsr debugfs directory
[  155.033502][ T6121] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 scanned by syz.6.502 (6121)
[  155.123996][ T6141] loop0: detected capacity change from 0 to 4096
[  155.170586][ T6121] BTRFS info (device loop6): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  155.215896][ T6121] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  155.236719][ T6121] BTRFS info (device loop6): max_inline at 93
[  155.275359][ T6121] BTRFS info (device loop6): using free space tree
[  155.293642][ T6145] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  155.315287][    C0] I/O error, dev loop5, sector 16 op 0x1:(WRITE) flags 0x0 phys_seg 4 prio class 2
[  155.320659][    C1] I/O error, dev loop5, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.324873][    C0] I/O error, dev loop5, sector 8 op 0x1:(WRITE) flags 0x0 phys_seg 4 prio class 2
[  155.333885][ T4886] hfs: unable to read volume bitmap
[  155.383930][    C1] I/O error, dev loop5, sector 16 op 0x1:(WRITE) flags 0x800 phys_seg 4 prio class 2
[  155.579045][ T6121] BTRFS info (device loop6): enabling ssd optimizations
[  155.749196][ T5887] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.793954][ T5887] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.934646][ T5160] BTRFS info (device loop6): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  156.068323][ T5887] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  156.096550][ T5887] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.457863][ T5887] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  156.516863][ T5887] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.666380][ T4275] Bluetooth: hci4: command 0x0419 tx timeout
[  156.687578][ T5887] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  156.741104][ T5887] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.005325][ T4275] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  157.020463][ T5986] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  157.027872][ T4275] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  157.049452][ T4275] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  157.058646][ T4275] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  157.069417][ T4275] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  157.078920][ T4275] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  157.110023][ T5986] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  157.162994][ T5986] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  157.268514][ T5986] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  157.798612][ T6213] loop6: detected capacity change from 0 to 1024
[  157.847751][ T5986] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.861026][ T6213] hfsplus: xattr searching failed
[  157.866787][   T27] audit: type=1800 audit(1771622407.555:27): pid=6213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.524" name="file1" dev="loop6" ino=2 res=0 errno=0
[  157.893945][ T6213] hfsplus: xattr searching failed
[  157.930943][ T6213] hfsplus: xattr searching failed
[  157.962695][ T5986] 8021q: adding VLAN 0 to HW filter on device team0
[  157.979116][ T6213] hfsplus: xattr searching failed
[  158.037784][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  158.059465][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  158.167833][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  158.191897][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  158.232126][   T33] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.239949][   T33] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.297349][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  158.327450][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  158.355299][   T33] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.362560][   T33] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.444698][ T6190] chnl_net:caif_netlink_parms(): no params data found
[  158.490309][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  158.507336][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  158.637440][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  158.677299][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  158.706836][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  158.721846][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  158.748415][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  158.757599][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  158.818194][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  158.828437][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  158.840614][ T5888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  158.859576][ T5888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  158.962569][ T5986] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  159.146755][ T4283] Bluetooth: hci2: command 0x0409 tx timeout
[  159.464587][ T6190] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.498004][ T6190] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.519809][ T6190] device bridge_slave_0 entered promiscuous mode
[  159.559431][ T6245] loop0: detected capacity change from 0 to 40427
[  159.576571][ T6190] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.594072][ T6190] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.612698][ T6190] device bridge_slave_1 entered promiscuous mode
[  159.672070][ T6245] F2FS-fs (loop0): Found nat_bits in checkpoint
[  159.855866][ T6245] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  159.915878][ T6265] netlink: 27 bytes leftover after parsing attributes in process `syz.1.537'.
[  159.934109][ T6245] syz.0.534: attempt to access beyond end of device
[  159.934109][ T6245] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  160.039942][ T6272] syz.0.534: attempt to access beyond end of device
[  160.039942][ T6272] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  160.097670][ T5887] device hsr_slave_0 left promiscuous mode
[  160.108305][ T5887] device hsr_slave_1 left promiscuous mode
[  160.118400][ T6272] syz.0.534: attempt to access beyond end of device
[  160.118400][ T6272] loop0: rw=2049, sector=77920, nr_sectors = 40 limit=40427
[  160.140384][ T5887] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.149510][ T5887] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.149678][ T6277] capability: warning: `syz.1.539' uses 32-bit capabilities (legacy support in use)
[  160.180911][ T5887] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.200548][ T5887] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.221445][ T5887] device bridge_slave_1 left promiscuous mode
[  160.238280][ T5887] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.251672][ T4266] syz-executor: attempt to access beyond end of device
[  160.251672][ T4266] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  160.277047][ T5887] device bridge_slave_0 left promiscuous mode
[  160.283388][ T5887] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.397593][ T5887] device veth1_macvtap left promiscuous mode
[  160.403776][ T5887] device veth0_macvtap left promiscuous mode
[  160.434803][ T5887] device veth1_vlan left promiscuous mode
[  160.447419][ T4369] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  160.457528][ T5887] device veth0_vlan left promiscuous mode
[  160.638857][ T4369] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  160.658447][ T4369] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.679656][ T4369] usb 2-1: config 0 descriptor??
[  160.700642][ T4369] gspca_main: cpia1-2.14.0 probing 0813:0001
[  161.114857][ T4369] cpia1 2-1:0.0: unexpected state after lo power cmd: 00
[  161.227565][ T4283] Bluetooth: hci2: command 0x041b tx timeout
[  161.252549][ T6297] syz.0.545[6297] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  161.252733][ T6297] syz.0.545[6297] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  161.590033][ T6301] loop0: detected capacity change from 0 to 512
[  161.618251][ T6301] EXT4-fs: Ignoring removed i_version option
[  161.624414][ T6301] EXT4-fs: Ignoring removed oldalloc option
[  161.662245][ T6301] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  161.721295][ T4369] gspca_cpia1: usb_control_msg 05, error -71
[  161.731645][ T4369] cpia1 2-1:0.0: unexpected systemstate: 00
[  161.761139][ T4369] usb 2-1: USB disconnect, device number 8
[  161.829945][ T5887] team0 (unregistering): Port device team_slave_1 removed
[  161.898412][ T5887] team0 (unregistering): Port device team_slave_0 removed
[  161.929325][ T4266] EXT4-fs (loop0): unmounting filesystem.
[  161.964569][ T5887] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  162.043138][ T5887] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  162.537282][ T5887] bond0 (unregistering): Released all slaves
[  162.644407][ T6190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  162.678504][ T6284] device veth0 entered promiscuous mode
[  162.685771][ T6284] device veth0 left promiscuous mode
[  162.707061][ T6287] netlink: 4 bytes leftover after parsing attributes in process `syz.6.542'.
[  162.900898][ T5986] 8021q: adding VLAN 0 to HW filter on device batadv0
[  162.913650][ T6190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  162.936890][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  162.944608][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  163.039183][ T6190] team0: Port device team_slave_0 added
[  163.110345][ T6324] loop6: detected capacity change from 0 to 16
[  163.121066][ T6190] team0: Port device team_slave_1 added
[  163.171433][ T6324] erofs: (device loop6): mounted with root inode @ nid 36.
[  163.218463][ T6190] batman_adv: batadv0: Adding interface: batadv_slave_0
[  163.225486][ T6190] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.306620][ T4283] Bluetooth: hci2: command 0x040f tx timeout
[  163.314003][ T6190] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  163.356100][ T6190] batman_adv: batadv0: Adding interface: batadv_slave_1
[  163.363390][ T6190] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.476361][ T6190] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  163.648162][ T6190] device hsr_slave_0 entered promiscuous mode
[  163.710784][ T6190] device hsr_slave_1 entered promiscuous mode
[  163.820961][ T6337] loop1: detected capacity change from 0 to 512
[  163.981192][ T6337] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.556: bg 0: block 248: padding at end of block bitmap is not set
[  164.064020][ T6337] Quota error (device loop1): write_blk: dquota write failed
[  164.071693][ T6337] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  164.088577][ T6337] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.556: Failed to acquire dquot type 1
[  164.113876][ T6337] EXT4-fs (loop1): 1 truncate cleaned up
[  164.155402][ T6337] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  164.209102][ T6337] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.382976][ T6337] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  164.485291][ T6190] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  164.519052][ T6190] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  164.536749][ T6352] loop6: detected capacity change from 0 to 47
[  164.563860][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  164.579497][ T6190] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  164.681632][ T6190] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  164.825308][ T5888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  164.835329][ T5888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  164.904090][ T5888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  164.926987][ T5888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  164.943977][ T5888] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  164.958818][ T5888] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  165.000152][ T5986] device veth0_vlan entered promiscuous mode
[  165.028257][ T5986] device veth1_vlan entered promiscuous mode
[  165.145493][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  165.164034][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  165.180262][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  165.214935][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  165.240567][ T6190] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.264733][ T5986] device veth0_macvtap entered promiscuous mode
[  165.293717][ T5986] device veth1_macvtap entered promiscuous mode
[  165.319355][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  165.338039][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  165.360279][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  165.384725][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  165.396247][ T4283] Bluetooth: hci2: command 0x0419 tx timeout
[  165.457821][ T6190] 8021q: adding VLAN 0 to HW filter on device team0
[  165.499611][ T5986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.516383][ T5986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.533424][ T5986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.553422][ T5986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.573412][ T5986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.584843][ T6374] loop6: detected capacity change from 0 to 2048
[  165.593430][ T5986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.610717][ T6374] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=3932051, location=3932051
[  165.624902][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_0
[  165.665414][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  165.674596][ T6374] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.688052][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  165.711293][ T4323] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.718467][ T4323] bridge0: port 1(bridge_slave_0) entered forwarding state
[  165.740357][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  165.767324][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  165.783259][ T6376] loop1: detected capacity change from 0 to 4096
[  165.811048][ T5986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.847300][ T5986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.860360][ T6376] EXT4-fs: Invalid want_extra_isize 32768
[  165.884959][ T5986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.901508][ T5986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.913716][ T5986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.931901][ T5986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.945275][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_1
[  165.953786][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  165.962736][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  165.973186][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  166.026818][ T4323] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.034004][ T4323] bridge0: port 2(bridge_slave_1) entered forwarding state
[  166.066894][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  166.097432][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  166.120470][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  166.131403][ T6380] loop6: detected capacity change from 0 to 512
[  166.151188][ T6380] EXT4-fs: Ignoring removed nobh option
[  166.158707][ T4312] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  166.167988][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  166.211866][ T5986] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  166.228315][ T6380] EXT4-fs (loop6): Test dummy encryption mode enabled
[  166.232625][ T5986] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  166.254346][ T5986] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  166.274651][ T5986] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  166.310689][ T6380] EXT4-fs error (device loop6): __ext4_iget:5095: inode #11: block 1: comm syz.6.568: invalid block
[  166.327993][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  166.350233][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  166.365010][ T6380] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.568: couldn't read orphan inode 11 (err -117)
[  166.388312][ T4312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  166.423763][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  166.436366][ T4312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.463255][ T6380] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  166.479251][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  166.487699][ T4312] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  166.534548][ T6190] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  166.545893][ T4312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.581121][ T4312] usb 2-1: config 0 descriptor??
[  166.596615][ T6190] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  166.597931][ T4312] hub 2-1:0.0: USB hub found
[  166.636479][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  166.644443][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  166.660472][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  166.673213][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  166.686348][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  166.726373][   T22] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  166.779475][ T5160] EXT4-fs (loop6): unmounting filesystem.
[  166.799374][ T4312] hub 2-1:0.0: 1 port detected
[  166.820640][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  166.838183][ T5887] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  166.846034][ T5887] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  166.922034][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  166.958524][   T22] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  166.981577][   T22] usb 1-1: config 0 interface 0 has no altsetting 0
[  167.000334][   T22] usb 1-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=b1.f9
[  167.013125][ T5887] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.026284][ T4312] hub 2-1:0.0: hub_hub_status failed (err = -71)
[  167.033492][ T4312] hub 2-1:0.0: config failed, can't get hub status (err -71)
[  167.053048][ T5887] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.068569][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.087673][ T4312] usbhid 2-1:0.0: can't add hid device: -71
[  167.093792][ T4312] usbhid: probe of 2-1:0.0 failed with error -71
[  167.106732][   T22] usb 1-1: Product: syz
[  167.111032][   T22] usb 1-1: Manufacturer: syz
[  167.115677][   T22] usb 1-1: SerialNumber: syz
[  167.148351][   T22] usb 1-1: config 0 descriptor??
[  167.167161][ T4312] usb 2-1: USB disconnect, device number 9
[  167.179260][   T22] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  167.201053][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  167.250194][   T22] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  167.276810][   T22] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  167.295830][   T22] usb 1-1: media controller created
[  167.326815][   T22] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  167.466348][ T4283] Bluetooth: hci2: command 0x0405 tx timeout
[  167.539572][   T22] DVB: Unable to find symbol tda10046_attach()
[  167.545805][   T22] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  167.596373][   T22] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  167.599693][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  167.623476][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  167.640524][ T6190] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.046485][ T4316] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  168.246268][ T4316] usb 2-1: Using ep0 maxpacket: 16
[  168.304267][ T4316] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  168.328874][ T4316] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.353541][ T4316] usb 2-1: Product: syz
[  168.361140][ T4316] usb 2-1: Manufacturer: syz
[  168.390447][ T4316] usb 2-1: SerialNumber: syz
[  168.401960][ T4316] usb 2-1: config 0 descriptor??
[  168.538111][   T22] dvb_usb_m920x: probe of 1-1:0.0 failed with error -71
[  168.563159][   T22] usb 1-1: USB disconnect, device number 5
[  168.713552][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  168.740289][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  168.794759][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  168.811255][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  168.824767][ T6190] device veth0_vlan entered promiscuous mode
[  168.843369][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  168.846922][ T4316] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  168.859776][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  168.879346][ T4316] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  168.888975][ T6190] device veth1_vlan entered promiscuous mode
[  168.926561][ T4316] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  168.934585][ T4316] usb 2-1: media controller created
[  168.937019][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  168.957201][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  168.965832][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  168.980140][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  169.014835][ T6190] device veth0_macvtap entered promiscuous mode
[  169.017290][ T4316] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  169.038557][ T6190] device veth1_macvtap entered promiscuous mode
[  169.103482][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.110572][ T4316] zl10353_read_register: readreg error (reg=127, ret==0)
[  169.154394][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.164940][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.166477][ T4316] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  169.177205][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.194423][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.225748][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.236179][ T4316] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  169.264461][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.295496][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.309938][ T4316] usb 2-1: USB disconnect, device number 10
[  169.348110][ T6190] batman_adv: batadv0: Interface activated: batadv_slave_0
[  169.367578][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  169.375751][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  169.440242][ T4316] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  169.462685][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  169.498263][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  169.539352][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.591746][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.636224][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.674574][ T6445] netlink: 104 bytes leftover after parsing attributes in process `syz.7.577'.
[  169.685833][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.725523][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.794422][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.826257][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.856239][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.892467][ T6190] batman_adv: batadv0: Interface activated: batadv_slave_1
[  169.903626][ T6451] loop1: detected capacity change from 0 to 512
[  169.923874][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  169.942392][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  170.017004][ T6190] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.043890][ T6190] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.088249][ T6190] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.136199][ T6190] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.237996][ T6460] binder: 6459:6460 ioctl c0306201 200000000100 returned -14
[  170.424773][ T5888] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.485402][ T5888] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.548414][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  170.579167][ T4349] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.596766][ T4349] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.620401][ T5888] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  170.639932][ T6467] loop6: detected capacity change from 0 to 256
[  171.315785][ T6483] loop6: detected capacity change from 0 to 4096
[  171.745551][ T6502] loop0: detected capacity change from 0 to 512
[  172.057366][ T6507] loop8: detected capacity change from 0 to 8
[  172.225625][ T6513] loop7: detected capacity change from 0 to 8
[  172.262914][ T6507] SQUASHFS error: zstd decompression error: 10
[  172.328502][ T6507] SQUASHFS error: zstd decompression failed, data probably corrupt
[  172.341904][ T6513] SQUASHFS error: Failed to read block 0x260685: -5
[  172.372506][ T6513] SQUASHFS error: Unable to read metadata cache entry [260685]
[  172.384574][ T6507] SQUASHFS error: Failed to read block 0x62b: -5
[  172.406937][ T6513] SQUASHFS error: Unable to read directory block [260685:0]
[  172.438972][ T6514] SQUASHFS error: Unable to read metadata cache entry [629]
[  172.477488][ T6507] SQUASHFS error: Unable to read metadata cache entry [629]
[  172.505079][ T6514] SQUASHFS error: Unable to read directory block [629:ff26]
[  172.558574][ T6507] SQUASHFS error: Unable to read directory block [629:ff26]
[  172.707174][ T6523] loop1: detected capacity change from 0 to 1024
[  173.686562][   T26] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  173.896295][   T26] usb 7-1: Using ep0 maxpacket: 32
[  173.907220][   T26] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.945255][ T6559] loop1: detected capacity change from 0 to 1024
[  173.956387][   T26] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  174.015370][   T26] usb 7-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  174.081368][   T26] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.103090][   T26] usb 7-1: config 0 descriptor??
[  174.198826][ T6559] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  174.268341][ T6559] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  174.359694][ T4349] hfsplus: b-tree write err: -5, ino 4
[  174.367704][ T4349] hfsplus: bad catalog file entry
[  174.524316][   T26] ft260 0003:0403:6030.0008: unknown main item tag 0x0
[  174.544844][   T26] ft260 0003:0403:6030.0008: hidraw0: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.6-1/input0
[  174.723617][   T26] ft260 0003:0403:6030.0008: chip code: 6424 8183
[  175.057065][ T6582] block nbd1: NBD_DISCONNECT
[  175.062896][ T6582] block nbd1: Send disconnect failed -32
[  175.160428][ T6582] block nbd1: Disconnected due to user request.
[  175.196263][ T6582] block nbd1: shutting down sockets
[  175.265936][ T6587] device veth0 entered promiscuous mode
[  175.307819][ T6587] netlink: 4 bytes leftover after parsing attributes in process `syz.7.619'.
[  175.325741][   T26] ft260 0003:0403:6030.0008: failed to reset I2C controller: -71
[  175.405115][   T26] usb 7-1: USB disconnect, device number 4
[  175.619837][ T6587] device veth0 left promiscuous mode
[  175.729572][ T6590] fido_id[6590]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  176.501225][ T6607] loop1: detected capacity change from 0 to 1024
[  176.525049][ T6607] EXT4-fs: Ignoring removed mblk_io_submit option
[  176.542609][ T6607] EXT4-fs: inline encryption not supported
[  176.598498][ T6607] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.624: lblock 2 mapped to illegal pblock 2 (length 1)
[  176.636600][ T6607] EXT4-fs (loop1): Remounting filesystem read-only
[  176.657071][ T6607] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  176.665325][ T6607] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.624: lblock 0 mapped to illegal pblock 48 (length 1)
[  176.680449][ T6607] EXT4-fs (loop1): Remounting filesystem read-only
[  176.687370][ T6607] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  176.696375][ T6607] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.624: Failed to acquire dquot type 0
[  176.708012][ T6607] EXT4-fs (loop1): Remounting filesystem read-only
[  176.714682][ T6607] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[  176.728276][ T6607] EXT4-fs (loop1): Remounting filesystem read-only
[  176.735939][ T6607] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.624: mark_inode_dirty error
[  176.749544][ T6607] EXT4-fs (loop1): Remounting filesystem read-only
[  176.756360][ T6607] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  176.779061][ T6607] EXT4-fs (loop1): 1 orphan inode deleted
[  176.796461][ T4349] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  176.796473][ T6607] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  176.797877][ T4349] EXT4-fs (loop1): Remounting filesystem read-only
[  176.871501][ T4349] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  176.946278][ T4349] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:7: Failed to release dquot type 0
[  176.989919][ T4349] EXT4-fs (loop1): Remounting filesystem read-only
[  177.844489][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  177.883612][ T4267] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0
[  177.920490][ T4267] EXT4-fs (loop1): Remounting filesystem read-only
[  177.939012][ T4267] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[  177.962573][ T6653] loop6: detected capacity change from 0 to 512
[  177.976517][ T4267] EXT4-fs (loop1): Remounting filesystem read-only
[  177.983087][ T4267] EXT4-fs error (device loop1): ext4_quota_off:7141: inode #3: comm syz-executor: mark_inode_dirty error
[  178.057142][ T6653] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  178.068688][ T4267] EXT4-fs (loop1): Remounting filesystem read-only
[  178.116416][ T6653] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.336772][ T5160] EXT4-fs (loop6): unmounting filesystem.
[  178.406653][   T22] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  178.608393][   T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.665445][   T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.706562][   T22] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  178.721483][   T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.751233][   T22] usb 1-1: config 0 descriptor??
[  179.170442][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055757800: rx timeout, send abort
[  179.180331][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888055757800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  179.200026][   T22] cp2112 0003:10C4:EA90.0009: unknown main item tag 0x0
[  179.215268][   T22] cp2112 0003:10C4:EA90.0009: unknown main item tag 0x0
[  179.235400][   T22] cp2112 0003:10C4:EA90.0009: unknown main item tag 0x0
[  179.279108][   T22] cp2112 0003:10C4:EA90.0009: unknown main item tag 0x0
[  179.297569][   T22] cp2112 0003:10C4:EA90.0009: unknown main item tag 0x0
[  179.304604][   T22] cp2112 0003:10C4:EA90.0009: unknown main item tag 0x0
[  179.334233][   T22] cp2112 0003:10C4:EA90.0009: unknown main item tag 0x0
[  179.344641][   T22] cp2112 0003:10C4:EA90.0009: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  179.447253][   T22] cp2112 0003:10C4:EA90.0009: Part Number: 0x00 Device Version: 0x00
[  179.653531][   T22] cp2112 0003:10C4:EA90.0009: error requesting SMBus config
[  179.677566][   T22] cp2112: probe of 0003:10C4:EA90.0009 failed with error -71
[  179.746493][   T22] usb 1-1: USB disconnect, device number 6
[  179.967901][ T6709] 9pnet: p9_errstr2errno: server reported unknown error �1 g;-�~	
[  180.202708][ T6706] fido_id[6706]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  180.389514][ T6720] input: syz0 as /devices/virtual/input/input12
[  180.914221][ T6736] netlink: 160 bytes leftover after parsing attributes in process `syz.7.651'.
[  181.534932][ T6754] loop6: detected capacity change from 0 to 1024
[  181.577407][ T6754] EXT4-fs: Ignoring removed orlov option
[  181.583114][ T6754] EXT4-fs: Ignoring removed nobh option
[  181.623294][ T6757] loop0: detected capacity change from 0 to 512
[  181.705179][ T6754] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  181.803728][ T6757] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  181.833118][ T6757] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.013322][ T5160] EXT4-fs (loop6): unmounting filesystem.
[  182.114885][ T4266] EXT4-fs (loop0): unmounting filesystem.
[  183.036259][ T4369] psmouse serio3: Failed to reset mouse on : -5
[  183.599608][ T6792] loop0: detected capacity change from 0 to 32768
[  183.634424][ T6792] (syz.0.668,6792,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  183.648470][ T6812] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  183.684043][ T6792] (syz.0.668,6792,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  183.730831][ T6792] JBD2: Ignoring recovery information on journal
[  183.834630][ T6792] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  184.074545][ T4266] ocfs2: Unmounting device (7,0) on (node local)
[  184.629300][ T6834] Illegal XDP return value 4294967274 on prog  (id 47) dev syz_tun, expect packet loss!
[  184.840101][ T6838] device batadv_slave_0 entered promiscuous mode
[  184.908299][ T6837] device batadv_slave_0 left promiscuous mode
[  185.373776][ T6852] loop1: detected capacity change from 0 to 8192
[  185.413726][ T6852] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  185.441964][ T6852] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  185.452888][ T6852] REISERFS (device loop1): using ordered data mode
[  185.459973][ T6852] reiserfs: using flush barriers
[  185.466756][ T6852] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  185.483382][ T6852] REISERFS (device loop1): checking transaction log (loop1)
[  185.520720][ T6852] REISERFS (device loop1): Using r5 hash to sort names
[  185.541210][ T6852] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  186.008446][ T6873] loop7: detected capacity change from 0 to 128
[  186.431222][    T9] Bluetooth: (null): Invalid header checksum
[  186.443045][    T9] Bluetooth: (null): Invalid header checksum
[  186.544250][    T9] Bluetooth: (null): Invalid header checksum
[  186.606260][ T4767] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  186.678307][    T9] Bluetooth: (null): Invalid header checksum
[  186.756833][ T4349] Bluetooth: (null): Invalid header checksum
[  186.796416][ T4767] usb 2-1: Using ep0 maxpacket: 16
[  186.815191][ T4767] usb 2-1: unable to get BOS descriptor or descriptor too short
[  186.856794][ T4767] usb 2-1: unable to read config index 0 descriptor/start: -71
[  186.903852][ T4767] usb 2-1: can't read configurations, error -71
[  187.176777][ T6881] loop7: detected capacity change from 0 to 131072
[  187.190769][ T6881] F2FS-fs (loop7): invalid crc value
[  187.212966][ T6881] F2FS-fs (loop7): Found nat_bits in checkpoint
[  187.236137][    C1] sched: RT throttling activated
[  187.263829][ T6881] F2FS-fs (loop7): Cannot turn on quotas: -2 on 2
[  187.272711][ T6881] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[  187.296304][ T4772] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  187.496487][ T4765] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  187.506684][ T4772] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.536506][ T4772] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  187.561682][ T4772] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  187.574252][ T6909] loop1: detected capacity change from 0 to 1024
[  187.593342][ T4772] usb 1-1: New USB device found, idVendor=0025, idProduct=a4a1, bcdDevice= 0.40
[  187.603672][ T6909] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  187.616700][ T4369] misc userio: Buffer overflowed, userio client isn't keeping up
[  187.624954][ T4772] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.646393][ T4772] usb 1-1: Product: syz
[  187.651136][ T4772] usb 1-1: Manufacturer: syz
[  187.655768][ T4772] usb 1-1: SerialNumber: syz
[  187.692270][ T6909] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  187.716638][ T4765] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  187.753371][ T4765] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  187.836381][ T4765] usb 9-1: New USB device found, idVendor=057e, idProduct=2019, bcdDevice= 0.00
[  187.845528][ T4765] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.901861][ T4765] usb 9-1: config 0 descriptor??
[  187.918837][ T6900] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  187.991040][ T6909] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3852: comm syz.1.700: Allocating blocks 497-513 which overlap fs metadata
[  188.041732][ T6909] EXT4-fs (loop1): pa ffff888070792620: logic 256, phys. 385, len 8
[  188.050376][ T6909] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[  188.154538][ T6918] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 747
[  188.212134][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  188.619150][ T6930] use of bytesused == 0 is deprecated and will be removed in the future,
[  188.656294][ T6930] use the actual size instead.
[  188.688474][ T4369] input: PS/2 Generic Mouse as /devices/serio3/input/input13
[  188.730636][ T6933] netlink: 'syz.7.706': attribute type 12 has an invalid length.
[  188.740915][ T6933] netlink: 'syz.7.706': attribute type 29 has an invalid length.
[  188.749676][ T6933] netlink: 148 bytes leftover after parsing attributes in process `syz.7.706'.
[  188.759806][ T6933] netlink: 4 bytes leftover after parsing attributes in process `syz.7.706'.
[  188.847051][ T4765] usbhid 9-1:0.0: can't add hid device: -71
[  188.853112][ T4765] usbhid: probe of 9-1:0.0 failed with error -71
[  188.884853][ T4765] usb 9-1: USB disconnect, device number 2
[  188.901735][ T4772] cdc_ncm 1-1:1.0: bind() failure
[  188.932103][ T4772] cdc_ncm: probe of 1-1:1.1 failed with error -71
[  188.946430][ T4369] psmouse serio3: Failed to enable mouse on 
[  188.966678][ T4772] cdc_mbim: probe of 1-1:1.1 failed with error -71
[  188.984995][ T4772] usbtest: probe of 1-1:1.1 failed with error -71
[  189.022844][ T4772] usb 1-1: USB disconnect, device number 7
[  189.340544][   T11] nci: nci_extract_activation_params_nfc_dep: unsupported activation_rf_tech_and_mode 0x1
[  189.886253][   T26] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  190.078226][   T26] usb 8-1: config 1 has an invalid descriptor of length 39, skipping remainder of the config
[  190.099393][   T26] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  190.139876][   T26] usb 8-1: config 1 has no interface number 0
[  190.163869][   T26] usb 8-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  190.191494][   T27] audit: type=1326 audit(1771622439.875:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6972 comm="syz.0.722" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff55339c629 code=0x0
[  190.216264][   T26] usb 8-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  190.247807][   T26] usb 8-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  190.286275][   T26] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 32695, setting to 64
[  190.326284][   T26] usb 8-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  190.381121][   T26] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  190.436089][   T26] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.446756][ T4772] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  190.504383][   T26] usb 8-1: Product: syz
[  190.529403][   T26] usb 8-1: Manufacturer: syz
[  190.534087][   T26] usb 8-1: SerialNumber: syz
[  190.585929][ T6958] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  190.638930][ T4772] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  190.674746][ T4772] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  190.724333][ T4772] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  190.765241][ T6986] netlink: 4 bytes leftover after parsing attributes in process `syz.6.725'.
[  190.790743][ T6963] loop1: detected capacity change from 0 to 32768
[  190.801555][ T4772] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  190.814829][ T6986] netlink: 'syz.6.725': attribute type 14 has an invalid length.
[  190.824908][ T4772] usb 9-1: SerialNumber: syz
[  190.832805][ T6958] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  190.852990][ T6986] netlink: 'syz.6.725': attribute type 13 has an invalid length.
[  190.922024][ T6963] XFS (loop1): Mounting V5 Filesystem
[  191.049121][ T6986] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  191.058623][ T6986] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  191.067420][ T6986] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  191.076210][ T6986] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  191.087179][ T6958] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  191.098103][ T4772] usb 9-1: 0:2 : does not exist
[  191.102243][ T6986] device vxlan0 entered promiscuous mode
[  191.115036][ T4772] usb 9-1: USB disconnect, device number 3
[  191.145270][ T6963] XFS (loop1): Ending clean mount
[  191.161262][   T27] audit: type=1800 audit(1771622440.845:29): pid=6963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.717" name="file1" dev="loop1" ino=6150 res=0 errno=0
[  191.269551][ T6998] XFS (loop1): User initiated shutdown received.
[  191.287285][ T6998] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:499).  Shutting down filesystem.
[  191.328543][ T5215] udevd[5215]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  191.368760][ T6998] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[  191.515139][ T4267] XFS (loop1): Unmounting Filesystem
[  191.556663][ T6958] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  191.565812][   T26] cdc_ncm 8-1:1.1: bind() failure
[  191.789019][   T26] usb 8-1: USB disconnect, device number 2
[  192.400085][ T7018] loop0: detected capacity change from 0 to 128
[  192.548623][ T7018] syz.0.732: attempt to access beyond end of device
[  192.548623][ T7018] loop0: rw=2049, sector=145, nr_sectors = 5 limit=128
[  192.607452][ T7024] netlink: 4 bytes leftover after parsing attributes in process `syz.6.733'.
[  192.639158][ T7018] syz.0.732: attempt to access beyond end of device
[  192.639158][ T7018] loop0: rw=34817, sector=102, nr_sectors = 27 limit=128
[  192.663187][ T7018] syz.0.732: attempt to access beyond end of device
[  192.663187][ T7018] loop0: rw=34817, sector=145, nr_sectors = 5 limit=128
[  193.134920][ T7024] device hsr_slave_1 left promiscuous mode
[  193.828574][ T7057] loop6: detected capacity change from 0 to 512
[  193.882046][ T7057] FAT-fs (loop6): Unrecognized mount option "��N�" or missing value
[  194.020798][ T7057] loop6: detected capacity change from 0 to 2048
[  194.036627][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  194.042983][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  194.134834][ T7057] FAT-fs (loop6): bogus sectors per cluster 3
[  194.172382][ T7057] FAT-fs (loop6): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  194.235484][ T7057] FAT-fs (loop6): Can't find a valid FAT filesystem
[  194.435427][ T7068] netlink: 'syz.0.749': attribute type 4 has an invalid length.
[  194.872033][ T7081] loop1: detected capacity change from 0 to 2048
[  195.002896][ T7086] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  195.028673][ T7087] netlink: 4 bytes leftover after parsing attributes in process `syz.6.756'.
[  195.099379][   T27] audit: type=1800 audit(1771622444.785:30): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.754" name="file2" dev="loop1" ino=16 res=0 errno=0
[  195.313582][ T7094] loop8: detected capacity change from 0 to 256
[  195.673708][ T7077] loop7: detected capacity change from 0 to 32768
[  195.794360][ T7077] XFS (loop7): Mounting V5 Filesystem
[  195.806331][ T4312] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  195.860504][ T7112] loop1: detected capacity change from 0 to 512
[  195.897560][ T7077] XFS (loop7): Ending clean mount
[  195.921021][ T7112] EXT4-fs: Ignoring removed oldalloc option
[  195.956633][ T7112] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  195.971913][ T7077] XFS (loop7): Quotacheck needed: Please wait.
[  196.030230][ T4312] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  196.062212][ T4312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.075255][ T7112] EXT4-fs error (device loop1): ext4_xattr_inode_iget:397: comm syz.1.763: Parent and EA inode have the same ino 15
[  196.106397][ T4280] Bluetooth: hci0: command 0x0406 tx timeout
[  196.112552][ T4280] Bluetooth: hci1: command 0x0406 tx timeout
[  196.116272][ T4312] usb 1-1: Product: syz
[  196.132188][ T4312] usb 1-1: Manufacturer: syz
[  196.146607][ T7112] EXT4-fs error (device loop1): ext4_xattr_inode_iget:397: comm syz.1.763: Parent and EA inode have the same ino 15
[  196.176166][ T4312] usb 1-1: SerialNumber: syz
[  196.196987][ T4312] usb 1-1: config 0 descriptor??
[  196.202376][ T7112] EXT4-fs (loop1): 1 orphan inode deleted
[  196.251692][ T7112] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  196.279368][ T7077] XFS (loop7): Quotacheck: Done.
[  196.322248][ T7112] EXT4-fs warning (device loop1): __ext4_unlink:3335: inode #15: comm syz.1.763: Deleting file 'file1' with no links
[  196.531669][ T7125] loop8: detected capacity change from 0 to 128
[  196.593927][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  196.612296][ T7125] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  196.628185][ T5986] XFS (loop7): Unmounting Filesystem
[  196.652519][ T4312] usb 1-1: Firmware: major: 0, minor: 11, hardware type: UNKNOWN (88)
[  196.746409][ T7125] ext4 filesystem being mounted at /25/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  196.873920][ T4312] usb 1-1: Read permanent extended address ec:74:80:5a:bc:49:aa:22 from device
[  196.902220][ T4312] usb 1-1: atusb_probe: initialization failed, error = -524
[  196.920802][ T4312] atusb: probe of 1-1:0.0 failed with error -524
[  197.089824][ T6190] EXT4-fs (loop8): unmounting filesystem.
[  197.097377][ T4312] usb 1-1: USB disconnect, device number 8
[  198.027241][ T7131] loop1: detected capacity change from 0 to 32768
[  198.131391][ T7131] XFS (loop1): Mounting V5 Filesystem
[  198.151917][ T7160] loop7: detected capacity change from 0 to 1024
[  198.192761][ T7160] EXT4-fs: Ignoring removed bh option
[  198.218738][ T7160] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  198.291921][ T7131] XFS (loop1): Ending clean mount
[  198.343370][ T7160] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  198.478564][ T7178] loop8: detected capacity change from 0 to 128
[  198.561603][ T7178] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  198.612257][ T7160] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3852: comm syz.7.776: Allocating blocks 497-513 which overlap fs metadata
[  198.634508][ T4267] XFS (loop1): Unmounting Filesystem
[  198.645810][ T7178] hpfs: filesystem error: improperly stopped
[  198.668186][ T7160] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3852: comm syz.7.776: Allocating blocks 497-513 which overlap fs metadata
[  198.686820][ T7178] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  198.694708][ T7178] hpfs: You really don't want any checks? You are crazy...
[  198.741865][ T7157] EXT4-fs (loop7): pa ffff8880743e1b60: logic 48, phys. 177, len 21
[  198.750215][ T7157] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[  198.778890][ T7178] hpfs: hpfs_map_sector(): read error
[  198.784330][ T7178] hpfs: code page support is disabled
[  198.817893][ T7178] hpfs: hpfs_map_4sectors(): unaligned read
[  198.825430][ T7178] hpfs: hpfs_map_4sectors(): unaligned read
[  198.868242][ T7178] hpfs: filesystem error: unable to find root dir
[  198.921725][ T7178] hpfs: hpfs_map_4sectors(): unaligned read
[  198.980224][ T7178] hpfs: hpfs_map_sector(): read error
[  199.113344][ T5986] EXT4-fs (loop7): unmounting filesystem.
[  199.311367][ T7199] loop6: detected capacity change from 0 to 16
[  199.344622][ T7199] erofs: (device loop6): mounted with root inode @ nid 36.
[  199.384887][ T7199] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  199.429089][ T7199] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  199.446812][ T4312] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  199.468408][ T7199] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  199.502995][ T7199] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  199.523497][ T7203] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  199.552561][ T7199] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117]
[  199.569755][ T7203] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  199.602527][ T7203] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  199.632003][ T7203] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  199.644706][ T4312] usb 1-1: too many endpoints for config 0 interface 0 altsetting 11: 69, using maximum allowed: 30
[  199.678225][ T4312] usb 1-1: config 0 interface 0 altsetting 11 endpoint 0x81 has invalid wMaxPacketSize 0
[  199.714003][ T7203] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117]
[  199.722724][ T4312] usb 1-1: config 0 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 69
[  199.736273][ T7203] erofs: (device loop6): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  199.758259][ T4312] usb 1-1: config 0 interface 0 has no altsetting 0
[  199.773949][ T4312] usb 1-1: New USB device found, idVendor=056a, idProduct=00e2, bcdDevice= 0.00
[  199.785138][ T4312] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.811690][ T4312] usb 1-1: config 0 descriptor??
[  200.099270][ T7201] overlayfs: statfs failed on './file0'
[  200.310920][ T4312] wacom 0003:056A:00E2.000A: hidraw0: USB HID v0.00 Device [HID 056a:00e2] on usb-dummy_hcd.0-1/input0
[  200.484713][ T4772] usb 1-1: USB disconnect, device number 9
[  200.713944][ T7219] fido_id[7219]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  200.996341][    T7] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  201.161885][ T7231] loop1: detected capacity change from 0 to 8192
[  201.188489][ T7231] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  201.213998][    T7] usb 8-1: New USB device found, idVendor=17ef, idProduct=6004, bcdDevice= 0.00
[  201.256479][    T7] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.302788][    T7] usb 8-1: config 0 descriptor??
[  201.312028][ T7231] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[  201.353756][ T7231] REISERFS (device loop1): using ordered data mode
[  201.385161][ T7231] reiserfs: using flush barriers
[  201.423480][ T7231] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  201.450498][ T7231] REISERFS (device loop1): checking transaction log (loop1)
[  201.677113][ T7231] REISERFS (device loop1): Using tea hash to sort names
[  201.701608][ T7231] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  201.749599][    T7] wacom 0003:17EF:6004.000B: hidraw0: USB HID v10.00 Device [HID 17ef:6004] on usb-dummy_hcd.7-1/input0
[  201.818403][   T27] audit: type=1800 audit(1771622451.505:31): pid=7254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.791" name="file1" dev="loop1" ino=8 res=0 errno=0
[  201.951016][    T7] usb 8-1: USB disconnect, device number 3
[  202.173351][ T7255] fido_id[7255]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  202.203273][ T7261] loop6: detected capacity change from 0 to 512
[  202.236086][ T7261] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  202.275305][ T7261] EXT4-fs (loop6): SIPHASH is not a valid default hash value
[  203.067185][ T7284] tipc: Started in network mode
[  203.072123][ T7284] tipc: Node identity 4, cluster identity 4711
[  203.106190][ T7284] tipc: Node number set to 4
[  203.318838][ T7304] loop8: detected capacity change from 0 to 1024
[  203.472290][ T7304] hfsplus: xattr search failed
[  203.512778][ T7279] overlayfs: statfs failed on './file0'
[  203.702331][ T7313] loop0: detected capacity change from 0 to 2048
[  203.716314][ T4765] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  203.804481][ T7320] input: syz0 as /devices/virtual/input/input20
[  203.821934][ T7319] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  203.921498][ T7323] loop8: detected capacity change from 0 to 16
[  203.928627][ T4765] usb 2-1: Using ep0 maxpacket: 8
[  203.946007][ T4765] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  203.977332][ T4765] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  204.004742][ T7323] erofs: (device loop8): mounted with root inode @ nid 36.
[  204.027104][ T4765] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  204.065297][ T4765] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  204.126932][ T4765] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  204.172136][ T4765] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  204.201397][ T4765] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.213574][ T7328] netlink: 28 bytes leftover after parsing attributes in process `syz.7.815'.
[  204.235969][ T7319] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  204.253228][ T7319] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  204.301846][ T7328] netlink: 28 bytes leftover after parsing attributes in process `syz.7.815'.
[  204.367406][ T7319] Remounting filesystem read-only
[  204.382568][ T7328] device erspan0 entered promiscuous mode
[  204.401956][ T4266] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  204.434032][ T7328] device gretap0 entered promiscuous mode
[  204.462062][ T4765] usb 2-1: usb_control_msg returned -32
[  204.468412][ T4765] usbtmc 2-1:16.0: can't read capabilities
[  204.517249][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  205.235666][ T7370] usbtmc 2-1:16.0: usb_control_msg returned -32
[  205.307470][ T7375] loop7: detected capacity change from 0 to 512
[  205.383482][ T4765] usb 2-1: USB disconnect, device number 13
[  205.735979][ T7386] loop6: detected capacity change from 0 to 1
[  205.793745][ T7386] Dev loop6: unable to read RDB block 1
[  205.814323][ T7387] loop0: detected capacity change from 0 to 1024
[  205.823839][ T7386]  loop6: unable to read partition table
[  205.836429][ T7386] loop6: partition table beyond EOD, truncated
[  205.848363][ T7387] EXT4-fs: Ignoring removed bh option
[  205.861789][ T7386] loop_reread_partitions: partition scan of loop6 (�被x������ ) failed (rc=-5)
[  205.878661][ T7387] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  205.899022][ T7390] loop8: detected capacity change from 0 to 128
[  206.077287][ T7390] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  206.088009][ T7387] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  206.098011][ T7390] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  206.313967][ T4266] EXT4-fs (loop0): unmounting filesystem.
[  206.380796][ T6190] EXT4-fs (loop8): unmounting filesystem.
[  207.019689][ T7424] loop0: detected capacity change from 0 to 512
[  207.087128][ T7424] EXT4-fs: Ignoring removed oldalloc option
[  207.150237][ T7424] EXT4-fs (loop0): 1 truncate cleaned up
[  207.176307][ T7424] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  207.197608][ T4765] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  207.386380][ T4765] usb 8-1: Using ep0 maxpacket: 32
[  207.397568][ T4765] usb 8-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  207.426237][ T4765] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.452437][ T4765] usb 8-1: config 0 descriptor??
[  207.470459][ T4765] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  207.507452][ T4266] EXT4-fs (loop0): unmounting filesystem.
[  207.681479][ T7439] loop0: detected capacity change from 0 to 1024
[  207.761336][ T7439] hfsplus: catalog searching failed
[  207.837880][ T4535] hfsplus: b-tree write err: -5, ino 3
[  207.902303][ T4315] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  208.087958][ T4315] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  208.097352][ T4315] usb 2-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  208.121924][ T4315] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  208.131374][ T4315] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  208.145051][ T4315] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024
[  208.163963][ T4315] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  208.173493][ T4315] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  208.181824][ T4315] usb 2-1: Product: syz
[  208.187910][ T4315] usb 2-1: Manufacturer: syz
[  208.206805][ T4315] cdc_wdm 2-1:1.0: skipping garbage
[  208.213682][ T4315] cdc_wdm 2-1:1.0: skipping garbage
[  208.232476][ T4315] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  208.244872][ T4315] cdc_wdm 2-1:1.0: Unknown control protocol
[  208.409468][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  208.416133][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  208.423486][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  208.430129][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  208.437112][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  208.443752][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  208.453136][ T4316] usb 2-1: USB disconnect, device number 14
[  208.456868][ T4312] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  208.617255][ T7457] loop6: detected capacity change from 0 to 512
[  208.663713][ T7457] EXT4-fs error (device loop6): ext4_orphan_get:1399: inode #15: comm syz.6.853: inode has both inline data and extents flags
[  208.678967][ T4765] gspca_vc032x: reg_w err -71
[  208.683717][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.688124][ T4312] usb 1-1: Using ep0 maxpacket: 32
[  208.698308][ T4312] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  208.716308][ T4312] usb 1-1: config 0 has no interface number 0
[  208.723399][ T4312] usb 1-1: config 0 interface 184 has no altsetting 0
[  208.732979][ T4312] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  208.738660][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.746568][ T7457] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.853: couldn't read orphan inode 15 (err -117)
[  208.763414][ T4312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.771870][ T4312] usb 1-1: Product: syz
[  208.776620][ T4312] usb 1-1: Manufacturer: syz
[  208.781281][ T4312] usb 1-1: SerialNumber: syz
[  208.792635][ T4312] usb 1-1: config 0 descriptor??
[  208.809892][ T4312] smsc75xx v1.0.0
[  208.815006][ T7457] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  208.820063][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.855461][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.881036][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.897068][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.916828][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.922267][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.945186][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.966976][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.983032][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  208.997707][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  209.006990][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  209.012388][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  209.018411][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  209.023821][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  209.034339][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  209.053973][ T4765] gspca_vc032x: I2c Bus Busy Wait 00
[  209.060101][ T7447] loop0: detected capacity change from 0 to 512
[  209.090175][ T7447] EXT4-fs warning (device loop0): ext4_multi_mount_protect:298: Invalid MMP block in superblock
[  209.095737][ T4765] gspca_vc032x: Unknown sensor...
[  209.116593][ T4765] vc032x: probe of 8-1:0.0 failed with error -22
[  209.146585][ T4312] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  209.147469][ T4765] usb 8-1: USB disconnect, device number 4
[  209.181500][ T4312] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  209.216787][ T4312] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  209.280041][ T4312] smsc75xx: probe of 1-1:0.184 failed with error -71
[  209.330825][ T4312] usb 1-1: USB disconnect, device number 10
[  209.586594][ T5160] EXT4-fs (loop6): unmounting filesystem.
[  210.176295][ T4312] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  210.376247][ T4312] usb 9-1: Using ep0 maxpacket: 8
[  210.383438][ T4312] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  210.416812][ T4312] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  210.436652][ T4312] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  210.456262][ T4312] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  210.472029][ T4312] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  210.491301][ T7478] loop7: detected capacity change from 0 to 32768
[  210.503944][ T4312] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  210.546041][ T4312] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.593584][ T7478] XFS (loop7): Mounting V5 Filesystem
[  210.689738][ T7478] XFS (loop7): Ending clean mount
[  210.729703][   T27] audit: type=1800 audit(1771622460.415:32): pid=7478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.856" name="file1" dev="loop7" ino=6150 res=0 errno=0
[  210.799013][ T4312] usb 9-1: usb_control_msg returned -32
[  210.804689][ T4312] usbtmc 9-1:16.0: can't read capabilities
[  211.012487][ T5986] XFS (loop7): Unmounting Filesystem
[  211.580051][ T7547] netlink: 12 bytes leftover after parsing attributes in process `syz.6.872'.
[  211.599948][ T7545] usbtmc 9-1:16.0: usb_control_msg returned -32
[  211.632648][ T7547] device vlan2 entered promiscuous mode
[  211.650959][ T7547] device gretap0 entered promiscuous mode
[  211.801164][ T4314] usb 9-1: USB disconnect, device number 4
[  213.567360][ T7606] netlink: 8 bytes leftover after parsing attributes in process `syz.6.895'.
[  213.599503][ T7600] loop1: detected capacity change from 0 to 4096
[  213.641558][ T7600] EXT4-fs: Ignoring removed mblk_io_submit option
[  213.676356][ T7600] EXT4-fs (loop1): Test dummy encryption mode enabled
[  213.736422][ T4772] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  213.756757][ T7600] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  213.803328][ T7600] EXT4-fs (loop1): shut down requested (1)
[  213.842422][ T7592] loop8: detected capacity change from 0 to 32768
[  213.872774][ T7592] ocfs2: Mounting device (7,8) on (node local, slot 0) with writeback data mode.
[  213.926296][ T4772] usb 1-1: Using ep0 maxpacket: 32
[  213.933233][ T4772] usb 1-1: config 2 has an invalid interface number: 88 but max is 0
[  213.983092][ T4772] usb 1-1: config 2 has no interface number 0
[  214.009874][ T4772] usb 1-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[  214.061147][ T4772] usb 1-1: config 2 interface 88 has no altsetting 0
[  214.093831][ T4772] usb 1-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  214.104633][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  214.155297][ T4772] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.183716][ T4772] usb 1-1: Product: syz
[  214.193842][ T4772] usb 1-1: Manufacturer: syz
[  214.214130][ T4772] usb 1-1: SerialNumber: syz
[  214.221818][ T6190] ocfs2: Unmounting device (7,8) on (node local)
[  214.248735][ T7602] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  214.484379][ T7602] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  214.643631][ T7630] loop5: detected capacity change from 0 to 7
[  214.672318][ T5215] Dev loop5: unable to read RDB block 7
[  214.692462][ T5215]  loop5: unable to read partition table
[  214.700750][ T5215] loop5: partition table beyond EOD, truncated
[  214.717908][ T7630] Dev loop5: unable to read RDB block 7
[  214.723637][ T7630]  loop5: unable to read partition table
[  214.757364][ T7630] loop5: partition table beyond EOD, truncated
[  214.779763][ T7630] loop_reread_partitions: partition scan of loop5 (�被x������ ) failed (rc=-5)
[  215.528121][ T4772] asix 1-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  215.551382][ T4772] asix: probe of 1-1:2.88 failed with error -71
[  215.589858][ T4772] usb 1-1: USB disconnect, device number 11
[  215.868492][ T7673] kvm: vcpu 2: requested 148514 ns lapic timer period limited to 200000 ns
[  215.901938][ T7673] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[  216.217781][ T7686] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  216.266535][ T7686] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  216.570910][ T7698] loop0: detected capacity change from 0 to 512
[  216.619206][ T7699] loop6: detected capacity change from 0 to 2048
[  216.662302][ T7698] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  216.726808][ T7699] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  216.776276][ T7698] ext4 filesystem being mounted at /198/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.792964][ T7699] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  217.004114][ T4772] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  217.080008][ T4266] EXT4-fs (loop0): unmounting filesystem.
[  217.171382][ T7720] loop1: detected capacity change from 0 to 1024
[  217.196234][ T4772] usb 8-1: Using ep0 maxpacket: 16
[  217.212882][ T4772] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  217.242027][ T4772] usb 8-1: config 0 has no interface number 0
[  217.295206][ T4772] usb 8-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  217.336438][ T4772] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.344560][ T4772] usb 8-1: Product: syz
[  217.375778][ T4772] usb 8-1: Manufacturer: syz
[  217.401764][ T4772] usb 8-1: SerialNumber: syz
[  217.419329][ T4772] usb 8-1: config 0 descriptor??
[  217.440216][ T4772] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  217.626751][ T4294] wlan1: Trigger new scan to find an IBSS to join
[  217.815531][ T7732] loop6: detected capacity change from 0 to 8192
[  218.472749][ T7755] loop8: detected capacity change from 0 to 512
[  218.498344][ T7756] loop1: detected capacity change from 0 to 1764
[  218.564770][ T7759] 9pnet: p9_errstr2errno: server reported unknown error �18446744073709551615
[  218.577830][ T7755] EXT4-fs error (device loop8): ext4_orphan_get:1399: inode #15: comm syz.8.943: inode has both inline data and extents flags
[  218.613263][ T7755] EXT4-fs error (device loop8): ext4_orphan_get:1404: comm syz.8.943: couldn't read orphan inode 15 (err -117)
[  218.655304][ T4772] gspca_spca1528: reg_w err -71
[  218.664461][ T4772] spca1528: probe of 8-1:0.1 failed with error -71
[  218.695969][ T7755] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  218.747594][ T4772] usb 8-1: USB disconnect, device number 5
[  218.880432][ T6190] EXT4-fs (loop8): unmounting filesystem.
[  219.022699][ T7771] loop0: detected capacity change from 0 to 1764
[  219.036293][ T4315] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  219.236266][ T4315] usb 7-1: Using ep0 maxpacket: 32
[  219.243082][ T4315] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  219.268536][ T4315] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  219.287343][ T4315] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  219.303817][ T4315] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.324346][ T4315] usb 7-1: config 0 descriptor??
[  219.342403][ T4315] hub 7-1:0.0: USB hub found
[  219.543845][ T4315] hub 7-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  219.976393][ T4312] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  219.987143][ T4315] hid-generic 0003:046D:C31C.000C: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.6-1/input0
[  220.120405][ T7802] loop8: detected capacity change from 0 to 128
[  220.188906][ T4312] usb 2-1: config 4 has an invalid interface number: 28 but max is 0
[  220.221316][ T4312] usb 2-1: config 4 has no interface number 0
[  220.250219][ T4312] usb 2-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= a.3a
[  220.300722][ T4312] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.356248][ T4312] usb 2-1: Product: syz
[  220.366824][ T4312] usb 2-1: Manufacturer: syz
[  220.371481][ T4312] usb 2-1: SerialNumber: syz
[  220.432651][ T4312] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:4.28/input/input22
[  220.444652][   T22] usb 7-1: USB disconnect, device number 5
[  220.481060][ T7803] fido_id[7803]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  220.672706][ T3622] bcm5974 2-1:4.28: could not read from device
[  220.691166][ T4312] bcm5974 2-1:4.28: could not read from device
[  220.709393][ T3622] bcm5974 2-1:4.28: could not read from device
[  220.726589][ T4312] input: failed to attach handler mousedev to device input22, error: -5
[  220.771086][ T3622] bcm5974 2-1:4.28: could not read from device
[  220.781442][ T4312] usb 2-1: USB disconnect, device number 15
[  220.801359][ T3622] bcm5974 2-1:4.28: could not read from device
[  220.860574][ T7818] loop8: detected capacity change from 0 to 128
[  220.930699][   T27] audit: type=1804 audit(1771622470.615:33): pid=7818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.960" name="/newroot/67/file1/file1" dev="loop8" ino=1048627 res=1 errno=0
[  221.131403][ T7799] loop0: detected capacity change from 0 to 32768
[  221.231916][ T7799] XFS (loop0): Mounting V5 Filesystem
[  221.328248][ T7799] XFS (loop0): Ending clean mount
[  221.366955][ T7799] XFS (loop0): Quotacheck needed: Please wait.
[  221.487981][ T7799] XFS (loop0): Quotacheck: Done.
[  221.657937][ T7837] loop1: detected capacity change from 0 to 8192
[  221.823572][ T7837] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  221.850403][ T7837] FAT-fs (loop1): Filesystem has been set read-only
[  221.864661][ T4266] XFS (loop0): Unmounting Filesystem
[  222.445565][ T7862] loop1: detected capacity change from 0 to 1024
[  222.487014][ T7862] hfsplus: can't free extent
[  222.587508][ T4294] wlan1: Trigger new scan to find an IBSS to join
[  223.086328][ T7883] 9pnet: p9_errstr2errno: server reported unknown error ��
[  223.103339][ T7884] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  223.143310][ T7884] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=on.
[  223.164928][ T7884] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  223.375844][ T7898] netlink: 8 bytes leftover after parsing attributes in process `syz.6.982'.
[  223.540960][   T11] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00
[  223.687953][ T7907] 9pnet: p9_errstr2errno: server reported unknown error 0x0000
[  224.238674][ T7902] loop0: detected capacity change from 0 to 32768
[  224.418773][ T7902] XFS (loop0): Mounting V5 Filesystem
[  224.594529][ T7902] XFS (loop0): Ending clean mount
[  224.638674][ T7902] XFS (loop0): Quotacheck needed: Please wait.
[  224.842404][ T7902] XFS (loop0): Quotacheck: Done.
[  224.880777][   T27] audit: type=1800 audit(1771622474.565:34): pid=7902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.983" name="file1" dev="loop0" ino=9286 res=0 errno=0
[  224.976338][   T27] audit: type=1800 audit(1771622474.595:35): pid=7902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.983" name="file1" dev="loop0" ino=9286 res=0 errno=0
[  225.086250][   T22] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  225.288504][   T22] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  225.339014][   T22] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  225.409900][   T22] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  225.482822][ T4266] XFS (loop0): Unmounting Filesystem
[  225.496966][   T22] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  225.548320][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.597989][   T22] usb 2-1: Product: syz
[  225.643226][   T22] usb 2-1: Manufacturer: syz
[  225.673618][   T22] usb 2-1: SerialNumber: syz
[  225.746724][   T22] hub 2-1:1.0: bad descriptor, ignoring hub
[  225.752786][   T22] hub: probe of 2-1:1.0 failed with error -5
[  225.929457][   T22] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  225.943425][ T7953] loop8: detected capacity change from 0 to 131072
[  225.966937][ T7953] F2FS-fs (loop8): invalid crc value
[  226.038262][ T7953] F2FS-fs (loop8): Found nat_bits in checkpoint
[  226.098371][ T7953] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  226.119900][   T27] audit: type=1800 audit(1771622475.805:36): pid=7953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.997" name="file1" dev="loop8" ino=7 res=0 errno=0
[  226.140077][    C1] vkms_vblank_simulate: vblank timer overrun
[  226.592605][ T7969] loop6: detected capacity change from 0 to 1024
[  226.599374][ T7951] usb 2-1: reset high-speed USB device number 16 using dummy_hcd
[  226.675176][   T27] audit: type=1800 audit(1771622476.355:37): pid=7969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1000" name="file1" dev="loop6" ino=3 res=0 errno=0
[  226.941856][ T4323] hfsplus: b-tree write err: -5, ino 3
[  227.062172][ T4312] usb 2-1: USB disconnect, device number 16
[  227.100720][ T4312] usblp0: removed
[  227.197633][ T7984] loop6: detected capacity change from 0 to 128
[  227.238420][ T7984] FAT-fs (loop6): Unrecognized mount option "dos_xflo����G>ppy" or missing value
[  227.439595][ T7993] loop8: detected capacity change from 0 to 128
[  227.491519][ T7993] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  227.541821][ T7993] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  227.600171][ T7993] ext2 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  227.774491][ T8001] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  228.041595][ T8003] loop1: detected capacity change from 0 to 8192
[  228.127464][ T6190] EXT4-fs (loop8): unmounting filesystem.
[  228.137638][ T8003]  loop1: p1 p2[DM] p4
[  228.146972][ T8003] loop1: p1 start 134217728 is beyond EOD, truncated
[  228.174542][ T8003] loop1: p2 start 4292936063 is beyond EOD, truncated
[  228.242027][ T8003] loop1: p4 size 50331648 extends beyond EOD, truncated
[  228.476705][ T8016] loop0: detected capacity change from 0 to 4096
[  228.484529][ T8018] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[  228.849409][ T4431] udevd[4431]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  229.672171][   T27] audit: type=1326 audit(1771622479.355:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8048 comm="syz.8.1021" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcbaa19c629 code=0x0
[  229.697883][ T8023] loop1: detected capacity change from 0 to 32768
[  229.770695][ T8023] XFS (loop1): Mounting V5 Filesystem
[  229.977515][ T8023] XFS (loop1): Ending clean mount
[  230.264563][ T4267] XFS (loop1): Unmounting Filesystem
[  230.516914][ T8042] loop0: detected capacity change from 0 to 32768
[  230.546405][    T7] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  230.558687][ T8042] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1018 (8042)
[  230.630385][ T8042] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  230.652478][ T8042] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  230.687908][ T8042] BTRFS info (device loop0): setting nodatasum
[  230.704911][ T8042] BTRFS info (device loop0): force zlib compression, level 3
[  230.760581][    T7] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  230.789922][ T8042] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[  230.817218][    T7] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  230.854974][ T8080] loop7: detected capacity change from 0 to 4096
[  230.861720][ T8042] BTRFS info (device loop0): use lzo compression, level 0
[  230.873782][    T7] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  230.886856][ T8042] BTRFS info (device loop0): turning on flush-on-commit
[  230.894413][ T8042] BTRFS info (device loop0): enabling auto defrag
[  230.944147][    T7] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  230.963195][ T8042] BTRFS info (device loop0): max_inline at 4096
[  230.978269][    T7] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.992512][ T8042] BTRFS info (device loop0): using free space tree
[  231.028558][    T7] usb 7-1: config 0 descriptor??
[  231.176329][ T8042] BTRFS info (device loop0): enabling ssd optimizations
[  231.230634][   T27] audit: type=1800 audit(1771622480.915:39): pid=8042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1018" name="bus" dev="loop0" ino=263 res=0 errno=0
[  231.277999][ T4772] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  231.375442][   T27] audit: type=1804 audit(1771622480.945:40): pid=8042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1018" name="/newroot/215/file1/bus" dev="loop0" ino=263 res=1 errno=0
[  231.473417][    T7] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[  231.496363][ T4772] usb 2-1: Using ep0 maxpacket: 16
[  231.505285][ T4772] usb 2-1: config 1 has an invalid interface number: 105 but max is 0
[  231.520451][    T7] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  231.538351][ T4266] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  231.546635][ T4772] usb 2-1: config 1 has no interface number 0
[  231.582053][ T4772] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  231.633495][ T4772] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  231.675571][ T4772] usb 2-1: config 1 interface 105 has no altsetting 0
[  231.701502][ T4772] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  231.742702][ T4772] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.783272][ T4772] usb 2-1: Product: syz
[  231.811410][ T4772] usb 2-1: Manufacturer: syz
[  231.838519][ T4772] usb 2-1: SerialNumber: syz
[  231.858664][ T8085] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  231.880760][ T8085] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  232.341663][ T8085] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  232.355001][ T8085] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  232.397151][ T8124] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1032'.
[  232.427959][ T8124] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1032'.
[  232.465170][ T8124] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1032'.
[  232.495868][ T8124] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1032'.
[  232.545471][ T8127] netlink: 'syz.8.1034': attribute type 14 has an invalid length.
[  232.562937][ T8127] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1034'.
[  232.588684][ T8127] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  232.597709][ T8127] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  232.606637][ T8127] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  232.615372][ T8127] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  232.635348][ T8127] netlink: 'syz.8.1034': attribute type 14 has an invalid length.
[  232.643372][ T8127] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1034'.
[  232.799773][    C1] plantronics 0003:047F:FFFF.000D: usb_submit_urb(ctrl) failed: -1
[  232.814806][    T7] usb 7-1: USB disconnect, device number 6
[  232.825035][ T4772] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[  232.859000][ T4772] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  232.927214][ T4772] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  232.952349][ T4772] aqc111 2-1:1.105 eth17: register 'aqc111' at usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, f2:05:73:c1:3b:75
[  233.008127][ T4772] usb 2-1: USB disconnect, device number 17
[  233.028809][ T4772] aqc111 2-1:1.105 eth17: unregister 'aqc111' usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  233.138727][ T4772] aqc111 2-1:1.105 eth17 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  233.149847][ T4772] aqc111 2-1:1.105 eth17 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  233.180656][ T4772] aqc111 2-1:1.105 eth17 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  233.326307][   T26] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  233.516406][ T5349] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  233.538491][   T26] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  233.566210][   T26] usb 9-1: config 0 has no interface number 0
[  233.584629][   T26] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.607396][   T26] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.636235][   T26] usb 9-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  233.657759][   T26] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.692215][   T26] usb 9-1: config 0 descriptor??
[  233.711698][ T5349] usb 8-1: Using ep0 maxpacket: 32
[  233.730362][ T5349] usb 8-1: config 0 has an invalid interface number: 184 but max is 0
[  233.759065][ T5349] usb 8-1: config 0 has no interface number 0
[  233.776232][ T5349] usb 8-1: config 0 interface 184 has no altsetting 0
[  233.784130][ T8156] loop1: detected capacity change from 0 to 1024
[  233.797255][ T5349] usb 8-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  233.813629][ T8156] EXT4-fs: Ignoring removed orlov option
[  233.831507][ T5349] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.856634][ T5349] usb 8-1: Product: syz
[  233.860886][ T5349] usb 8-1: Manufacturer: syz
[  233.878302][ T5349] usb 8-1: SerialNumber: syz
[  233.898577][ T5349] usb 8-1: config 0 descriptor??
[  233.946770][ T5349] smsc75xx v1.0.0
[  233.953828][ T8138] loop0: detected capacity change from 0 to 40427
[  233.959972][ T8156] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  234.020238][ T8138] F2FS-fs (loop0): Found nat_bits in checkpoint
[  234.163760][ T8138] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  234.214113][   T26] input: HID 04d9:a055 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.1/0003:04D9:A055.000E/input/input23
[  234.299106][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  234.359422][ T8138] syz.0.1038: attempt to access beyond end of device
[  234.359422][ T8138] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  234.460500][ T8139] loop8: detected capacity change from 0 to 2048
[  234.484779][   T26] holtek_kbd 0003:04D9:A055.000E: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.8-1/input1
[  234.537541][ T8139] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=18576, location=18576
[  234.644835][ T8139] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  234.797584][   T26] usb 9-1: USB disconnect, device number 5
[  234.963195][ T8178] fido_id[8178]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory
[  235.147451][ T5349] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  235.166271][ T4315] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  235.188499][ T5349] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  235.217860][ T5349] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  235.239289][ T5349] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  235.259543][ T5349] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  235.280498][ T5349] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  235.300956][ T5349] smsc75xx: probe of 8-1:0.184 failed with error -71
[  235.369352][ T4315] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  235.391905][ T5349] usb 8-1: USB disconnect, device number 6
[  235.421359][ T4315] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  235.464174][ T4315] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  235.484064][ T4315] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.511686][ T4315] usb 7-1: Product: syz
[  235.526418][ T4315] usb 7-1: Manufacturer: syz
[  235.531085][ T4315] usb 7-1: SerialNumber: syz
[  235.554938][ T8193] loop1: detected capacity change from 0 to 128
[  235.583820][ T8193] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  235.597450][ T4315] cdc_mbim 7-1:1.0: skipping garbage
[  235.646991][ T8193] ext4 filesystem being mounted at /233/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  235.786867][ T8181] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  235.909964][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  236.173350][ T8210] loop8: detected capacity change from 0 to 128
[  236.458188][ T8181] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  236.467849][ T4315] cdc_mbim 7-1:1.0: cdc-wdm0: USB WDM device
[  236.504765][ T4315] cdc_mbim 7-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.6-1, CDC MBIM, 2e:4b:33:b1:c7:e3
[  236.526717][ T8214] loop1: detected capacity change from 0 to 4096
[  236.619119][ T8214] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  236.691696][    C0] cdc_mbim 7-1:1.0: nonzero urb status received: -71
[  236.698443][    C0] cdc_mbim 7-1:1.0: wdm_int_callback - 0 bytes
[  236.705071][    C0] cdc_mbim 7-1:1.0: nonzero urb status received: -71
[  236.711784][    C0] cdc_mbim 7-1:1.0: wdm_int_callback - 0 bytes
[  236.794298][ T4772] usb 7-1: USB disconnect, device number 7
[  236.812917][ T4772] cdc_mbim 7-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.6-1, CDC MBIM
[  236.860158][ T8231] EXT4-fs (loop1): shut down requested (2)
[  236.916414][ T5349] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  237.082590][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  237.106756][ T5349] usb 9-1: Using ep0 maxpacket: 32
[  237.119833][ T5349] usb 9-1: config 0 has an invalid interface number: 132 but max is 0
[  237.128723][ T5349] usb 9-1: config 0 has no interface number 0
[  237.135057][ T5349] usb 9-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  237.203356][ T5349] usb 9-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  237.233902][ T5349] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.254122][ T5349] usb 9-1: Product: syz
[  237.274265][ T5349] usb 9-1: Manufacturer: syz
[  237.299321][ T5349] usb 9-1: SerialNumber: syz
[  237.325088][ T5349] usb 9-1: config 0 descriptor??
[  237.355019][ T5349] em28xx 9-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  237.405571][ T5349] em28xx 9-1:0.132: Video interface 132 found:
[  237.757566][ T5349] em28xx 9-1:0.132: unknown em28xx chip ID (0)
[  237.968883][ T8225] m920x_read = error: -19
[  237.976645][ T5349] em28xx 9-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  238.009896][ T5349] em28xx 9-1:0.132: board has no eeprom
[  238.064605][ T8239] loop7: detected capacity change from 0 to 40427
[  238.096368][ T5349] em28xx 9-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  238.104517][ T5349] em28xx 9-1:0.132: analog set to bulk mode.
[  238.142344][ T8239] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  238.151653][ T5349] usb 9-1: USB disconnect, device number 6
[  238.187515][ T8239] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  238.188494][ T5349] em28xx 9-1:0.132: Disconnecting em28xx
[  238.244092][   T26] em28xx 9-1:0.132: Registering V4L2 extension
[  238.250890][ T8239] F2FS-fs (loop7): invalid crc value
[  238.321061][ T8239] F2FS-fs (loop7): Found nat_bits in checkpoint
[  238.495198][ T8239] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  238.526177][ T4314] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  238.536809][ T8239] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  238.628297][   T27] audit: type=1800 audit(1771622488.315:41): pid=8239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1066" name="bus" dev="loop7" ino=10 res=0 errno=0
[  238.758302][ T4314] usb 7-1: config index 0 descriptor too short (expected 45, got 36)
[  238.777588][ T4314] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  238.811589][ T5986] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  238.811680][ T5986] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  238.825909][ T4314] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  238.859379][ T5986] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  238.859407][ T5986] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  238.876545][ T5986] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  238.894972][ T4314] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  238.936297][ T5986] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  238.936325][ T5986] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  238.960744][ T4314] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  239.015990][ T4314] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.037167][ T4314] usb 7-1: config 0 descriptor??
[  239.048063][   T26] em28xx 9-1:0.132: Config register raw data: 0xffffffed
[  239.055165][   T26] em28xx 9-1:0.132: AC97 chip type couldn't be determined
[  239.093627][   T26] em28xx 9-1:0.132: No AC97 audio processor
[  239.148672][   T26] usb 9-1: Decoder not found
[  239.153375][   T26] em28xx 9-1:0.132: failed to create media graph
[  239.196186][   T26] em28xx 9-1:0.132: V4L2 device video103 deregistered
[  239.225515][   T26] em28xx 9-1:0.132: Remote control support is not available for this card.
[  239.256201][ T5349] em28xx 9-1:0.132: Closing input extension
[  239.300627][ T5349] em28xx 9-1:0.132: Freeing device
[  239.413017][ T4349] Trying to write to read-only block-device loop7
[  239.452427][ T4314] plantronics 0003:047F:FFFF.000F: unknown main item tag 0xd
[  239.471893][ T4314] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[  239.512144][ T4314] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  239.696198][ T5349] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  239.721050][   T26] usb 7-1: USB disconnect, device number 8
[  239.847653][ T8301] fido_id[8301]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  239.888602][ T5349] usb 9-1: Using ep0 maxpacket: 32
[  239.902675][ T5349] usb 9-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  239.933822][ T5349] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.969055][ T5349] usb 9-1: Product: syz
[  239.973314][ T5349] usb 9-1: Manufacturer: syz
[  239.990111][ T5349] usb 9-1: SerialNumber: syz
[  240.002748][ T5349] usb 9-1: config 0 descriptor??
[  240.020942][ T5349] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  240.146315][    T7] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  240.199609][ T8311] loop7: detected capacity change from 0 to 4096
[  240.261453][ T8311] /dev/loop7: Can't open blockdev
[  240.342922][    T7] usb 1-1: config 0 has an invalid interface number: 168 but max is 0
[  240.374217][    T7] usb 1-1: config 0 has no interface number 0
[  240.396272][    T7] usb 1-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[  240.434212][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.479352][    T7] usb 1-1: config 0 descriptor??
[  240.695533][ T4283] Bluetooth: hci0: Unknown advertising packet type: 0x400
[  240.695680][ T4283] Bluetooth: hci0: Unknown advertising packet type: 0xa00
[  240.703826][ T4283] Bluetooth: hci0: Malformed LE Event: 0x0d
[  240.730021][    T7] usb 1-1: string descriptor 0 read error: -71
[  240.737330][    T7] usb-storage 1-1:0.168: USB Mass Storage device detected
[  240.758134][    T7] usb-storage 1-1:0.168: Quirks match for vid 05ab pid 0060: 2
[  240.801950][ T8328] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1086'.
[  240.811055][ T8328] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1086'.
[  240.822014][ T8328] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1086'.
[  240.876341][    T7] usb 1-1: USB disconnect, device number 12
[  240.896701][ T8328] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1086'.
[  241.233330][ T5349] gspca_ov534_9: reg_w failed -71
[  241.399405][ T8344] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  241.690206][ T5349] gspca_ov534_9: Unknown sensor 0000
[  241.690271][ T5349] ov534_9: probe of 9-1:0.0 failed with error -22
[  241.731245][ T5349] usb 9-1: USB disconnect, device number 7
[  241.906231][ T4315] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  242.106486][ T4315] usb 7-1: Using ep0 maxpacket: 8
[  242.113411][ T4315] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  242.142073][ T4315] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  242.182637][ T4315] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  242.213043][ T4315] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  242.241050][ T4315] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  242.273711][ T8364] loop7: detected capacity change from 0 to 8192
[  242.285858][ T4315] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  242.310407][ T4315] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.394764][ T4363] blk_print_req_error: 1 callbacks suppressed
[  242.394780][ T4363] I/O error, dev loop7, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  242.551479][ T4315] usb 7-1: GET_CAPABILITIES returned 0
[  242.557490][ T4315] usbtmc 7-1:16.0: can't read capabilities
[  242.760366][ T5349] usb 7-1: USB disconnect, device number 9
[  243.396480][    T7] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  243.596315][    T7] usb 8-1: Using ep0 maxpacket: 32
[  243.604668][    T7] usb 8-1: config 0 has an invalid interface number: 184 but max is 0
[  243.637829][    T7] usb 8-1: config 0 has no interface number 0
[  243.671851][    T7] usb 8-1: config 0 interface 184 has no altsetting 0
[  243.701681][    T7] usb 8-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  243.732662][ T8404] netlink: 'syz.6.1109': attribute type 1 has an invalid length.
[  243.757530][    T7] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.765659][    T7] usb 8-1: Product: syz
[  243.821218][    T7] usb 8-1: Manufacturer: syz
[  243.825856][    T7] usb 8-1: SerialNumber: syz
[  243.869034][    T7] usb 8-1: config 0 descriptor??
[  243.888703][    T7] smsc75xx v1.0.0
[  243.892376][    T7] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  243.990746][    T7] smsc75xx: probe of 8-1:0.184 failed with error -22
[  244.442655][    T7] usb 8-1: USB disconnect, device number 7
[  245.023362][ T8438] overlayfs: failed to clone lowerpath
[  245.070015][ T8416] loop8: detected capacity change from 0 to 32768
[  245.121568][ T8416] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop8 scanned by syz.8.1113 (8416)
[  245.147844][ T8440] loop1: detected capacity change from 0 to 256
[  245.223751][ T8416] BTRFS info (device loop8): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  245.259475][ T8440] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  245.312370][ T8416] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[  245.341553][ T8416] BTRFS info (device loop8): enabling auto defrag
[  245.400277][ T8416] BTRFS info (device loop8): use no compression
[  245.446355][ T8416] BTRFS info (device loop8): force clearing of disk cache
[  245.453577][ T8416] BTRFS info (device loop8): max_inline at 4096
[  245.500969][ T8416] BTRFS info (device loop8): disabling free space tree
[  245.528835][   T27] audit: type=1800 audit(1771622495.215:42): pid=8440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1121" name="file1" dev="loop1" ino=1048630 res=0 errno=0
[  245.811101][ T8475] netlink: 'syz.6.1127': attribute type 1 has an invalid length.
[  245.836330][ T8416] BTRFS info (device loop8): enabling ssd optimizations
[  245.854189][ T8416] BTRFS info (device loop8): rebuilding free space tree
[  245.940600][ T8483] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  246.034834][ T8483] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  246.070637][ T8483] bond1: (slave ip6gre1): making interface the new active one
[  246.120932][ T8416] BTRFS info (device loop8): disabling free space tree
[  246.130627][ T8416] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  246.133148][ T8483] bond1: (slave ip6gre1): Enslaving as an active interface with an up link
[  246.152035][ T8416] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  246.670297][ T6190] BTRFS info (device loop8): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  247.142328][ T8520] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1139'.
[  247.198805][ T8520] netlink: zone id is out of range
[  247.219843][ T8520] netlink: zone id is out of range
[  247.245511][ T8520] netlink: zone id is out of range
[  247.274783][ T8520] netlink: zone id is out of range
[  247.297190][ T8520] netlink: zone id is out of range
[  247.319241][ T8520] netlink: zone id is out of range
[  247.344854][ T8520] netlink: zone id is out of range
[  247.376362][ T4849] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  247.390041][ T8520] netlink: zone id is out of range
[  247.421236][ T8520] netlink: zone id is out of range
[  247.457759][ T8520] netlink: zone id is out of range
[  247.577920][ T4849] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  247.601201][ T4849] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  247.630774][ T4849] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  247.696175][ T4849] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  247.716242][ T4849] usb 8-1: SerialNumber: syz
[  247.952475][ T4849] usb 8-1: 0:2 : does not exist
[  247.975716][ T4849] usb 8-1: unit 5: unexpected type 0x09
[  248.027041][ T4849] usb 8-1: USB disconnect, device number 8
[  248.207494][ T8537] loop8: detected capacity change from 0 to 8192
[  248.282440][ T4363] udevd[4363]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  248.515458][ T8554] loop6: detected capacity change from 0 to 1024
[  248.548025][ T8554] EXT4-fs: Ignoring removed mblk_io_submit option
[  248.663370][ T8554] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  248.827360][ T8554] ==================================================================
[  248.835508][ T8554] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x965/0x1e90
[  248.843287][ T8554] Read of size 18446744073709551588 at addr ffff888073b3f840 by task syz.6.1147/8554
[  248.852788][ T8554] 
[  248.855168][ T8554] CPU: 1 PID: 8554 Comm: syz.6.1147 Not tainted syzkaller #0
[  248.862585][ T8554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  248.872782][ T8554] Call Trace:
[  248.876112][ T8554]  <TASK>
[  248.879085][ T8554]  dump_stack_lvl+0x188/0x24e
[  248.883814][ T8554]  ? __lock_acquire+0x7d10/0x7d10
[  248.888884][ T8554]  ? show_regs_print_info+0x12/0x12
[  248.894224][ T8554]  ? load_image+0x400/0x400
[  248.898775][ T8554]  ? _raw_spin_lock_irqsave+0xbc/0x100
[  248.904279][ T8554]  ? __virt_addr_valid+0x188/0x540
[  248.909448][ T8554]  ? __virt_addr_valid+0x465/0x540
[  248.914607][ T8554]  ? ext4_xattr_set_entry+0x965/0x1e90
[  248.920118][ T8554]  print_report+0xa8/0x210
[  248.924589][ T8554]  kasan_report+0x10b/0x140
[  248.929156][ T8554]  ? ext4_xattr_set_entry+0x965/0x1e90
[  248.934670][ T8554]  ? ext4_xattr_set_entry+0x965/0x1e90
[  248.940170][ T8554]  kasan_check_range+0x235/0x290
[  248.945163][ T8554]  ? ext4_xattr_set_entry+0x965/0x1e90
[  248.950679][ T8554]  memmove+0x25/0x60
[  248.954613][ T8554]  ext4_xattr_set_entry+0x965/0x1e90
[  248.959959][ T8554]  ext4_xattr_block_set+0xae4/0x32b0
[  248.965298][ T8554]  ? ext4_destroy_inode+0x200/0x200
[  248.970561][ T8554]  ? proc_nr_inodes+0x2f0/0x2f0
[  248.975489][ T8554]  ? _raw_spin_unlock+0x24/0x40
[  248.975516][ T8554]  ? iput+0x768/0x980
[  248.975544][ T8554]  ? ext4_xattr_block_find+0x2b0/0x2b0
[  248.975574][ T8554]  ? ext4_xattr_ibody_set+0x509/0x690
[  248.975606][ T8554]  ext4_xattr_set_handle+0x1338/0x1570
[  248.975650][ T8554]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  248.975687][ T8554]  ext4_xattr_set+0x242/0x320
[  248.975719][ T8554]  ? ext4_xattr_set_credits+0x290/0x290
[  248.975746][ T8554]  ? posix_xattr_acl+0x8f/0xb0
[  248.975773][ T8554]  ? evm_protect_xattr+0x333/0x9d0
[  248.975801][ T8554]  ? ext4_xattr_trusted_get+0x40/0x40
[  248.975832][ T8554]  __vfs_setxattr+0x3e0/0x420
[  248.975866][ T8554]  __vfs_setxattr_noperm+0x129/0x5e0
[  248.975898][ T8554]  vfs_setxattr+0x167/0x2e0
[  248.975929][ T8554]  ? xattr_permission+0x500/0x500
[  248.975958][ T8554]  ? _copy_from_user+0x10b/0x170
[  248.975985][ T8554]  ? setxattr+0x2ce/0x360
[  248.976016][ T8554]  setxattr+0x346/0x360
[  248.976048][ T8554]  ? path_setxattr+0x290/0x290
[  248.976090][ T8554]  ? __mnt_want_write+0x21f/0x2a0
[  248.976125][ T8554]  path_setxattr+0x147/0x290
[  248.976154][ T8554]  ? simple_xattr_list_add+0xf0/0xf0
[  248.976185][ T8554]  ? lock_chain_count+0x20/0x20
[  248.976218][ T8554]  __x64_sys_lsetxattr+0xb4/0xd0
[  248.976249][ T8554]  do_syscall_64+0x4c/0xa0
[  248.976277][ T8554]  ? clear_bhb_loop+0x60/0xb0
[  248.976301][ T8554]  ? clear_bhb_loop+0x60/0xb0
[  248.976326][ T8554]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  248.976351][ T8554] RIP: 0033:0x7f3efcb9c629
[  248.976382][ T8554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  248.976402][ T8554] RSP: 002b:00007f3efda94028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  248.976427][ T8554] RAX: ffffffffffffffda RBX: 00007f3efce15fa0 RCX: 00007f3efcb9c629
[  248.976442][ T8554] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0
[  248.976459][ T8554] RBP: 00007f3efcc32b39 R08: 0000000000000000 R09: 0000000000000000
[  248.976473][ T8554] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  248.976486][ T8554] R13: 00007f3efce16038 R14: 00007f3efce15fa0 R15: 00007ffd05448758
[  248.976508][ T8554]  </TASK>
[  248.976515][ T8554] 
[  248.976525][ T8554] Allocated by task 8554:
[  248.976535][ T8554]  kasan_set_track+0x4b/0x70
[  248.976574][ T8554]  __kasan_kmalloc+0x8e/0xa0
[  248.976599][ T8554]  __kmalloc_node_track_caller+0xae/0x230
[  248.976634][ T8554]  kmemdup+0x27/0x60
[  248.976661][ T8554]  ext4_xattr_block_set+0x9e6/0x32b0
[  248.976687][ T8554]  ext4_xattr_set_handle+0x1338/0x1570
[  248.976713][ T8554]  ext4_xattr_set+0x242/0x320
[  248.976736][ T8554]  __vfs_setxattr+0x3e0/0x420
[  248.976760][ T8554]  __vfs_setxattr_noperm+0x129/0x5e0
[  248.976784][ T8554]  vfs_setxattr+0x167/0x2e0
[  248.976807][ T8554]  setxattr+0x346/0x360
[  248.976832][ T8554]  path_setxattr+0x147/0x290
[  248.976859][ T8554]  __x64_sys_lsetxattr+0xb4/0xd0
[  248.976884][ T8554]  do_syscall_64+0x4c/0xa0
[  248.976909][ T8554]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  248.976931][ T8554] 
[  248.976935][ T8554] The buggy address belongs to the object at ffff888073b3f800
[  248.976935][ T8554]  which belongs to the cache kmalloc-1k of size 1024
[  248.976952][ T8554] The buggy address is located 64 bytes inside of
[  248.976952][ T8554]  1024-byte region [ffff888073b3f800, ffff888073b3fc00)
[  248.976971][ T8554] 
[  248.976975][ T8554] The buggy address belongs to the physical page:
[  248.976990][ T8554] page:ffffea0001cece00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x73b38
[  248.977012][ T8554] head:ffffea0001cece00 order:3 compound_mapcount:0 compound_pincount:0
[  248.977028][ T8554] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  248.977068][ T8554] raw: 00fff00000010200 0000000000000000 dead000000000001 ffff888017441dc0
[  248.977086][ T8554] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  248.977096][ T8554] page dumped because: kasan: bad access detected
[  248.977139][ T8554] page_owner tracks the page as allocated
[  248.977146][ T8554] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4363, tgid 4363 (udevd), ts 80408673846, free_ts 80358535059
[  248.977183][ T8554]  post_alloc_hook+0x173/0x1a0
[  248.977210][ T8554]  get_page_from_freelist+0x1a1e/0x1ab0
[  248.977240][ T8554]  __alloc_pages+0x1ec/0x4f0
[  248.977267][ T8554]  alloc_slab_page+0x5d/0x160
[  248.977290][ T8554]  new_slab+0x87/0x2c0
[  248.977312][ T8554]  ___slab_alloc+0xbc6/0x1240
[  248.977332][ T8554]  __kmem_cache_alloc_node+0x1a0/0x260
[  248.977352][ T8554]  __kmalloc_node_track_caller+0x9e/0x230
[  248.977381][ T8554]  __alloc_skb+0x22a/0x7e0
[  248.977407][ T8554]  netlink_sendmsg+0x654/0xbd0
[  248.977434][ T8554]  ____sys_sendmsg+0x5be/0x970
[  248.977461][ T8554]  ___sys_sendmsg+0x2a2/0x360
[  248.977489][ T8554]  __se_sys_sendmsg+0x1bb/0x2a0
[  248.977517][ T8554]  do_syscall_64+0x4c/0xa0
[  248.977542][ T8554]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  248.977565][ T8554] page last free stack trace:
[  248.977571][ T8554]  free_unref_page_prepare+0x8b4/0x9a0
[  248.977599][ T8554]  free_unref_page+0x2e/0x3f0
[  248.977635][ T8554]  qlist_free_all+0x76/0xe0
[  248.977655][ T8554]  kasan_quarantine_reduce+0x144/0x160
[  248.977674][ T8554]  __kasan_slab_alloc+0x1e/0x80
[  248.977700][ T8554]  slab_post_alloc_hook+0x4b/0x480
[  248.977719][ T8554]  __kmem_cache_alloc_node+0x140/0x260
[  248.977737][ T8554]  __kmalloc_node+0xa0/0x240
[  248.977765][ T8554]  kvmalloc_node+0x6c/0x180
[  248.977793][ T8554]  seq_read_iter+0x1f6/0xd50
[  248.977814][ T8554]  vfs_read+0x4a7/0xa00
[  248.977840][ T8554]  ksys_read+0x14c/0x250
[  248.977866][ T8554]  do_syscall_64+0x4c/0xa0
[  248.977891][ T8554]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  248.977914][ T8554] 
[  248.977918][ T8554] Memory state around the buggy address:
[  248.977929][ T8554]  ffff888073b3f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  248.977943][ T8554]  ffff888073b3f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  248.977957][ T8554] >ffff888073b3f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  248.977968][ T8554]                                            ^
[  248.977979][ T8554]  ffff888073b3f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  248.977993][ T8554]  ffff888073b3f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  248.978004][ T8554] ==================================================================
[  249.235259][ T8554] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  249.235276][ T8554] CPU: 0 PID: 8554 Comm: syz.6.1147 Not tainted syzkaller #0
[  249.235298][ T8554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  249.235310][ T8554] Call Trace:
[  249.235317][ T8554]  <TASK>
[  249.235325][ T8554]  dump_stack_lvl+0x188/0x24e
[  249.235358][ T8554]  ? memcpy+0x3c/0x60
[  249.235378][ T8554]  ? show_regs_print_info+0x12/0x12
[  249.235425][ T8554]  ? load_image+0x400/0x400
[  249.235453][ T8554]  panic+0x2e5/0x730
[  249.235471][ T8554]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  249.235500][ T8554]  ? bpf_jit_dump+0xd0/0xd0
[  249.235522][ T8554]  ? _raw_spin_unlock_irqrestore+0x10d/0x120
[  249.235543][ T8554]  ? _raw_spin_unlock+0x40/0x40
[  249.235566][ T8554]  check_panic_on_warn+0x80/0xa0
[  249.235591][ T8554]  ? ext4_xattr_set_entry+0x965/0x1e90
[  249.235618][ T8554]  end_report+0x66/0x110
[  249.235646][ T8554]  kasan_report+0x118/0x140
[  249.235676][ T8554]  ? ext4_xattr_set_entry+0x965/0x1e90
[  249.235705][ T8554]  ? ext4_xattr_set_entry+0x965/0x1e90
[  249.235733][ T8554]  kasan_check_range+0x235/0x290
[  249.235762][ T8554]  ? ext4_xattr_set_entry+0x965/0x1e90
[  249.235789][ T8554]  memmove+0x25/0x60
[  249.235809][ T8554]  ext4_xattr_set_entry+0x965/0x1e90
[  249.235846][ T8554]  ext4_xattr_block_set+0xae4/0x32b0
[  249.235883][ T8554]  ? ext4_destroy_inode+0x200/0x200
[  249.235912][ T8554]  ? proc_nr_inodes+0x2f0/0x2f0
[  249.235941][ T8554]  ? _raw_spin_unlock+0x24/0x40
[  249.235961][ T8554]  ? iput+0x768/0x980
[  249.235985][ T8554]  ? ext4_xattr_block_find+0x2b0/0x2b0
[  249.236012][ T8554]  ? ext4_xattr_ibody_set+0x509/0x690
[  249.236043][ T8554]  ext4_xattr_set_handle+0x1338/0x1570
[  249.236079][ T8554]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  249.236118][ T8554]  ext4_xattr_set+0x242/0x320
[  249.236149][ T8554]  ? ext4_xattr_set_credits+0x290/0x290
[  249.236176][ T8554]  ? posix_xattr_acl+0x8f/0xb0
[  249.236203][ T8554]  ? evm_protect_xattr+0x333/0x9d0
[  249.236231][ T8554]  ? ext4_xattr_trusted_get+0x40/0x40
[  249.236260][ T8554]  __vfs_setxattr+0x3e0/0x420
[  249.236292][ T8554]  __vfs_setxattr_noperm+0x129/0x5e0
[  249.236323][ T8554]  vfs_setxattr+0x167/0x2e0
[  249.236353][ T8554]  ? xattr_permission+0x500/0x500
[  249.236382][ T8554]  ? _copy_from_user+0x10b/0x170
[  249.236409][ T8554]  ? setxattr+0x2ce/0x360
[  249.236439][ T8554]  setxattr+0x346/0x360
[  249.236470][ T8554]  ? path_setxattr+0x290/0x290
[  249.236510][ T8554]  ? __mnt_want_write+0x21f/0x2a0
[  249.236559][ T8554]  path_setxattr+0x147/0x290
[  249.236588][ T8554]  ? simple_xattr_list_add+0xf0/0xf0
[  249.236628][ T8554]  ? lock_chain_count+0x20/0x20
[  249.236656][ T8554]  __x64_sys_lsetxattr+0xb4/0xd0
[  249.236683][ T8554]  do_syscall_64+0x4c/0xa0
[  249.236722][ T8554]  ? clear_bhb_loop+0x60/0xb0
[  249.236744][ T8554]  ? clear_bhb_loop+0x60/0xb0
[  249.236767][ T8554]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  249.236789][ T8554] RIP: 0033:0x7f3efcb9c629
[  249.236806][ T8554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  249.236822][ T8554] RSP: 002b:00007f3efda94028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  249.236843][ T8554] RAX: ffffffffffffffda RBX: 00007f3efce15fa0 RCX: 00007f3efcb9c629
[  249.236864][ T8554] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0
[  249.236878][ T8554] RBP: 00007f3efcc32b39 R08: 0000000000000000 R09: 0000000000000000
[  249.236891][ T8554] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  249.236902][ T8554] R13: 00007f3efce16038 R14: 00007f3efce15fa0 R15: 00007ffd05448758
[  249.236924][ T8554]  </TASK>
[  249.237498][ T8554] Kernel Offset: disabled
[  250.186323][ T8554] Rebooting in 86400 seconds..