last executing test programs:

18m18.694714595s ago: executing program 2 (id=430):
mbind(&(0x7f0000004000/0x2000)=nil, 0x2000, 0x1, &(0x7f0000000340), 0x3, 0xa)

18m17.782242722s ago: executing program 2 (id=433):
socket$qrtr(0x2a, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
close(r2)
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})
pread64(r1, &(0x7f0000002840)=""/4096, 0x1000, 0x100000001)
unshare(0x20000400)

18m16.674402285s ago: executing program 2 (id=437):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCGETA(0xffffffffffffffff, 0x8926, &(0x7f00000029c0))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000bc0)='f', 0x1, 0xfffffffffffffffb)
pipe2$watch_queue(&(0x7f0000000600)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r6, 0x5760, 0x1f)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r6, 0x100000000000f7)
keyctl$revoke(0x3, r5)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e21, 0x679, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}, 0x1c)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)

18m15.733165646s ago: executing program 2 (id=438):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x102)

18m13.592672402s ago: executing program 2 (id=444):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
write$binfmt_misc(r0, &(0x7f0000000240), 0xfffffecc)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)

18m12.485536105s ago: executing program 2 (id=448):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d05000500020000000500010006"], 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)

17m56.071512409s ago: executing program 32 (id=448):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d05000500020000000500010006"], 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)

15m46.47520367s ago: executing program 4 (id=747):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x50009405, &(0x7f0000000180))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000300)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)

15m45.256692156s ago: executing program 4 (id=748):
r0 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendfile(r0, r0, &(0x7f0000001000), 0xffff)

15m44.44976633s ago: executing program 4 (id=753):
openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x15, 0x80005, 0x0)
preadv2(r0, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x100000}], 0xc4, 0x0, 0x0, 0x9)

15m42.34039995s ago: executing program 4 (id=755):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
unshare(0x480)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
syz_mount_image$btrfs(&(0x7f00000004c0), &(0x7f00000015c0)='./file0\x00', 0x10, &(0x7f0000000180)={[{@clear_cache}, {@user_subvol_rm}, {@nodiscard}, {@noautodefrag}, {@autodefrag}, {@autodefrag}, {@max_inline={'max_inline', 0x3d, [0x7, 0x32, 0x38, 0x2d, 0x32, 0x36, 0x78, 0x2d, 0x2d, 0x37]}}, {@space_cache}]}, 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000080)='./file0\x00')
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
creat(0x0, 0x0)
r1 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
fsync(r1)

15m41.217059204s ago: executing program 4 (id=761):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0xcf7, 0x80, 0x14, 0x154}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x6000, @fd_index=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

15m37.82450879s ago: executing program 4 (id=768):
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000100)='./file2\x00', 0x1000b, &(0x7f00000000c0)=ANY=[], 0x21, 0x1c5, &(0x7f00000002c0)="$eJzsVU+rUkEU/42OV2tRrSNwkZQt0uu1ok3kKvwAbaNEbyZd++MVShG6rfwebfwaLdq3CQqCNrWooIXRNowzc8bmPQXf0+f7A/OD62/O35kzR848ip/HAPB3OmqiBgUPZ/BZCEgAeaF1d7Kaf3qaSyx/l5qvsP4N84wRD4aPG1EU9ra4WG5L6YNgPxnJf7fpw/Te2WV5hFyd8BPl227xmy/EGhe1coFEJz0OBR7S4n7alEzFb5rwz0EdLI81+y730GUsdjl3VP95sWj6L95+ncIvVfHH6ahJiwc8pUjX0p+wfaib7yyf81J9Io3Z3IeGHwmXAZT73WfleDC82uk22mE7fBIE1Rv+Nd+/HpQfdqLQ17/C2sKMKOLarSxopp6y7BkAX3jAnoaFH3pbczS2CzuW5vCMh3TxInYgZcUaFng7j+Uw0BXcxSVQS18kwtIWVBYJVVIdAmkl8NB/xdei98opr1LzadQaQ6j9VNgEUufIzF0lPFgCuVVvJkY1Zi4w15knzF+ZzZtl3iKpMnxjqZjQjb5s9Pu9iveeQyr06ild4BlrcC6xL4x2/c05THEXsnBwcHBwcHBwOGH4FwAA//+74FHW")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000000)=""/48, 0x30)

15m37.399580574s ago: executing program 33 (id=768):
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000100)='./file2\x00', 0x1000b, &(0x7f00000000c0)=ANY=[], 0x21, 0x1c5, &(0x7f00000002c0)="$eJzsVU+rUkEU/42OV2tRrSNwkZQt0uu1ok3kKvwAbaNEbyZd++MVShG6rfwebfwaLdq3CQqCNrWooIXRNowzc8bmPQXf0+f7A/OD62/O35kzR848ip/HAPB3OmqiBgUPZ/BZCEgAeaF1d7Kaf3qaSyx/l5qvsP4N84wRD4aPG1EU9ra4WG5L6YNgPxnJf7fpw/Te2WV5hFyd8BPl227xmy/EGhe1coFEJz0OBR7S4n7alEzFb5rwz0EdLI81+y730GUsdjl3VP95sWj6L95+ncIvVfHH6ahJiwc8pUjX0p+wfaib7yyf81J9Io3Z3IeGHwmXAZT73WfleDC82uk22mE7fBIE1Rv+Nd+/HpQfdqLQ17/C2sKMKOLarSxopp6y7BkAX3jAnoaFH3pbczS2CzuW5vCMh3TxInYgZcUaFng7j+Uw0BXcxSVQS18kwtIWVBYJVVIdAmkl8NB/xdei98opr1LzadQaQ6j9VNgEUufIzF0lPFgCuVVvJkY1Zi4w15knzF+ZzZtl3iKpMnxjqZjQjb5s9Pu9iveeQyr06ild4BlrcC6xL4x2/c05THEXsnBwcHBwcHBwOGH4FwAA//+74FHW")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000000)=""/48, 0x30)

11m39.693480872s ago: executing program 0 (id=1232):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000400)={0xa, 0x4e20, 0x0, @mcast1, 0x1}, 0x1c)
r3 = syz_open_procfs(0x0, &(0x7f0000000600)='net/udp6\x00')
read$FUSE(r3, &(0x7f0000004500)={0x2020}, 0x2020)

11m39.347315666s ago: executing program 0 (id=1233):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}}, &(0x7f00000000c0)='syzkaller\x00'}, 0x94)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f00000002c0)={0x9, {"a2e3ad214fc752f91b2538f70e06d038e7ff7fc6e5539b325d078b089b3b083872090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31340d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f00080470ff004002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73580200000000000000f799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f020000000000000065483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c989d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b32749e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a35ddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
ioctl$VT_RELDISP(r1, 0x5605)

11m37.52049626s ago: executing program 0 (id=1237):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x50009405, &(0x7f0000000180))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000300)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)

11m34.608666093s ago: executing program 0 (id=1239):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000180)={[{@namecase}, {@time_offset={'time_offset', 0x3d, 0x4}}, {@dmask={'dmask', 0x3d, 0x400045}}, {@time_offset={'time_offset', 0x3d, 0x6}}, {@errors_remount}, {@discard}, {@allow_utime={'allow_utime', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {@namecase}, {@allow_utime={'allow_utime', 0x3d, 0x85}}]}, 0x1, 0x153b, &(0x7f0000001f80)="$eJzs3AucTlXXAPC19t5nDImnSS7D3nsdnuSyTZLkkiSXJEmSJLeEpEleSUgMIUlDEpLLkMQQksvEpHG/3y8JSdIkSUhuyf5+E37qrb73/b73/fL+vln/3+/87DXnrH3WedZznuecg/m269BaTWpXb0RE8C/BC38kAUAsAAwEgLwAEABA+bjycYAB5JSY9K/thP17PZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/x1z/+Bn///x+Hv//9HMsuM/XJNmeu6AcT8sync/+yN+///VvDPbMT9z964/9lV7JUugP0H4PM/O8jxp2u4/9kb95+x7OxKP3++0gtE/sNegyM5LzTmrzp+xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsL3DaX6YA4NL4StfFGGOMMcYYY4yxfx+f40pXwBhjjDHGGGOMsf97CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgPGsD90BAegEbwIDSGh6AJPAxN4RFoBs2hBbSEVv+r/OehJ7wAvaA3JEEf6AsvQj/oDwPgJRgIL8MgeAUGw6uQDENgKLwGw+B1GA5vwAgYCaPgTRgNb8EYGAvjYDykwASYCG/DJHgHJsO7MAWmQipMg+nwHsyAmTAL3ofZ8AHMgbkwD+ZDGnwIC2AhpMNHsAg+hgxYDEtgKSyD5bACVsIqWA1rYC2sg/WwATbCJtgMW2ArbIPtsAM+gZ3wKeyC3bAHPoO98Pmv8gGSfunnf5d/6u/yuyEgoECBChXGYAzGYizmwlyYG3NjHsyDEYxgHMZhPsyH+TE/FsSCGI/xWASLoEGDhIRFsShGMYrFsTiWwBJYCkuhQ4cJmIBl8SYsh+WwPJbHClgBK2IlrIRVsApWxapYDathdayONbAG1sJaeBfehX2wLtbFelgP62P9S4+nsBE2wsbYGJtgE2yKTbEZNsMW2AJbYStsja2xDbbBdtgO22N77IAdMBETsSN2xE7YCTtjZ+yCXbArdsVu2B27Zz6fA/AFfAF7Yw3RB/tiX+yHyTkG4Ev4Er6Mg/AVfAVfxWQcgkPxNXwNX8fheBJH4EgchaOwqngLx+BYJDEeUzAFJ+JEnISTMKvQd3EqpuI0nI7TcQbOxJn4Ps7GD/ADnItzcT6mYRouwIWYjum4CE9hBi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+gAsBPcTfuxmTci3txH+7D/bgfD+ABzMRMPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hs/NeNPym5OhlEFiWUiBExIlbEilwil8gtcos8Io+IiIiIE3Ein8gn8ov8oqAoKOJFvCgiiggjjCARxgCAiIqoKC6KixKihCglSgknnEgQCaKsKCvKiXKivLhFVBC3ioqikmjrqogqoqpo56qJO0R1UV3UEDVFLVFb1BZ1RB1RV9QV9UQ9UV/UFw3E/aKh6IMD8EGR1ZkmYgg2FUOxmWgu5MVPsNZiOLYRbUU78bgYiSOwg2jtEsVToqMYg53E38RYfEZ0EeOxq3hOdBPdRQ/xvOgp2rheoreYjH1EXzEV+4n+YoB4SczAmuJ9nJ2zlnhVJIshYqh4TczH18Vw8YYYIUaKUeJNMVq8JcaIsWKcGC9SxAQxUbwtJol3xGTxrpgipopUMU1MF++JGWKmmCXeF7PFB2KOmCvmifkiTXwoFoiFIl18JBaJj0WGWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIT8RO8anYJXaLPeIzsVd8LvaJL8R+8aU4IL4SmeJrcVB8Iw6Jb8Vh8Z04Ir4XR8UxcVz8IE6IH8VJcUqcFmfEWfGTOCd+FueFFyBRCimlkoGMkTlkrMwpc8mrZG4ZXHx1r5Fx8lqZT14n88sCsqAsJONlYVlEammklSRDWVQWk1F5vSwub5AlZElZSpaWTpaRCfJGWVbeJMvJm2V5eYusIG+VFWUlWVlWkbfJqvJ2CZEL+6gha8pasra8SybB3bKuvEfWk/fK+vI+2UDeLxvKB2Qj+aBsLB+STeTDsql8RDaTzWUL2VK2ko/K1vIx2Ua2le3k47K9fEJ2kE/KRPmU7Cj9xbfIM7KLfFZ2lc/JbrK77CF/luell71kbwl9QPaVL8p+sr8cEAsA8mU5SL4iB8tXZbIcIofK1+Qw+bocLt+QI+RIOUq+KUfLt+QYOVaOk+NlipwgJ8q35ST5jpws35VT5FSZKqfJAXLgLzPNkvIf5r/9B/mDf9n7RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tzF1wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vvmFUKVVaOVVGJagb/yf5qri6QZVQJX+Tf6m+pD+pr5VqpVqr1qqNaqPaqXaqvWqvOqgOKlElqo6qo+qkOqnOqrPqorqorqqr6qa6qR6qh+qpeqpeqpdKUkmqr3pR9VP91QD1khqoXlaD1CA1WA1WySpZDVVD1TA1TA1Xw9UINUKNUqPUaDVajVFj1Dg1TqWoFDVRTVST1CQ1WU1WU9QUlapS1XQ1Xc1QM9QsNUvNVrPVHDVHzVPzVJpKUwvUApWu0tUitUhlqMVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpQm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVqTLVQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+ezLvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcF+QPCgQFg0JBfFA4KBLowAQ2EBebHg2uD4oHNwQlgpJBqaB04IIyQUJwY1A2uCkoF9wclA9uCSoEtwYVg0pB5aBKcFtQNbg9qBbcEVQP7gxqBDWDWkHt4K6gTnB3UDe4J6gX3BvUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjQPWgQtg1b/4vxZp/zl+b0/WeAx10v31km6j+6rX9T9dH89QL+kB+qX9SD9ih6sX9XJeogeql/Tw/Trerh+Q4/QI/Uo/aYerd/SY/RYPU6P1yl6gp6o39aT9Dt6sn5XT9FTdaqepqfr9/QMPVPP0u/r2foDPUfP1fP0fJ2mP9QL9EKdrj/Si/THOkMv1kv0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/Qneqf+VO/Su/Ue/Zneqz/X+/QXer/+Uh/QX+lM/bU+qL/Rh/S3+rD+Th/R3+uj+pg+rn/QJ/SP+qQ+pU/rM/qs/kmf0z/r89pnXdxnfb0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSafyWfym/ymoClo4k28KWKKmCxkyBQ1RU3URE1xU9yUMCVMKVPKOONMgkkwZU1ZU86UM+VNeVPBVDAVTUVT2VQ2t5nbzO3mdnOHucPcae40NU1NU9vUNnVMHVPX1DX1TD1T39Q3DUwD09A0NI1MI9PYNDZNTBPT1DQ1zUwz08K0MK1MK9PatDZtTBvTzrQz7U1708F0MIkm0XQ0HU0n08l0Np1NF9PFdDVdTTfTzfQwPUxP09P0Mr1MkkkyfU1f08/0MwPMADPQDDSDzCAz2Aw2ySbZDDVDzTAzzAw3w80IM9KMyrpQNW+ZMWasGWfGmxSTYiaaiWaSmWQmm8lmipliUk2qmW6mmxlmhpllZpnZZraZY+aYeWaeSTNpZoFZYNJNullkFpkMk2GWmCVmmVlmVpgVZpVZZdaYNWYdrDMbzAazyWwyW8wWs81sMzvMDrPT7DS7zC6zx+wxe81es8/sM/vNfnPAHDCZJtMcNAfNIXPIHDaHzRFzxBw1R81xc9ycMCfMSXPSnDanzVlT4OL3pTexNqfNZa+yue3VNo/Na/8+LmgL2Xhb2Bax2ua3BX4TG2ttCVvSlrKlrbNlbIK98XdxRVvJVrZV7G22qr3dVvtdXMfebevae2w9e6+tbe/6TVzf3mcb2IdtQ0QA29w2ti1tE/uwbWofsc1sc9vCtrTt7RO2g33SJtqnbEf79O/iBXahXWVX2zV2rd1ld9vT9ow9ZL+1Z+1PtpftbQfal+0g+4odbF+1yXbI7+JR9k072r5lx9ixdpwd/7t4ip1qU+00O92+Z2fYmb+L0+yHdrZNt3PsXDvPzv8lzqop3X5kF9mPbYYNYIldapfZ5XaFXXmpVp/Xrrcb7Ea7035qt9itdpvdbndcuhC2u+0e+5ndaz+3B+03dr/90h6wh22m/fqXOOv4Dtvv7BH7vT1qj9nj9gd7wv6oLmVnHfsP9md73noLhAQkSVFAMZSDYikn5aKrKDddTXkoL0XoGoqjaykfXUf5qQAVpEIUT4WpCGkyZIkopKJUjKJ0PV0qrxSVJkdlKIFupLJ0E5Wjm6k83UIV6FaqSJWoMlWh26gq3U7V6A6qTndSDapJtag23UV16G6qS/dQPbqX6tN91IDup4b0ADWiB6kxPURN6GFqSo9QM2pOLagltaJHqTU9Rm2oLbWjx6k9PUEd6ElKpKeoIz1Nnehv1JmeoS70LHWl56gbdace9Dz1pBeoF/WmJOpDfelF6kf9aQC9RAPpZRpEr9BgepWSaQgNpddoGL1Ow+kNGkEjaRS9SaPpLRpDY2kcjacUmkAT6W2aRO/QZHqXptBUSqVpNJ3eoxk0k2bR+zSbPqA5NJfm0XxKow9pAS2kdPqIFtHHlEGLaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtAntJM+pV20m/bQZ7SXPqd99AXtpy/pAH1FmfQ1HaRv6BB9S4fpO9+bvqejdIyO0w90gn6kk3SKTtMZOks/0Tn6mc6TJwgxFKEMVRiEMWGOMDbMGeYKrwpzh1eHecK8YSS8JowLrw3zhdeF+cMCYcGwUBgfFg6LhDo0oQ0pDMOiYbEwGl4fFg9vCEuEJcNSYenQhWXChPDGsGx4U1guvDksH94SVghvDSuGlcKH760S3hZWDW8Pq4V3hNXDO8MaYc2wVlg7vCusE94d1g3vCeuF94blwvvCBuH9YcPwgbBR+GDYOHwobBI+HDYNHwmbhc3DFmHLsFX4aNg6fCxsE7YN24WPh+3DJ8IO4ZNhYvhU2DF8+pf19y388/VJYZ+wb/hi+GLo/T1yXnR+NC36YXRBdGE0PfpRdFH042hGdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3Rj1PvaOcChE0465QIX43K4WJfT5XJXudzuapfH5XURd42Lc9e6fO46l98VcAVdIRfvCrsiTjvjrCMXuqKumIu6611xd4Mr4Uq6Uq60c66MS3AtXSvXyrV2j7k2rq1r5x53j7sn3BPuSfeke8p1dE+7Tu5vrrN7xnVxz7pn3XOum+vuerjnXU83Ic+FczLJ9XV9XT/Xzw1wA9xAN9ANcoPcYDfYJbtkN9QNdcPcMDfcDXcj3Ag3yo1yo91oN8aNcePcOJfiUtxEN9FNcpPcZDfZTXFTXKpLddPddDfDzXBVZ17Yyxw3x81z81yaS3MLXNY1Y7pb5Ba5DJfhlrglbplb5la4FW6VW+XWuDVunVvnNrgNbpPb5La4LW6b2+Z2uB1up9vpdvm8FyZ1e90+t8/td/vdAfeVy3Rfu4PuG3fIfesOu+/cEfe9O+qOuePuB3fC/ehOulPutDvjzrqf3Dn3szvvvEuJTIhMjLwdmRR5JzI58m5kSmRqJDUyLTI98l5kRmRmZFbk/cjsyAeROZG5kXmR+ZG0yIeRBZGFkfTIR5FFkY8jGZHFkSWRpZFlkeUR7wtvCX1RX8xH/fW+uL/Bl/AlfSlf2jtfxif4G31Zf5Mv52/25f0tvoK/1Vf0lXxl/4hv5pv7Fr6lb+Uf9a39Y76Nb+vb+cd9e/+E7+Cf9In+Kd/RP+07+b/5zv4Z38U/67v653w339338M/7nv4F38v39km+j+/rX/T9fH8/wL/kB/qX/SD/ih/sX/XJfogf6l/zw/zrfrh/w4/wI/2omDf96Eu3yDDep/gJfqJ/20/y7/jJ/l0/xU/1qX6an+7f8zP8TD/Lv+9n+w/8HD/Xz/PzfZr/0C/wC326/8gv8h/7DL/40kNlv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8dr/Df+J3+k/9Lr/b7/Gf+b3+c7/Pf+H3+y/9Af+Vz/Rf+4P+G3/If+sP++/8Ef+9P+qP+eP+B3/C/+hP+lP+tD/jz/qf/Dn/sz/P/2eNMcYYY+yfMuHyUPx2zYXH+X3+IEf8auO+AHD11kKZv16fdUW5Lv+FcX8R3z4CAE/17vrgpaVGjaSkpIvbZkgIis0FuPQ3QVli4HK8GNrBE5AIbaHsH9bfX3Q/S/9g/ugtALl+lRMLl+PL838BgEl/MP+jj49aUCE8HfffzD8XoESxyzk54XK8GNr98nylLZT7k/oLtP6T+vHi/Dm/TAFo86uc3HA5vlx/AjwGT0Pib7ZkjDHGGGOMMcYu6C8qd750/3npX3z+0f15vLqckwMux//o/pwxxhhjjDHGGGNX3jPdezz5aGJi287/80G1/1XWPz1oCv9XM/PgDwfeA1z6iQKAf3FCgKyB/CuPYvNfsq/ki6fO369adsYH8J/Ryn/H4Ap/MDHGGGOMMcb+7S5f9P/25+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVDf8WvE7vSx8gYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xdaf8VAAD//3aq+3A=")
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)='devpts\x00', 0x2, 0x0)

11m31.628522086s ago: executing program 0 (id=1248):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x50009405, &(0x7f0000000180))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000300)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)

11m31.451024959s ago: executing program 0 (id=1249):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x101, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x0, @raw_data="c1274db0dc69dd9fd2190917f980dbb0f99a9e877832677b78ff422b794a5e426224c7c1691c13ec9872cbd4b14a4aa95f8c02a824e693fe9b7bcf879070a4af0068111374469d906b55feec9f03f27cbfae90947701ba67495b1e374c7d45fd8c97cfaebcb4221613e899bfd0aab27f5586330e541ba32a2cd0dc78f12cf20b76aeb24ac66074693e6bce6d0a351e315d4f750fc4c9fca21b7475783050245f609d110da76aecded17cb5acbffaa0b0480f57a228fb4d3ab8829df7e837e3d6d015b6637afc4537"})

11m29.700234243s ago: executing program 34 (id=1249):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x101, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x0, @raw_data="c1274db0dc69dd9fd2190917f980dbb0f99a9e877832677b78ff422b794a5e426224c7c1691c13ec9872cbd4b14a4aa95f8c02a824e693fe9b7bcf879070a4af0068111374469d906b55feec9f03f27cbfae90947701ba67495b1e374c7d45fd8c97cfaebcb4221613e899bfd0aab27f5586330e541ba32a2cd0dc78f12cf20b76aeb24ac66074693e6bce6d0a351e315d4f750fc4c9fca21b7475783050245f609d110da76aecded17cb5acbffaa0b0480f57a228fb4d3ab8829df7e837e3d6d015b6637afc4537"})

17.888956826s ago: executing program 5 (id=2468):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44004)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20000023893)
shutdown(r3, 0x2)

13.719319141s ago: executing program 5 (id=2474):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r4, &(0x7f00000001c0), 0x0}, 0x20)

13.420583269s ago: executing program 1 (id=2475):
syz_emit_ethernet(0x87, &(0x7f0000000180)=ANY=[@ANYBLOB="ffff5f2624e908b2e6"], 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x122, 0x0)
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000480)="d25a9850", 0x4, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)

11.53896333s ago: executing program 5 (id=2476):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
write$binfmt_script(r4, &(0x7f0000000040)={'#! ', './file0'}, 0xb)
fcntl$dupfd(0xffffffffffffffff, 0x406, r4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0xf, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xbf21, 0x0, 0x0, 0x0, 0x3}, {{}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x10000000}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}, {0x7, 0x0, 0xb, 0x0, 0x0, 0x0, 0x102}}}, 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000080)=0x200)
r6 = fsopen(&(0x7f0000000040)='ntfs3\x00', 0x0)
close(r6)

11.360630783s ago: executing program 1 (id=2478):
syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40010000, 0x0, {0x1}})
syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000d4c18a08020402567635010203010902120001000000000904"], 0x0)

10.105814204s ago: executing program 6 (id=2481):
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0))
syz_usb_connect(0x3, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xab, 0xe9, 0x27, 0x10, 0x13b1, 0x42, 0x76fe, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x4, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x9, 0x2, 0x1, 0xc9, 0x18, 0x2, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}]}}]}}]}}, 0x0)

9.856571456s ago: executing program 3 (id=2482):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = dup(r0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000002200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000021c0)={<r2=>0xffffffffffffffff}, 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000002240)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3, @mcast2, 0xee5}, {0xa, 0x4e24, 0x40, @empty, 0x3}, r2, 0x3}}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000003c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r6, 0xc0505350, 0xffffffffffffffff)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
setresuid(0x0, 0x0, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000000)={0xc, {"a2e3ad21ed0d52f91b5d350987f70e06d038e7ff7fc6e5539b324b298b089b07083550090890e0878f0e1ac6e7049b334b959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193b63735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d759be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d6e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bacdc76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa94779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5092f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b1cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b384c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a119b616d41826137ba5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4f006738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba30642f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e51f7d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d2462374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a0000ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6994ff2bdfb14cb6d648cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

7.322025922s ago: executing program 3 (id=2483):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80e02, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001100)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x50)
r1 = socket(0x200000000000011, 0x4000000000080002, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x14, 0x2})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x9)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
sendmsg$IPVS_CMD_SET_INFO(r0, 0x0, 0x0)

7.213953725s ago: executing program 5 (id=2484):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r4, &(0x7f00000001c0), 0x0}, 0x20)

7.148531944s ago: executing program 1 (id=2485):
r0 = syz_init_net_socket$x25(0x3, 0x5, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r5, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x2, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, 0x0)

7.005355112s ago: executing program 3 (id=2486):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x4, &(0x7f0000000340)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x4, 0x6, &(0x7f0000000040)=""/6, 0x41000, 0x42, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x4, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10}, 0x94)

6.639778939s ago: executing program 3 (id=2487):
socket$kcm(0xa, 0x2, 0x73)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x3f73, 0x100, 0x4, 0x1a}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000600)=<r3=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0xffffffffffffff3a, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x12, r4, 0x0, 0x0, 0x0, 0x2000, 0x0, {0x1}})
io_uring_enter(r1, 0x3516, 0xf400, 0x0, 0x0, 0x0)

5.998815621s ago: executing program 6 (id=2488):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0x800000000000001)

5.996541361s ago: executing program 1 (id=2489):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)={0x454a83, 0x120, 0x9}, 0x18)

4.660399813s ago: executing program 1 (id=2490):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001c40)=ANY=[@ANYBLOB="bf16000000000000b7070000ff030000487000000000000050000000000000009500000000000000e83d24a394a293b3bd23212fb56fa54f0b71d0e6adfefc41d86b60717142fa9ea4318123741c0a0f168c1886bf0fccf8d56ccb659427cf8593dbe3a2a3ad358061011fbc5ba1f07318988e6e01a41cc0990d0dc840a23f72eca0b2d89fc474c2a10000000077beee1cebf45fab73962fa8f6296b32a8343881dcc7b1b85f3c3da4cd36414e90a61965c3de4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d0054ce21fa41181a9580cfca031e5388ee5c9a7ddd04201f5200001fcadf95e5a4725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f588cb211624f40401691721715f46e0500000000000000a663739a190a4e825c908c0abc85d457ec5a57cb706eef32a3ed12d63c9c4c508530e173650a8a8f2a9c81bcffe437bccbe158024d8d4939e6fd9adc43f0f4b049218db92bf466e934330ed79bc9f626d68b0000600057d14854eef851bc8c30f5d0df6b94ea0b852d495085ff4eabaac9606f0497958c2c357a7124a69f6770ea6702bc53896a15fad5e55c64efd217450a975221b20d78e445e3da74a3c1e59bae44546bde4ac6de55a480f3ad5dc0f2d1818b696492285f60d914283f8d687b0bdb46261277671bba2c550bfef679bddf38ab35eaaf0268c4efa45b56a188a9195044a222ec06bb49784d5608d87c4832e4305bf8889e5db2a70f6a83d4b3cdc12546d2e9f6720dec489b6276856de6d895704ba3e8ee12c8121ffc4f5d2ae03f0227dcc4f38699d3db16f69ed45e918b07ce58bf576e253364fe0000000084f897400d4f5503a6e9ea4a480e3221f3c247ee8c55e487eaa25a7689689c9c305da4b0181f0f653fec399fcc0cc800e82bde039cc29c19b538c76e65642875bddbef61e5985751d9ebd37d2f32375357b5d2b4dc24baa6a7010038380f7029a292f1ad05000000e4e801a819aef69d081e2cacaa8ad1b4ca6df5dc37962ebc5337379e00645b6d2bec249c0612510000000000a7060d8d9b9ad109b62d1dab0eec6beabc76d765b9caf70900000399772ddfe89be4338e70d0ecfed537780a31fcaf4acaf9bd3711a4359d68ec71b0693ede07e7d18e797697901fbae4a9d9966b68eadae75ef1b8931b0818a57e5136fb8c61d73b17d8fd55c2b8d321a6cba8743114fcff01e5c10200c512000800009a021d377e477ea807cc00919ee8bfbd090034f67609cfde8877b5bb072572b421d6b1fdae83e5e250190628d02d01f978323fe36685e652ceb218a9cc9e125a4880faccaf5ac2345f20b1ee403885790500d0bc75c7e95d23904dc446e0201aafea0d3f4cc0cf285ccd000000000100005aee4199a34686905441c1fa62ed20328a10690432f59a4d3e05bd00997ea2b6f5213cb883d05b620f31869f6cce80f1ae09009ed7e3c5f3aa61bfd240cb9726bc512ba0eb1f68579c76144feb0100809f12bcf79c4d57f66703c2aee08e52de3eff160623e1af555dc7481128ed0bab22dcb6e5b6ac5e4010eaf2510fa440aabfdc80c77108c769ed2d666c555c6c38b30899a688d96a6c6dc0dd4309f6548765d3f53261b4890aa004e7f667a230b22bc6e248bf56b219d9a547b6e1c5077c9ba463329323b53910e7358b4d0c6882c590cf25e4d044a6afb10a070f285e3c94ed405aa8dc41718dd3f4bf474868538aad9a23f85a707e325c10a9f22e37c4213d0ca2910726de8e62d2e3ae7f64e40c7af3dc00bab70cf607869c5a11a03bce8aa43fa010348bc2fb420ba5e344fcdcb302548e571157d323f5fd535800284d32ffff000088ccd685f07309101a3196b705479897f4c9d97c4c7b77db7b15bfb4305d5e954a34385418e665af882a7d505323070929b228bc94b70300000066dab8c4e63debff174621a0ac7dd85b14cb7616ca23f044bd0ccd1c79292c3aa8f6e4a1c27315ef8d55781edbe368f72aeb2f48256131aaab707451c14747dfa3bb5f8725a98f6d3c797573f18810bf378e38107ece5cb7cf3b98975e9254248af60de2f04e2429d9b6eba525fd1b1b665f77710fa494e2b619c975acd535fc78696fc980573c35e9916f0000000000002c8ee5ec55faffffffffffffffcd59cc0600000053d0a1f4ea4477022c9f376b3191efeb46be3c174fb24009379bbc949fd2923715540556450f12d1645177ce3eca0d65d17deff51a024f0180000000006100499e829bda469048c70e5968375feb39e6918e591a384851ba3079ad9c376bdaf0650e212eb4185cbbb6c0dc0e699afc34ca3b9a307cd2519cd9b192d678492ea2228ff0817d68f97b18402d271036067c141b911c4e0207e2c9d37ac203f440e1a065a2d227c6ec860c0104000000000000fe7144ec680c0dac7b5906a6197c8173080c9ab3ecb72820f04a42e4a43ee3f325f93edb3a204b9c9dc8953375e37c83876f248d91f166676b54781c6855c5e067ab2c2c6d22b20a703d68d77312333deff80883cb5a25c738f4e7cbb075e10f5c36396156abb221adebb9303342bfa2b745a5e045d5db847e4810270ed1c5bbb1548ec3184ff9b8ed1687333d0e0412d452ba6b390199bd684ff458d6c8114833efde87215e5f9569d92d24579f3ef473bce24e61eb21336ad441eea93cbcb69d2156b9b6e3000000000000000000fc411d2eadcadc7c0a2c12410e4b9d634807f2a6f1c3a13508e274ecef5cfccb707a1640973973fd2d1d60138d9b7a778827fd07fbd093a0ba779dcd32556613e1fac161825da91acde7fa964c689b1f0ea96047a98260270c3a3ccb2142b074db79aa88614663ff33f9966502a2361e49aabe58eb086c5827dd9d92fa4ff0c0e8b949d585f2cbc111de478905cb37f3cbfb019c6daace508b926718506a577234468f9279a52360d1a80b88b4eb1cda949ca77b6ec43bdf5f5a400989705746b86b400947891b33d591ec5ea9ae45983273f62027998d72f83625021a72e27e0449fa154ade55071546d4000000000000000000000000000000002f907c5db9c967a1f86c57bb5062fed7c37ec16a7e62b6e370c3c5a32adee9032367814394a7a7fd12c44b81fb5ac2ad92220a72aa3355e894cbefe344a6b5eb4c25128d5427a640faae401eccf3aca4294410461e946010c50f9ee556b38eae0b252ef288397672bbbd17e5306589f93dc130b6be5b19dfb2462348355ef24762509cf29becacf8515abe299b8a7dfd585f5dbf7578bfdbfa37deeb872c3291b59349238add315cd18e6f4196b404e48955657d680511c7ba7f5e0f9d97d649583190c78015aaf4db05aa2a6cc9d00084ce958406e09fe508a0ee5feb2d34f48d87000000000000001108780004ec696f618c20771a7ae436d733f603f20c9189567b63d47fae002e616969d888a418d139a25b11c0da7aecb8c14f1a879f7b985ab634b0f5cdb2090ad2c336e9a28289247ef4f3cfcafa393927d27711ed0543a5e8ec6c1c62082549791f75fccd54582f990234496954e6e54bcbb90f2756912ab7e511a55a9e0512e5c1c10bcd76ee4799af611179a39bd0c0323cae1aaaaaa8dafb55bca104ada3252c5d9de5b9cdb6217c35ca3d28b1d8b9d2fa79376c13167a9ef1b1f4b7509debbeacc153ca8bea4a0a65ee1d1d20a9106499f0bf7f416b051e835d790ac978b90143d9125224f74b6167f7a967c7e33eb5f43570b9f3c91371968a30e528968b233d0396db424e5fd73d380318e9676d074dd5ce552a222e250f9f6d0bdd9e46e7f22d9abfd4573b57e3b52d407b464b0146ea15560a2ce034b1623fecc84842928223d17ce4ab31ef4c2a9f9caebf65341fa3da1bbae7972097e24603b9db8edc25a152bd39af179eab23ed555040c2bbb89ea22c08b97264b3616a41abfad0ab12a79574c60cf1841ea45f10e9438e55e1e0eb645200993b08833bb14517b0d0e5ba72bdacd92d57b6029129c95ab0a93857c7205e8450b27aee5e684ece77f53112873f40247a998cc896ab4d55573c7a7ef2936a29425cab46cd4fdd1452ea8429c63c74d5673f5e4d47d1b001d0d3a9e1d5c840ab37a69cb30d17ff7591f01549e552dc43b672e0feff94408171d682565dc2d84476297c6901040000cb9f7f2eb690d7a032c09f0a3d48663fe5ece30f592d71755dd6cbfac96016a2ecd4e499ce9adce6e59db0494fa25117a2bc13275c9a94a3532c1b8417e9ed5e6cd5f51f8ccc878ba73305ad19b0cf05625439cdf688d33c8fd6cf52c5c5685444b65eb918884727d3a780bdac17d447745e4accd85d3aca4d63127bb3a58095cffa08a6cecae329dd5f47552c40b560b05e962363e99300d61931ddd97444"], &(0x7f0000000140)='GPL\x00'}, 0x94)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$packet(0x11, 0x3, 0x300)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
socket$pptp(0x18, 0x1, 0x2)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

4.612699119s ago: executing program 6 (id=2491):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
fanotify_init(0x8, 0x80000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000280)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x40000012})
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f})

4.531983639s ago: executing program 3 (id=2492):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
write$binfmt_script(r4, &(0x7f0000000040)={'#! ', './file0'}, 0xb)
fcntl$dupfd(0xffffffffffffffff, 0x406, r4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0xf, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xbf21, 0x0, 0x0, 0x0, 0x3}, {{}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x10000000}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}, {0x7, 0x0, 0xb, 0x0, 0x0, 0x0, 0x102}}}, 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000080)=0x200)
r6 = fsopen(&(0x7f0000000040)='ntfs3\x00', 0x0)
close(r6)

4.388471778s ago: executing program 6 (id=2493):
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
close(r3)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000340)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000100)={0x0, 0xcbf, 0x8000}, 0x14)

3.148500777s ago: executing program 3 (id=2494):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000480)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @flow_dissector=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r3, &(0x7f0000000bc0), &(0x7f0000000c00)=@udp6=r2}, 0x20)
listen(r1, 0x9)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendmmsg(r4, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000ac0)='<', 0x1}], 0x1}}], 0x1, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, &(0x7f0000000440)=0x9, 0x4)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r7, 0x1, 0x70bd2a, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}]}, 0x30}}, 0x10)

1.894518868s ago: executing program 6 (id=2495):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@x86={0x5, 0x5, 0x17, 0x0, 0x3, 0xf9, 0x2, 0x79, 0xff, 0x8, 0x1, 0x1, 0x0, 0x8, 0x5, 0x8, 0x72, 0x7, 0xba, '\x00', 0x3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.529364165s ago: executing program 5 (id=2496):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f00000001c0)='./file0\x00', 0x1c1)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x382, 0x2)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
timer_create(0x0, 0x0, 0x0)
ustat(0xfffffffeffffffff, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0, 0x381, 0x1)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_int(r1, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
syz_open_procfs(0x0, &(0x7f0000000240)='net/dev_mcast\x00')
io_uring_setup(0x2ef3, 0x0)

316.569691ms ago: executing program 5 (id=2497):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r1 = socket(0x2, 0x3, 0xff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$sndpcmc(0x0, 0x3, 0x288501)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r7)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_DEL_KEY(r7, &(0x7f0000004340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c804}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
socket$nl_rdma(0x10, 0x3, 0x14)
getsockopt$IP_SET_OP_GET_BYNAME(r4, 0x1, 0x53, 0x0, 0x0)
connect$ax25(r0, &(0x7f00000001c0)={{0x3, @default}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)

269.141506ms ago: executing program 6 (id=2498):
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000020c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001fc0)}}], 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xc1b}, 0x28)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x6, 0xe, 0x4, 0x4, 0x2, 0x1000, 0xf1, 0x0, 0x7fffffffffffb, 0x5, 0x0, 0x1, 0x0, 0x5, 0x0, 0xbde], 0x1000, 0x3c4210})
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000040)={0x10200, 0x80, 0xc0, &(0x7f0000000340)=[0x5, 0x800000, 0xe, 0x80, 0xe6b4, 0x101, 0xfffffffffffffffa, 0x2, 0x8, 0x2, 0x2, 0x700000000000000, 0x9, 0xffff, 0xfffffffffffffffe, 0x7, 0x7fffffff, 0x5, 0x26, 0x9880, 0x5, 0x6, 0x8, 0x2, 0x4, 0x20000000009, 0x2, 0x1fd, 0x8, 0x0, 0x7, 0x5, 0x5, 0x2, 0x501, 0x40, 0xfffffffffffffff5, 0x4, 0x7fffffff, 0x7d, 0x0, 0x6, 0x20008, 0x2e2, 0x101, 0x6, 0x8000000000000001, 0xfffffffffffffff9, 0x4100000000, 0xfffffffffffffffd, 0x8, 0x9, 0x7fff, 0xec, 0x8000000000000000, 0x4, 0x94f, 0x7, 0x7fffffffffffffff, 0x6, 0xffffffffffffffff, 0xd, 0x11, 0xa, 0x5, 0xa8, 0x1, 0x2000000000000007, 0x7fffffffffffffff, 0x38c, 0x7, 0x7, 0xae8f, 0x100001e30fa4c, 0xa, 0x0, 0x4000008, 0xdac, 0xe94, 0x7, 0xfffffffffffffffc, 0xa7, 0xba00, 0x4, 0x9, 0x0, 0x1, 0x100, 0x4, 0xe, 0xfffffffffffffff9, 0x3, 0x5, 0x21, 0xfffffffffffffc01, 0xfffffffffffffffd, 0x401, 0x3, 0x1e4b, 0x2, 0x79, 0xf, 0x10000, 0xe, 0x2, 0x3, 0x3, 0xfffffffffffffff9, 0x0, 0x4, 0xa, 0x40000001, 0x9, 0x2, 0xfff, 0x80, 0x3, 0xd, 0x4, 0x9, 0xffff, 0x1, 0x401, 0x1, 0x2, 0x7, 0xea7, 0x1]})
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x408d6}, 0x24008014)

0s ago: executing program 1 (id=2499):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000080003"], 0x7c}, 0x1, 0x0, 0x0, 0xc4}, 0x890)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)

kernel console output (not intermixed with test programs):

ddress (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.053705][ T8795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.077358][ T8795] batman_adv: batadv0: Interface activated: batadv_slave_1
[  420.160536][ T8795] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  420.192710][ T8795] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  420.216066][ T8795] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  420.604201][ T8795] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  421.406395][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  421.443942][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  421.554829][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  421.592209][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  421.896507][ T9137] loop5: detected capacity change from 0 to 8
[  422.136313][ T9137] SQUASHFS error: Unable to read directory block [2c0:35]
[  423.056960][ T9150] loop5: detected capacity change from 0 to 164
[  423.112336][ T9153] overlayfs: missing 'lowerdir'
[  423.579944][ T9164] overlayfs: missing 'lowerdir'
[  426.935627][ T9189] netlink: 4 bytes leftover after parsing attributes in process `syz.1.858'.
[  428.276286][ T9205] overlayfs: missing 'lowerdir'
[  429.672932][ T9225] loop3: detected capacity change from 0 to 64
[  430.834240][ T9237] loop0: detected capacity change from 0 to 512
[  430.868129][ T9237] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  431.100583][ T9237] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  431.438650][ T9237] EXT4-fs (loop0): 1 truncate cleaned up
[  431.557250][ T9237] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  431.805553][ T9237] syz.0.870 (pid 9237) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  432.235387][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.485637][ T9247] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  432.567791][ T9247] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  433.189233][ T9261] overlayfs: missing 'lowerdir'
[  434.304504][ T9267] loop0: detected capacity change from 0 to 2048
[  434.378675][ T9267] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  434.673850][   T23] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  434.884019][   T23] usb 1-1: Using ep0 maxpacket: 32
[  434.919515][   T23] usb 1-1: config 0 has an invalid interface number: 139 but max is 0
[  434.933956][   T23] usb 1-1: config 0 has an invalid descriptor of length 85, skipping remainder of the config
[  434.957413][   T23] usb 1-1: config 0 has no interface number 0
[  434.966875][   T23] usb 1-1: too many endpoints for config 0 interface 139 altsetting 132: 67, using maximum allowed: 30
[  434.983974][   T23] usb 1-1: config 0 interface 139 altsetting 132 has 0 endpoint descriptors, different from the interface descriptor's value: 67
[  435.001386][   T23] usb 1-1: config 0 interface 139 has no altsetting 0
[  435.015646][   T23] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  435.031820][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.085148][   T23] usb 1-1: Product: syz
[  435.106293][   T23] usb 1-1: Manufacturer: syz
[  435.128136][   T23] usb 1-1: SerialNumber: syz
[  435.160258][   T23] usb 1-1: config 0 descriptor??
[  435.385746][   T23] smsc95xx v2.0.0
[  435.389431][   T23] smsc95xx 1-1:0.139 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  435.451756][   T23] smsc95xx: probe of 1-1:0.139 failed with error -22
[  435.469158][   T23] usb 1-1: USB disconnect, device number 9
[  435.948886][ T9289] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  435.977230][ T9289] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  436.506325][ T9296] overlayfs: missing 'lowerdir'
[  438.397849][ T9312] netlink: 16 bytes leftover after parsing attributes in process `syz.5.890'.
[  439.603976][ T9314] netlink: 4 bytes leftover after parsing attributes in process `syz.0.893'.
[  440.124285][ T9315] loop0: detected capacity change from 0 to 40427
[  440.172046][ T9315] F2FS-fs (loop0): build fault injection attr: rate: 174, type: 0x7ffff
[  440.183363][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  440.210912][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  440.435843][ T5763] I/O error, dev loop0, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  442.206800][ T9334] overlayfs: missing 'lowerdir'
[  444.909703][ T9350] loop0: detected capacity change from 0 to 64
[  445.029099][ T9350] overlayfs: upper fs needs to support d_type.
[  445.063154][ T9350] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  445.071344][ T9350] overlayfs: failed to set xattr on upper
[  445.081858][ T9350] overlayfs: ...falling back to redirect_dir=nofollow.
[  445.089622][ T9350] overlayfs: ...falling back to index=off.
[  445.100334][ T9350] overlayfs: ...falling back to uuid=null.
[  445.182233][ T5766] Trying to free block not in datazone
[  445.194825][ T5766] Trying to free block not in datazone
[  445.228744][ T5766] Trying to free block not in datazone
[  445.614231][ T9364] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  446.135846][ T9367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.903'.
[  447.954732][ T9367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.903'.
[  449.897923][ T9408] Illegal XDP return value 4294967274 on prog  (id 160) dev syz_tun, expect packet loss!
[  450.111881][ T9415] ptrace attach of "./syz-executor exec"[5766] was attempted by " Àÿ      Ðÿ      ð¥      Àÿ      Àÿ      Ðÿ      àÿ              \x07      (        Àÿ                 ÿÿÿÿ                                        @       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
[  451.258339][ T9401] loop5: detected capacity change from 0 to 40427
[  452.153725][ T9401] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  452.186929][ T9418] overlayfs: missing 'lowerdir'
[  452.325249][ T9401] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  452.376129][ T9401] F2FS-fs (loop5): invalid crc value
[  452.414806][ T9401] F2FS-fs (loop5): Failed to start F2FS issue_checkpoint_thread (-4)
[  458.381666][ T9514] loop0: detected capacity change from 0 to 512
[  459.694277][ T9514] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  459.702495][ T9514] EXT4-fs (loop0): orphan cleanup on readonly fs
[  459.737088][ T9514] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #16: comm )}Y": corrupted inode contents
[  459.772753][ T5808] IPVS: starting estimator thread 0...
[  459.781515][ T9514] EXT4-fs (loop0): Remounting filesystem read-only
[  459.788766][ T9514] EXT4-fs (loop0): 1 truncate cleaned up
[  459.806484][ T2923] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  459.853300][ T2923] Quota error (device loop0): write_blk: dquota write failed
[  459.903858][ T9520] IPVS: using max 34 ests per chain, 81600 per kthread
[  459.917586][ T2923] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries
[  459.948683][ T2923] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  459.988482][ T2923] Quota error (device loop0): write_blk: dquota write failed
[  460.015360][ T2923] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list
[  460.055015][ T2923] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  460.095119][ T2923] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  460.170993][ T2923] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  460.247195][ T9514] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  460.505154][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  460.764924][ T9500] overlayfs: missing 'lowerdir'
[  465.030147][ T9542] loop3: detected capacity change from 0 to 131072
[  465.133678][ T9542] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[  465.141795][ T9542] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  465.165246][ T9542] F2FS-fs (loop3): invalid crc value
[  465.378311][ T9542] F2FS-fs (loop3): Found nat_bits in checkpoint
[  465.437551][ T9542] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  465.444724][ T9542] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  466.330167][ T9542] F2FS-fs (loop3): checksum invalid, nid = 4, ino_of_node = 4, 8e2acc4a vs. 159afe7
[  467.284637][ T9571] overlayfs: missing 'lowerdir'
[  469.798099][ T9583] overlayfs: missing 'lowerdir'
[  473.551486][ T9618] netlink: 'syz.0.947': attribute type 1 has an invalid length.
[  474.009869][ T9627] overlayfs: missing 'workdir'
[  474.333393][ T9614] loop5: detected capacity change from 0 to 32768
[  474.389817][ T9614] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.944 (9614)
[  474.416428][ T9614] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  474.432377][ T9614] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  474.513757][ T9614] BTRFS info (device loop5): turning on sync discard
[  474.520581][ T9614] BTRFS info (device loop5): use zlib compression, level 3
[  474.544238][ T9614] BTRFS info (device loop5): turning off barriers
[  474.633957][ T9614] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  475.786822][ T9614] BTRFS info (device loop5): trying to use backup root at mount time
[  475.839624][ T9614] BTRFS info (device loop5): enabling auto defrag
[  475.842669][ T9638] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  475.893941][ T9614] BTRFS info (device loop5): max_inline at 0
[  475.899986][ T9614] BTRFS info (device loop5): using free space tree
[  476.067146][  T738] BTRFS warning (device loop5): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  476.140224][ T9614] BTRFS error (device loop5): failed to load root extent
[  476.272545][ T9660] overlayfs: missing 'lowerdir'
[  476.964376][ T9614] BTRFS warning (device loop5): try to load backup roots slot 1
[  476.975507][   T11] BTRFS warning (device loop5): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  477.107862][ T9614] BTRFS warning (device loop5): couldn't read tree root
[  477.133884][ T9614] BTRFS warning (device loop5): try to load backup roots slot 2
[  477.167132][   T11] BTRFS error (device loop5): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  477.219894][ T9614] BTRFS warning (device loop5): couldn't read tree root
[  477.258671][ T9614] BTRFS warning (device loop5): try to load backup roots slot 3
[  477.527921][ T9614] BTRFS error (device loop5): open_ctree failed: -4
[  477.733273][ T5763] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by udevd (5763)
[  479.400640][ T9685] overlayfs: missing 'workdir'
[  482.930390][ T9699] syz.0.963 (9699): drop_caches: 2
[  483.807414][ T9704] overlayfs: failed to clone lowerpath
[  485.938670][ T9715] overlayfs: missing 'lowerdir'
[  488.366018][ T9730] overlayfs: missing 'workdir'
[  495.928769][ T9756] loop3: detected capacity change from 0 to 32768
[  495.938199][ T9756] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.974 (9756)
[  496.033541][ T9756] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  496.035945][ T9770] overlayfs: failed to clone upperpath
[  496.061156][ T9756] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  496.088427][ T9756] BTRFS info (device loop3): turning on sync discard
[  496.103675][ T9756] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  496.123716][ T9756] BTRFS info (device loop3): use zstd compression, level 3
[  496.127855][ T9759] loop5: detected capacity change from 0 to 32768
[  496.131392][ T9756] BTRFS info (device loop3): turning off barriers
[  496.180460][ T9756] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  496.228024][ T9756] BTRFS info (device loop3): trying to use backup root at mount time
[  496.247533][ T9756] BTRFS info (device loop3): enabling auto defrag
[  496.273814][ T9756] BTRFS info (device loop3): using default commit interval 30s
[  496.301833][ T9756] BTRFS info (device loop3): max_inline at 0
[  496.312003][ T9756] BTRFS info (device loop3): using free space tree
[  496.323316][ T9759] JBD2: Ignoring recovery information on journal
[  496.360040][ T9759] jbd2_journal_bmap: journal block not found at offset 32 on loop5-75
[  496.390603][ T9775] syz.1.981[9775] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  496.390804][ T9775] syz.1.981[9775] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  496.415543][ T9759] JBD2: bad block at offset 32
[  496.493383][  T738] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  496.513554][ T9759] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  496.602192][ T9756] BTRFS error (device loop3): failed to load root extent
[  496.653677][ T9756] BTRFS warning (device loop3): try to load backup roots slot 1
[  496.669056][  T738] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  496.720889][ T9756] BTRFS warning (device loop3): couldn't read tree root
[  496.734876][ T9756] BTRFS warning (device loop3): try to load backup roots slot 2
[  497.331982][ T3471] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  497.413701][ T9756] BTRFS warning (device loop3): couldn't read tree root
[  497.420693][ T9756] BTRFS warning (device loop3): try to load backup roots slot 3
[  497.459364][ T8795] ocfs2: Unmounting device (7,5) on (node local)
[  497.595211][ T9756] BTRFS error (device loop3): open_ctree failed: -4
[  499.702008][ T9806] Bluetooth: MGMT ver 1.22
[  501.565882][ T9814] lo speed is unknown, defaulting to 1000
[  501.572222][ T9814] lo speed is unknown, defaulting to 1000
[  501.578743][ T9814] lo speed is unknown, defaulting to 1000
[  501.594494][ T9814] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  501.816137][ T9814] lo speed is unknown, defaulting to 1000
[  501.833901][ T9814] lo speed is unknown, defaulting to 1000
[  501.852883][ T9814] lo speed is unknown, defaulting to 1000
[  501.866625][ T9814] lo speed is unknown, defaulting to 1000
[  501.920835][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  501.927520][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  502.550816][ T9820] loop3: detected capacity change from 0 to 4096
[  502.623234][ T9821] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  502.703001][ T9820] syz.3.991 (9820) used greatest stack depth: 18408 bytes left
[  502.772484][ T9823] loop0: detected capacity change from 0 to 2048
[  502.837030][ T9823] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  502.885332][ T9823] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  504.320294][ T9836] loop0: detected capacity change from 0 to 2048
[  504.373447][ T9836] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  504.482651][ T5139] udevd[5139]: worker [5763] terminated by signal 33 (Unknown signal 33)
[  504.497352][ T5139] udevd[5139]: worker [5763] failed while handling '/devices/virtual/block/loop0'
[  507.519886][ T9865] overlayfs: failed to clone upperpath
[  507.674677][ T9867] loop5: detected capacity change from 0 to 256
[  507.917377][ T9873] netlink: 24 bytes leftover after parsing attributes in process `syz.0.999'.
[  508.034962][ T9863] loop3: detected capacity change from 0 to 128
[  511.025883][ T9890] loop3: detected capacity change from 0 to 256
[  511.136653][ T9890] FAT-fs (loop3): Directory bread(block 64) failed
[  511.143231][ T9890] FAT-fs (loop3): Directory bread(block 65) failed
[  511.184181][ T9890] FAT-fs (loop3): Directory bread(block 66) failed
[  511.204000][ T9890] FAT-fs (loop3): Directory bread(block 67) failed
[  511.210659][ T9890] FAT-fs (loop3): Directory bread(block 68) failed
[  511.239441][ T9890] FAT-fs (loop3): Directory bread(block 69) failed
[  511.273842][ T9890] FAT-fs (loop3): Directory bread(block 70) failed
[  511.288665][ T9890] FAT-fs (loop3): Directory bread(block 71) failed
[  511.316151][ T9890] FAT-fs (loop3): Directory bread(block 72) failed
[  511.323101][ T9890] FAT-fs (loop3): Directory bread(block 73) failed
[  511.452376][ T9893] loop5: detected capacity change from 0 to 512
[  512.714599][ T9893] EXT4-fs (loop5): Test dummy encryption mode enabled
[  512.743900][ T9893] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  512.813719][ T9893] EXT4-fs error (device loop5): ext4_orphan_get:1424: comm syz.5.1012: bad orphan inode 131083
[  512.825943][ T9907] loop0: detected capacity change from 0 to 128
[  512.846831][ T9893] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  512.900356][ T9907] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  513.018705][ T9907] ext4 filesystem being mounted at /246/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  513.130851][ T8795] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.497009][ T5774] Bluetooth: hci1: command 0x0406 tx timeout
[  514.599516][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  515.023525][ T9917] loop5: detected capacity change from 0 to 40427
[  515.036135][ T9917] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  515.043967][ T9917] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  515.114336][ T9917] F2FS-fs (loop5): invalid crc value
[  515.167481][ T9917] F2FS-fs (loop5): Found nat_bits in checkpoint
[  515.233083][ T9917] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  515.240221][ T9917] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  516.156782][   T27] audit: type=1800 audit(1768449157.742:54): pid=9928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1017" name="file1" dev="loop5" ino=10 res=0 errno=0
[  522.827121][ T9983] overlayfs: failed to clone upperpath
[  527.599820][T10022] overlayfs: failed to clone upperpath
[  528.235475][T10033] loop5: detected capacity change from 0 to 2048
[  528.317397][T10033] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  532.467241][T10067] loop3: detected capacity change from 0 to 256
[  532.486960][T10067] exfat: Deprecated parameter 'namecase'
[  532.527505][T10067] exfat: Deprecated parameter 'namecase'
[  532.569257][T10067] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  532.593791][T10067] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  533.547780][T10076] overlayfs: failed to clone upperpath
[  535.433301][T10089] ucma_write: process 776 (syz.0.1074) changed security contexts after opening file descriptor, this is not allowed.
[  535.830946][T10094] loop0: detected capacity change from 0 to 512
[  536.215264][T10094] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  536.217239][T10105] loop3: detected capacity change from 0 to 2048
[  536.247812][T10105] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  536.277001][T10094] ext4 filesystem being mounted at /261/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  536.979962][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.713063][T10133] loop5: detected capacity change from 0 to 2048
[  537.819265][T10133] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  543.965475][T10166] loop5: detected capacity change from 0 to 32768
[  544.038478][T10166] JBD2: Ignoring recovery information on journal
[  544.125315][T10166] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  544.258345][T10166] overlayfs: failed to resolve './file2': -2
[  544.483507][ T8795] ocfs2: Unmounting device (7,5) on (node local)
[  551.367336][T10216] tty tty1: ldisc open failed (-12), clearing slot 0
[  555.342344][T10242] overlayfs: failed to clone upperpath
[  560.436725][T10277] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  562.163751][T10285] loop5: detected capacity change from 0 to 262144
[  562.200241][T10285] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop5 scanned by syz.5.1134 (10285)
[  562.232411][T10285] BTRFS info (device loop5): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  562.242802][T10285] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm
[  562.252047][T10285] BTRFS info (device loop5): using free space tree
[  562.325861][T10285] BTRFS info (device loop5): enabling ssd optimizations
[  562.332816][T10285] BTRFS info (device loop5): auto enabling async discard
[  562.459524][T10285] BTRFS info (device loop5): balance: start -f -dsoft,limit=0..0
[  562.467445][T10285] BTRFS info (device loop5): balance: ended with status: 0
[  562.591087][ T8795] BTRFS info (device loop5): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  563.057565][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  563.064256][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  566.292468][T10319] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1141'.
[  567.031306][T10321] loop5: detected capacity change from 0 to 40427
[  567.194273][T10321] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[  574.431527][T10345] loop5: detected capacity change from 0 to 2048
[  574.497835][T10345] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  575.133929][T10349] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1151'.
[  581.230693][T10377] overlayfs: failed to clone upperpath
[  583.389748][T10381] loop5: detected capacity change from 0 to 262144
[  583.883325][T10393] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1161'.
[  584.750701][T10395] loop0: detected capacity change from 0 to 40427
[  584.879834][T10395] F2FS-fs (loop0): build fault injection attr: rate: 174, type: 0x7ffff
[  584.964470][ T5775] I/O error, dev loop5, sector 262016 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  588.310801][T10407] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1164'.
[  588.675170][T10414] overlayfs: failed to clone upperpath
[  590.789150][T10423] loop3: detected capacity change from 0 to 262144
[  591.673389][T10437] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1173'.
[  592.434012][T10434] overlayfs: missing 'lowerdir'
[  592.610157][T10440] loop5: detected capacity change from 0 to 40427
[  594.115210][T10440] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[  594.444054][ T5775] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by udevd (5775)
[  598.682168][T10474] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1188'.
[  599.417814][T10476] loop5: detected capacity change from 0 to 40427
[  599.609392][T10476] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[  601.733997][T10484] overlayfs: missing 'lowerdir'
[  603.836888][T10483] loop5: detected capacity change from 0 to 32768
[  603.879438][T10483] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.1189 (10483)
[  603.923446][T10483] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  603.945407][T10483] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  603.968453][T10483] BTRFS info (device loop5): turning on sync discard
[  603.983776][T10483] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  603.993214][T10483] BTRFS info (device loop5): use zstd compression, level 3
[  604.033736][T10483] BTRFS info (device loop5): turning off barriers
[  604.040217][T10483] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  604.073664][T10483] BTRFS info (device loop5): trying to use backup root at mount time
[  604.088167][T10483] BTRFS info (device loop5): enabling auto defrag
[  604.104205][T10483] BTRFS info (device loop5): using default commit interval 30s
[  604.123956][T10483] BTRFS info (device loop5): max_inline at 0
[  604.133950][T10483] BTRFS info (device loop5): using free space tree
[  604.159901][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  604.160614][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  604.208151][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  604.228643][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  604.264889][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  604.314948][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  604.384522][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  604.405183][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  604.444662][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  604.465440][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  604.476833][T10483] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  604.520338][T10483] BTRFS error (device loop5): open_ctree failed: -12
[  605.713988][T10521] overlayfs: missing 'lowerdir'
[  607.025165][T10519] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1197'.
[  607.496396][T10527] loop3: detected capacity change from 0 to 40427
[  607.523813][T10527] F2FS-fs (loop3): build fault injection attr: rate: 174, type: 0x7ffff
[  608.798745][T10540] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1199'.
[  612.155993][T10557] overlayfs: missing 'lowerdir'
[  614.424022][ T5914] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  614.719628][ T5914] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  614.883795][ T5914] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  614.898131][ T5914] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  614.907729][ T5914] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.065675][T10585] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  615.118959][T10585] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  615.222556][ T5914] usb 6-1: Quirk or no altest; falling back to MIDI 1.0
[  615.820501][T10585] loop5: detected capacity change from 0 to 1024
[  615.897246][T10585] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  616.150997][T10585] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  616.803998][T10596] overlayfs: missing 'lowerdir'
[  617.371216][ T5914] usb 6-1: USB disconnect, device number 2
[  617.618117][ T8795] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  618.030639][T10607] loop5: detected capacity change from 0 to 256
[  618.039247][T10607] exfat: Deprecated parameter 'namecase'
[  618.039334][T10607] exfat: Deprecated parameter 'namecase'
[  618.078878][T10607] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  618.102315][T10607] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  619.503392][T10609] loop0: detected capacity change from 0 to 262144
[  619.571886][T10609] BTRFS info (device loop0): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  619.571978][T10609] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  619.572008][T10609] BTRFS info (device loop0): using free space tree
[  619.773958][T10609] BTRFS info (device loop0): enabling ssd optimizations
[  619.780939][T10609] BTRFS info (device loop0): auto enabling async discard
[  620.708994][T10631] loop3: detected capacity change from 0 to 40427
[  620.746901][T10609] BTRFS info (device loop0): balance: start -f -d
[  620.756859][T10609] BTRFS info (device loop0): relocating block group 13631488 flags data
[  620.789409][T10631] F2FS-fs (loop3): build fault injection attr: rate: 174, type: 0x7ffff
[  621.518502][T10609] BTRFS info (device loop0): found 2 extents, stage: move data extents
[  621.710022][T10609] BTRFS info (device loop0): balance: canceled
[  622.001258][ T5766] BTRFS info (device loop0): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  624.533931][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  624.540224][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  627.034014][T10668] overlayfs: missing 'lowerdir'
[  627.963879][T10669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1235'.
[  631.932774][T10689] loop3: detected capacity change from 0 to 256
[  632.008191][T10693] loop0: detected capacity change from 0 to 256
[  632.054672][T10693] exfat: Deprecated parameter 'namecase'
[  632.064080][T10693] exfat: Deprecated parameter 'namecase'
[  632.085230][T10693] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  632.114519][T10693] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  635.954592][ T5774] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  635.979130][ T5774] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  635.998460][ T5774] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  636.009961][ T5774] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  636.024405][ T5774] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  636.034688][ T5774] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  636.167027][T10714] lo speed is unknown, defaulting to 1000
[  637.236156][T10724] fuse: Bad value for 'fd'
[  637.456648][T10714] chnl_net:caif_netlink_parms(): no params data found
[  638.239058][T10711] loop5: detected capacity change from 0 to 32768
[  638.245758][ T8643] Bluetooth: hci2: command tx timeout
[  638.385481][T10714] bridge0: port 1(bridge_slave_0) entered blocking state
[  638.392616][T10714] bridge0: port 1(bridge_slave_0) entered disabled state
[  638.420596][T10714] bridge_slave_0: entered allmulticast mode
[  638.438838][T10714] bridge_slave_0: entered promiscuous mode
[  638.468067][T10714] bridge0: port 2(bridge_slave_1) entered blocking state
[  638.480820][T10714] bridge0: port 2(bridge_slave_1) entered disabled state
[  638.514511][T10714] bridge_slave_1: entered allmulticast mode
[  638.522124][T10714] bridge_slave_1: entered promiscuous mode
[  638.558334][ T5775] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by udevd (5775)
[  641.253658][ T8643] Bluetooth: hci2: command tx timeout
[  641.338546][T10714] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  641.341460][T10714] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  641.559164][T10714] team0: Port device team_slave_0 added
[  641.585338][T10714] team0: Port device team_slave_1 added
[  642.726749][T10714] batman_adv: batadv0: Adding interface: batadv_slave_0
[  642.751282][T10714] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  642.843600][T10714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  642.875865][T10714] batman_adv: batadv0: Adding interface: batadv_slave_1
[  642.883191][T10714] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  642.970644][T10714] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  643.150845][T10714] hsr_slave_0: entered promiscuous mode
[  643.234129][T10714] hsr_slave_1: entered promiscuous mode
[  643.276085][T10714] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  643.284831][T10714] Cannot create hsr debugfs directory
[  643.293739][ T8643] Bluetooth: hci2: command tx timeout
[  644.563872][T10769] fuse: Bad value for 'fd'
[  644.660178][T10714] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  644.674844][T10767] loop3: detected capacity change from 0 to 1024
[  644.707300][T10714] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  644.766799][T10714] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  644.799441][T10767] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  644.816250][T10714] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  645.065590][T10714] 8021q: adding VLAN 0 to HW filter on device bond0
[  645.101372][T10714] 8021q: adding VLAN 0 to HW filter on device team0
[  645.121564][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  645.128804][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  645.208327][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  645.215608][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  645.373793][ T8643] Bluetooth: hci2: command tx timeout
[  645.674318][ T5855] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  646.633618][ T5855] usb 4-1: Using ep0 maxpacket: 8
[  646.684640][ T5855] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  646.692880][ T5855] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  646.789341][ T5855] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  648.023911][ T5855] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  648.035576][ T5855] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  648.048616][ T5855] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  648.058442][ T5855] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  648.183082][ T5855] usb 4-1: can't set config #16, error -71
[  648.211245][T10714] 8021q: adding VLAN 0 to HW filter on device batadv0
[  648.254202][ T5855] usb 4-1: USB disconnect, device number 5
[  650.209141][T10714] veth0_vlan: entered promiscuous mode
[  650.243267][T10714] veth1_vlan: entered promiscuous mode
[  650.324971][T10714] veth0_macvtap: entered promiscuous mode
[  650.336511][T10714] veth1_macvtap: entered promiscuous mode
[  650.398225][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  650.445812][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  650.483760][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  650.500391][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  650.523695][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  650.548298][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  650.571907][T10714] batman_adv: batadv0: Interface activated: batadv_slave_0
[  650.608904][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  650.638765][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  650.663621][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  650.691338][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  650.713850][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  650.748756][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  650.770575][T10714] batman_adv: batadv0: Interface activated: batadv_slave_1
[  650.809222][T10714] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  650.839713][T10714] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  650.853303][T10714] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  650.873621][T10714] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  651.978264][  T738] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  652.005785][  T738] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  652.085067][ T1003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  652.092938][ T1003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  653.690060][T10823] input: syz1 as /devices/virtual/input/input7
[  655.744817][T10827] netlink: 52 bytes leftover after parsing attributes in process `syz.6.1280'.
[  662.368241][T10859] loop5: detected capacity change from 0 to 256
[  666.559647][T10886] loop6: detected capacity change from 0 to 1024
[  666.668430][T10886] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  667.801582][T10892] loop3: detected capacity change from 0 to 8
[  667.845163][T10892] unable to read xattr id index table
[  667.883944][   T23] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  667.930326][T10892] loop3: detected capacity change from 0 to 512
[  667.955656][T10892] EXT4-fs: Ignoring removed oldalloc option
[  667.990641][T10892] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  668.103699][   T23] usb 7-1: Using ep0 maxpacket: 8
[  668.110788][   T23] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  668.122963][   T23] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  668.150649][   T23] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  668.170595][   T23] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  668.180967][   T23] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  668.254698][   T23] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  668.272877][   T23] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.336918][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  668.563129][T10901] loop3: detected capacity change from 0 to 256
[  670.557395][ T5754] usb 7-1: USB disconnect, device number 2
[  673.268267][T10922] loop5: detected capacity change from 0 to 8
[  673.304159][T10922] unable to read xattr id index table
[  673.368595][T10922] loop5: detected capacity change from 0 to 512
[  673.410152][T10922] EXT4-fs: Ignoring removed oldalloc option
[  673.448263][T10924] sctp: [Deprecated]: syz.3.1303 (pid 10924) Use of struct sctp_assoc_value in delayed_ack socket option.
[  673.448263][T10924] Use struct sctp_sack_info instead
[  673.489015][T10922] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  673.537858][T10928] loop6: detected capacity change from 0 to 2048
[  673.659852][T10928] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  675.223685][T10933] loop3: detected capacity change from 0 to 262144
[  675.304266][T10933] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by syz.3.1310 (10933)
[  675.454011][T10933] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  675.464283][T10933] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  675.473604][T10933] BTRFS info (device loop3): using free space tree
[  675.789538][T10933] BTRFS info (device loop3): enabling ssd optimizations
[  675.796952][T10933] BTRFS info (device loop3): auto enabling async discard
[  675.903828][T10933] BTRFS info (device loop3): balance: start -f -d
[  675.911050][T10933] BTRFS info (device loop3): relocating block group 13631488 flags data
[  676.777860][ T8795] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  676.839993][T10933] BTRFS info (device loop3): found 2 extents, stage: move data extents
[  676.900994][T10933] BTRFS info (device loop3): balance: canceled
[  676.944699][ T5776] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  680.552197][T10982] loop6: detected capacity change from 0 to 2048
[  680.625125][T10982] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  682.189761][T10990] loop6: detected capacity change from 0 to 512
[  682.225427][T10990] EXT4-fs: Ignoring removed oldalloc option
[  682.288386][T10990] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  682.745725][T10714] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  685.876966][T11000] overlayfs: missing 'lowerdir'
[  685.939700][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  685.954687][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  687.446282][T11022] loop3: detected capacity change from 0 to 262144
[  687.547045][T11022] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by syz.3.1324 (11022)
[  687.601421][T11022] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  687.611741][T11022] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  687.621301][T11022] BTRFS info (device loop3): using free space tree
[  687.764390][T11022] BTRFS info (device loop3): enabling ssd optimizations
[  687.764415][T11022] BTRFS info (device loop3): auto enabling async discard
[  687.956664][T11022] BTRFS info (device loop3): balance: start -f -d
[  687.957642][T11022] BTRFS info (device loop3): relocating block group 13631488 flags data
[  688.024501][T11022] BTRFS info (device loop3): found 2 extents, stage: move data extents
[  688.148449][T11022] BTRFS info (device loop3): found 2 extents, stage: update data pointers
[  688.197604][T11022] BTRFS info (device loop3): balance: ended with status: 0
[  688.376618][ T5776] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  689.403775][ T5775] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 20 /dev/loop3 scanned by udevd (5775)
[  691.919929][T11075] loop3: detected capacity change from 0 to 16
[  691.937796][T11075] erofs: (device loop3): mounted with root inode @ nid 36.
[  691.950445][T11076] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1342'.
[  692.037879][T11076] 8021q: adding VLAN 0 to HW filter on device bond1
[  692.053300][T11078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1342'.
[  693.362519][T11081] loop3: detected capacity change from 0 to 262144
[  693.412776][T11078] macvlan2: entered promiscuous mode
[  693.412797][T11078] macvlan2: entered allmulticast mode
[  693.438852][T11081] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  693.438934][T11081] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  693.438964][T11081] BTRFS info (device loop3): using free space tree
[  693.516163][T11081] BTRFS info (device loop3): enabling ssd optimizations
[  693.516205][T11081] BTRFS info (device loop3): auto enabling async discard
[  693.785832][ T5776] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  694.312539][T11109] loop6: detected capacity change from 0 to 2048
[  694.374835][T11109] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  697.535067][T11127] loop6: detected capacity change from 0 to 22
[  697.574813][T11127] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  697.638153][T11127] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  697.751777][T11117] loop5: detected capacity change from 0 to 262144
[  697.780354][T11117] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop5 scanned by syz.5.1354 (11117)
[  697.857201][T11117] BTRFS info (device loop5): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  697.868040][T11117] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm
[  697.877388][T11117] BTRFS info (device loop5): using free space tree
[  698.532810][T11117] BTRFS error (device loop5): open_ctree failed: -4
[  699.331558][T11163] loop6: detected capacity change from 0 to 128
[  700.275418][T11169] fuse: Bad value for 'fd'
[  701.389737][T11178] loop6: detected capacity change from 0 to 8
[  701.399183][T11178] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  701.419693][ T5768] udevd[5768]: incorrect cramfs checksum on /dev/loop6
[  701.472236][ T5768] udevd[5768]: incorrect cramfs checksum on /dev/loop6
[  701.505645][T11181] loop3: detected capacity change from 0 to 64
[  701.594662][ T5768] udevd[5768]: incorrect cramfs checksum on /dev/loop6
[  703.006568][T11183] loop6: detected capacity change from 0 to 262144
[  703.041405][T11183] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop6 scanned by syz.6.1369 (11183)
[  703.063381][T11183] BTRFS info (device loop6): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  703.073701][T11183] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  703.082951][T11183] BTRFS info (device loop6): using free space tree
[  704.085744][T11183] BTRFS info (device loop6): enabling ssd optimizations
[  704.092822][T11183] BTRFS info (device loop6): auto enabling async discard
[  704.432739][T11206] loop3: detected capacity change from 0 to 32768
[  704.544913][T11206] XFS (loop3): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  704.591808][T10714] BTRFS info (device loop6): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  704.664901][   T27] audit: type=1326 audit(1768449346.812:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  704.764148][   T27] audit: type=1326 audit(1768449346.812:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  704.831849][   T27] audit: type=1326 audit(1768449346.812:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  704.865838][T11206] XFS (loop3): Starting recovery (logdev: internal)
[  704.913980][T11206] XFS (loop3): Ending recovery (logdev: internal)
[  704.983637][   T27] audit: type=1326 audit(1768449346.862:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  705.069914][T11221] fuse: Bad value for 'fd'
[  705.123585][   T27] audit: type=1326 audit(1768449346.862:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  705.225442][ T5776] XFS (loop3): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  705.243233][   T27] audit: type=1326 audit(1768449346.862:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  705.387595][   T27] audit: type=1326 audit(1768449346.862:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  705.507344][   T27] audit: type=1326 audit(1768449346.862:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  705.643812][   T27] audit: type=1326 audit(1768449346.902:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  705.851506][   T27] audit: type=1326 audit(1768449346.902:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11205 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  706.601702][T11232] loop5: detected capacity change from 0 to 2048
[  706.691476][T11232] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  708.071920][T11238] loop6: detected capacity change from 0 to 262144
[  708.115810][T11238] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop6 scanned by syz.6.1382 (11238)
[  708.144131][T11238] BTRFS info (device loop6): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  708.154379][T11238] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  708.163666][T11238] BTRFS info (device loop6): using free space tree
[  708.823349][T11241] loop3: detected capacity change from 0 to 131072
[  708.838862][T11241] F2FS-fs (loop3): Test dummy encryption mode enabled
[  708.882394][T11246] fuse: Bad value for 'fd'
[  708.894086][T11241] F2FS-fs (loop3): invalid crc value
[  708.904114][T11241] F2FS-fs (loop3): Found nat_bits in checkpoint
[  708.932748][T11241] F2FS-fs (loop3): sanity_check_inode: corrupted inode ino=3, run fsck to fix.
[  708.943015][T11241] F2FS-fs (loop3): Failed to read root inode
[  709.941110][T11238] BTRFS error (device loop6): open_ctree failed: -4
[  710.501989][ T5768] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop6 scanned by udevd (5768)
[  710.588783][    C0] ICMPv6: NA: 1a:16:77:e7:93:77 advertised our address fe80::1816:77ff:fee7:9377 on gretap1!
[  711.372790][T11283] loop5: detected capacity change from 0 to 2048
[  711.452949][T11283] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  715.102918][T11297] loop5: detected capacity change from 0 to 262144
[  715.234325][T11297] BTRFS info (device loop5): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  715.244603][T11297] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm
[  715.254038][T11297] BTRFS info (device loop5): using free space tree
[  715.413631][T11297] BTRFS info (device loop5): enabling ssd optimizations
[  715.420640][T11297] BTRFS info (device loop5): auto enabling async discard
[  715.782657][ T8795] BTRFS info (device loop5): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  715.991624][T11325] loop3: detected capacity change from 0 to 2048
[  716.202838][T11325] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  725.343421][ T5855] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  725.639822][ T5855] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[  725.671108][ T5855] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[  726.363624][ T5855] usb 4-1: config 0 interface 0 has no altsetting 0
[  726.392648][ T5855] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  726.484000][ T5855] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  726.492212][ T5855] usb 4-1: Product: syz
[  726.533779][ T5855] usb 4-1: Manufacturer: syz
[  726.538418][ T5855] usb 4-1: SerialNumber: syz
[  726.568530][ T5855] usb 4-1: config 0 descriptor??
[  726.603607][ T5855] usb 4-1: selecting invalid altsetting 0
[  728.946281][T10529] usb 4-1: USB disconnect, device number 6
[  729.017478][T11403] loop5: detected capacity change from 0 to 2048
[  729.122044][T11403] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  730.293832][T11416] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1432'.
[  732.132935][T11426] syz.3.1436 (11426): drop_caches: 2
[  736.657486][T11465] loop5: detected capacity change from 0 to 2048
[  736.836948][T11465] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  740.234874][T11492] loop5: detected capacity change from 0 to 2048
[  740.296021][T11492] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  741.533669][T10529] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  742.576519][T10529] usb 6-1: config 0 has an invalid interface number: 106 but max is 0
[  742.593815][T10529] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  742.643557][T10529] usb 6-1: config 0 has no interface number 0
[  742.654246][T10529] usb 6-1: config 0 interface 106 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  742.673927][T11503] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1462'.
[  742.678948][T10529] usb 6-1: config 0 interface 106 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  742.736929][T10529] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  742.763547][T10529] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.810942][T10529] usb 6-1: config 0 descriptor??
[  742.857500][T10529] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  743.037093][   T12] usb 6-1: Failed to submit usb control message: -71
[  743.045661][T10529] usb 6-1: USB disconnect, device number 3
[  743.055688][   T12] usb 6-1: unable to send the bmi data to the device: -71
[  743.062803][   T12] usb 6-1: unable to get target info from device
[  743.114182][   T12] usb 6-1: could not get target info (-71)
[  743.131021][   T12] usb 6-1: could not probe fw (-71)
[  746.334298][T11530] tipc: Started in network mode
[  746.339180][T11530] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  746.391178][T11530] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  746.415838][T11530] tipc: Enabled bearer <udp:s>, priority 10
[  748.597742][ T5855] tipc: Node number set to 1
[  748.600009][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  748.609048][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  749.135169][T11542] fuse: Bad value for 'fd'
[  755.074625][T11588] fuse: Bad value for 'fd'
[  758.711099][T11631] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  760.286819][T11638] fuse: Bad value for 'fd'
[  760.657407][T11629] Bluetooth: hci2: command 0x0406 tx timeout
[  761.597031][ T3449] hsr_slave_0: left promiscuous mode
[  761.634706][ T3449] hsr_slave_1: left promiscuous mode
[  761.719351][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_0
[  761.764386][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_1
[  761.798055][ T3449] bridge_slave_1: left allmulticast mode
[  761.949492][ T3449] bridge_slave_1: left promiscuous mode
[  761.980224][ T3449] bridge0: port 2(bridge_slave_1) entered disabled state
[  763.147015][ T3449] bridge_slave_0: left allmulticast mode
[  763.154802][ T3449] bridge_slave_0: left promiscuous mode
[  763.260894][ T3449] bridge0: port 1(bridge_slave_0) entered disabled state
[  764.232970][T11664] loop6: detected capacity change from 0 to 131072
[  765.490122][T11664] F2FS-fs (loop6): Found nat_bits in checkpoint
[  765.583832][T11664] F2FS-fs (loop6): Mounted with checkpoint version = 1b41e955
[  765.667134][T11664] F2FS-fs (loop6): Inconsistent error blkaddr:5633, sit bitmap:0
[  765.675545][T11664] CPU: 1 PID: 11664 Comm: syz.6.1499 Not tainted syzkaller #0
[  765.683016][T11664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  765.693066][T11664] Call Trace:
[  765.696335][T11664]  <TASK>
[  765.699253][T11664]  dump_stack_lvl+0x16c/0x230
[  765.704002][T11664]  ? show_regs_print_info+0x20/0x20
[  765.709182][T11664]  ? f2fs_get_next_page_offset+0x690/0x690
[  765.715011][T11664]  ? __asan_memset+0x22/0x40
[  765.719613][T11664]  ? __lookup_extent_tree+0xba0/0xba0
[  765.724978][T11664]  f2fs_is_valid_blkaddr+0xe39/0x1580
[  765.730428][T11664]  f2fs_get_read_data_page+0x3a4/0x5c0
[  765.735884][T11664]  ? f2fs_reserve_block+0x240/0x240
[  765.741077][T11664]  ? __asan_memset+0x22/0x40
[  765.745748][T11664]  f2fs_find_data_page+0x9f/0x3a0
[  765.750772][T11664]  __f2fs_find_entry+0x64d/0xca0
[  765.755721][T11664]  ? f2fs_find_target_dentry+0xbc0/0xbc0
[  765.761355][T11664]  f2fs_lookup+0x220/0x7b0
[  765.765764][T11664]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  765.771812][T11664]  ? d_hash_and_lookup+0x1b0/0x1b0
[  765.776934][T11664]  ? __init_waitqueue_head+0xa9/0x150
[  765.782311][T11664]  __lookup_slow+0x281/0x3b0
[  765.786893][T11664]  ? lookup_one_len+0x2c0/0x2c0
[  765.791735][T11664]  ? try_to_unlazy+0x34c/0x5a0
[  765.796493][T11664]  ? down_read+0x1ac/0x2e0
[  765.800975][T11664]  lookup_slow+0x53/0x70
[  765.805212][T11664]  walk_component+0x2be/0x3f0
[  765.809876][T11664]  ? path_lookupat+0x15c/0x440
[  765.814628][T11664]  path_lookupat+0x169/0x440
[  765.819209][T11664]  filename_lookup+0x1f4/0x510
[  765.823980][T11664]  ? __virt_addr_valid+0x18c/0x540
[  765.829093][T11664]  ? hashlen_string+0x110/0x110
[  765.833954][T11664]  ? strncpy_from_user+0x197/0x2e0
[  765.839101][T11664]  ? getname_flags+0x20a/0x500
[  765.843862][T11664]  user_path_at_empty+0x42/0x60
[  765.848705][T11664]  __se_sys_mount+0x29b/0x3c0
[  765.853381][T11664]  ? __x64_sys_mount+0xc0/0xc0
[  765.858132][T11664]  ? lockdep_hardirqs_on+0x98/0x150
[  765.863313][T11664]  ? __x64_sys_mount+0x20/0xc0
[  765.868059][T11664]  do_syscall_64+0x55/0xb0
[  765.872630][T11664]  ? clear_bhb_loop+0x40/0x90
[  765.877362][T11664]  ? clear_bhb_loop+0x40/0x90
[  765.882028][T11664]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  765.887910][T11664] RIP: 0033:0x7fa05078f749
[  765.892315][T11664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  765.911927][T11664] RSP: 002b:00007fa0515fc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  765.920338][T11664] RAX: ffffffffffffffda RBX: 00007fa0509e5fa0 RCX: 00007fa05078f749
[  765.928298][T11664] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000
[  765.936259][T11664] RBP: 00007fa050813f91 R08: 0000000000000000 R09: 0000000000000000
[  765.944218][T11664] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  765.952172][T11664] R13: 00007fa0509e6038 R14: 00007fa0509e5fa0 R15: 00007ffe171cee48
[  765.960143][T11664]  </TASK>
[  766.630960][T11666] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1491'.
[  766.818678][T11672] loop5: detected capacity change from 0 to 40427
[  766.873750][T11672] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[  771.225747][ T3449] team0 (unregistering): Port device team_slave_1 removed
[  771.426976][ T3449] team0 (unregistering): Port device team_slave_0 removed
[  771.623988][ T3449] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  771.905090][ T3449] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  771.957515][T11713] loop5: detected capacity change from 0 to 131072
[  772.046360][T11713] F2FS-fs (loop5): Found nat_bits in checkpoint
[  772.111098][T11713] F2FS-fs (loop5): Mounted with checkpoint version = 1b41e955
[  772.238610][T11713] F2FS-fs (loop5): Inconsistent error blkaddr:5633, sit bitmap:0
[  772.246532][T11713] CPU: 0 PID: 11713 Comm: syz.5.1512 Not tainted syzkaller #0
[  772.254025][T11713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  772.264107][T11713] Call Trace:
[  772.267397][T11713]  <TASK>
[  772.270334][T11713]  dump_stack_lvl+0x16c/0x230
[  772.275036][T11713]  ? show_regs_print_info+0x20/0x20
[  772.280255][T11713]  ? f2fs_get_next_page_offset+0x690/0x690
[  772.286083][T11713]  ? __asan_memset+0x22/0x40
[  772.290704][T11713]  ? __lookup_extent_tree+0xba0/0xba0
[  772.296111][T11713]  f2fs_is_valid_blkaddr+0xe39/0x1580
[  772.301515][T11713]  f2fs_get_read_data_page+0x3a4/0x5c0
[  772.307011][T11713]  ? f2fs_reserve_block+0x240/0x240
[  772.312258][T11713]  ? __asan_memset+0x22/0x40
[  772.316884][T11713]  f2fs_find_data_page+0x9f/0x3a0
[  772.321939][T11713]  __f2fs_find_entry+0x64d/0xca0
[  772.326936][T11713]  ? f2fs_find_target_dentry+0xbc0/0xbc0
[  772.332715][T11713]  f2fs_lookup+0x220/0x7b0
[  772.337181][T11713]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  772.343277][T11713]  ? d_hash_and_lookup+0x1b0/0x1b0
[  772.348433][T11713]  ? __init_waitqueue_head+0xa9/0x150
[  772.353849][T11713]  __lookup_slow+0x281/0x3b0
[  772.358484][T11713]  ? lookup_one_len+0x2c0/0x2c0
[  772.363373][T11713]  ? try_to_unlazy+0x34c/0x5a0
[  772.368176][T11713]  ? down_read+0x1ac/0x2e0
[  772.372624][T11713]  lookup_slow+0x53/0x70
[  772.376904][T11713]  walk_component+0x2be/0x3f0
[  772.381608][T11713]  ? path_lookupat+0x15c/0x440
[  772.386407][T11713]  path_lookupat+0x169/0x440
[  772.391038][T11713]  filename_lookup+0x1f4/0x510
[  772.395830][T11713]  ? __virt_addr_valid+0x18c/0x540
[  772.400975][T11713]  ? hashlen_string+0x110/0x110
[  772.405928][T11713]  ? strncpy_from_user+0x197/0x2e0
[  772.411033][T11713]  ? getname_flags+0x20a/0x500
[  772.415807][T11713]  user_path_at_empty+0x42/0x60
[  772.420653][T11713]  __se_sys_mount+0x29b/0x3c0
[  772.425322][T11713]  ? __x64_sys_mount+0xc0/0xc0
[  772.430075][T11713]  ? lockdep_hardirqs_on+0x98/0x150
[  772.435275][T11713]  ? __x64_sys_mount+0x20/0xc0
[  772.440047][T11713]  do_syscall_64+0x55/0xb0
[  772.444451][T11713]  ? clear_bhb_loop+0x40/0x90
[  772.449116][T11713]  ? clear_bhb_loop+0x40/0x90
[  772.453805][T11713]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  772.459708][T11713] RIP: 0033:0x7fe42e78f749
[  772.464125][T11713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  772.483757][T11713] RSP: 002b:00007fe42f613038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  772.492168][T11713] RAX: ffffffffffffffda RBX: 00007fe42e9e5fa0 RCX: 00007fe42e78f749
[  772.500137][T11713] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000
[  772.508105][T11713] RBP: 00007fe42e813f91 R08: 0000000000000000 R09: 0000000000000000
[  772.516070][T11713] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  772.524062][T11713] R13: 00007fe42e9e6038 R14: 00007fe42e9e5fa0 R15: 00007ffe90ef02c8
[  772.532037][T11713]  </TASK>
[  779.757838][T11771] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1536'.
[  780.062968][T11781] syz.6.1533: attempt to access beyond end of device
[  780.062968][T11781] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[  780.083798][T11781] syz.6.1533: attempt to access beyond end of device
[  780.083798][T11781] nbd6: rw=0, sector=120, nr_sectors = 8 limit=0
[  780.097288][T11781] Mount JFS Failure: -5
[  780.101644][T11781] jfs_mount failed w/return code = -5
[  781.069932][T11777] loop5: detected capacity change from 0 to 40427
[  781.095342][T11777] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[  783.592225][ T3449] bond0 (unregistering): Released all slaves
[  783.816233][T11755] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1531'.
[  783.830530][T11755] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1531'.
[  784.175145][T11821] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1549'.
[  787.206871][T11849] fuse: Bad value for 'fd'
[  790.355922][T11883] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1553'.
[  791.050669][T11897] fuse: Bad value for 'fd'
[  792.479463][T11878] loop6: detected capacity change from 0 to 40427
[  792.494525][T11878] F2FS-fs (loop6): build fault injection attr: rate: 174, type: 0x7ffff
[  792.673556][ T5775] I/O error, dev loop6, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  793.269666][ T2923] Bluetooth: hci4: Frame reassembly failed (-84)
[  794.983741][ T8643] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  794.990574][T11629] Bluetooth: hci4: command 0x1003 tx timeout
[  796.327748][T11934] syz.6.1575: attempt to access beyond end of device
[  796.327748][T11934] loop13: rw=0, sector=0, nr_sectors = 1 limit=0
[  796.340867][T11934] FAT-fs (loop13): unable to read boot sector
[  797.083539][T11936] fuse: Bad value for 'fd'
[  798.178074][T11949] ntfs3: nullb0: Primary boot signature is not NTFS.
[  798.189255][T11949] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[  800.540592][T11954] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1583'.
[  805.329828][T12037] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1598'.
[  805.559547][T12037] loop5: detected capacity change from 0 to 40427
[  805.606084][T12037] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[  808.171153][T12082] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  808.178250][T12082] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  808.212409][T12082] vhci_hcd vhci_hcd.0: Device attached
[  808.234645][T12079] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1608'.
[  808.246741][T12083] vhci_hcd: connection closed
[  808.260934][T12079] bond_slave_0: entered promiscuous mode
[  808.271747][T12079] bond_slave_1: entered promiscuous mode
[  808.294572][ T2972] vhci_hcd: stop threads
[  808.307991][ T2972] vhci_hcd: release socket
[  808.349236][ T2972] vhci_hcd: disconnect device
[  808.379501][T12079] macvlan3: entered promiscuous mode
[  808.387561][T12079] bond0: entered promiscuous mode
[  808.405714][T12079] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  809.113873][T12092] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1611'.
[  809.443869][T12098] loop6: detected capacity change from 0 to 40427
[  809.460499][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  809.466826][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  809.485100][T12098] F2FS-fs (loop6): build fault injection attr: rate: 174, type: 0x7ffff
[  809.763784][ T5775] I/O error, dev loop6, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  812.653931][T12141] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1621'.
[  818.438479][T12194] vivid-002: disconnect
[  819.135236][T12192] vivid-002: reconnect
[  822.013883][T12231] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1630'.
[  822.345076][T12232] loop6: detected capacity change from 0 to 40427
[  822.386271][T12232] F2FS-fs (loop6): build fault injection attr: rate: 174, type: 0x7ffff
[  826.213815][T12276] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1643'.
[  830.174279][T12329] loop3: detected capacity change from 0 to 2048
[  830.230557][T12329] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  830.299575][T12334] netlink: 83 bytes leftover after parsing attributes in process `syz.6.1654'.
[  830.349959][ T5139] udevd[5139]: worker [5775] terminated by signal 33 (Unknown signal 33)
[  830.387218][ T5139] udevd[5139]: worker [5775] failed while handling '/devices/virtual/block/loop3'
[  835.663816][T12380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1660'.
[  836.016318][T12383] loop3: detected capacity change from 0 to 40427
[  836.069097][T12383] F2FS-fs (loop3): build fault injection attr: rate: 174, type: 0x7ffff
[  844.003799][T12448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1673'.
[  851.801872][T12510] loop3: detected capacity change from 0 to 40427
[  851.863717][T12510] F2FS-fs (loop3): build fault injection attr: rate: 174, type: 0x7ffff
[  871.376503][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  871.383576][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  873.684018][T12636] capability: warning: `syz.3.1701' uses 32-bit capabilities (legacy support in use)
[  878.737794][T12666] warning: `syz.6.1727' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  883.984713][T12695] 8021q: adding VLAN 0 to HW filter on device bond1
[  884.309515][   T27] kauditd_printk_skb: 3 callbacks suppressed
[  884.309528][   T27] audit: type=1326 audit(1768449526.452:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12700 comm="syz.6.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  884.403525][   T27] audit: type=1326 audit(1768449526.482:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12700 comm="syz.6.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  884.464168][   T27] audit: type=1326 audit(1768449526.512:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12700 comm="syz.6.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  884.645252][   T27] audit: type=1326 audit(1768449526.512:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12700 comm="syz.6.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  885.002842][   T27] audit: type=1326 audit(1768449526.512:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12700 comm="syz.6.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  886.598795][ T5914] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  887.025562][ T5914] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  889.295892][T12740] hid-generic 0000:0000:0000.0001: pid 12740 passed too short report
[  900.874872][T12820] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1775'.
[  904.198977][   T27] audit: type=1326 audit(1768449546.342:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.1.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  904.221316][    C0] vkms_vblank_simulate: vblank timer overrun
[  905.580363][   T27] audit: type=1326 audit(1768449546.342:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.1.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  905.653897][   T27] audit: type=1326 audit(1768449546.342:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.1.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  905.703498][   T27] audit: type=1326 audit(1768449546.342:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.1.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  905.783540][   T27] audit: type=1326 audit(1768449546.342:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.1.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  905.843575][   T27] audit: type=1326 audit(1768449546.342:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.1.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  905.966870][   T27] audit: type=1326 audit(1768449546.342:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.1.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  905.973619][T12850] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1785'.
[  906.043540][   T27] audit: type=1326 audit(1768449546.342:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.1.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  906.073626][T12850] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1785'.
[  906.090365][T12850] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1785'.
[  906.162823][   T27] audit: type=1326 audit(1768449546.342:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.1.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f360638f749 code=0x7ffc0000
[  913.066962][ T5914] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  914.308358][ T5914] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  914.654658][ T5914] usb 6-1: config 0 interface 0 has no altsetting 0
[  915.096058][ T5914] usb 6-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=b1.f9
[  915.233205][ T5914] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  915.274203][ T5914] usb 6-1: Product: syz
[  915.278407][ T5914] usb 6-1: Manufacturer: syz
[  915.319660][ T5914] usb 6-1: SerialNumber: syz
[  915.374612][ T5914] usb 6-1: config 0 descriptor??
[  915.412195][ T5914] usb 6-1: can't set config #0, error -71
[  916.176806][ T5914] usb 6-1: USB disconnect, device number 4
[  917.703477][T10529] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  917.723502][  T787] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  918.417993][  T787] usb 7-1: Using ep0 maxpacket: 8
[  918.424070][T10529] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  918.437805][T10529] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  918.482486][T10529] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  920.093548][  T787] usb 7-1: unable to get BOS descriptor or descriptor too short
[  920.134599][T10529] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  920.146528][  T787] usb 7-1: unable to read config index 0 descriptor/start: -71
[  920.155012][T10529] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  920.163834][  T787] usb 7-1: can't read configurations, error -71
[  920.186658][T10529] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  920.198402][T10529] usb 4-1: invalid MIDI out EP 0
[  920.290939][T12888] udevd[12888]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  920.325635][T10529] snd-usb-audio: probe of 4-1:27.0 failed with error -22
[  920.410254][T10529] usb 4-1: USB disconnect, device number 7
[  927.621271][T12991] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.1821'.
[  931.702942][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  931.709587][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  936.186981][T13067] overlay: Unknown parameter '/'
[  936.232329][T13067] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  939.178108][   T27] audit: type=1326 audit(1768449582.320:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13092 comm="syz.6.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  939.211785][   T27] audit: type=1326 audit(1768449582.320:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13092 comm="syz.6.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  939.300370][   T27] audit: type=1326 audit(1768449582.320:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13092 comm="syz.6.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  939.423571][ T5914] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  939.503844][   T27] audit: type=1326 audit(1768449590.343:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13092 comm="syz.6.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  939.733870][ T5914] usb 6-1: Using ep0 maxpacket: 32
[  939.801033][ T5914] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  939.880119][ T5914] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  939.907646][ T5914] usb 6-1: Product: syz
[  939.922129][   T27] audit: type=1326 audit(1768449590.343:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13092 comm="syz.6.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa05078f749 code=0x7ffc0000
[  939.923036][ T5914] usb 6-1: Manufacturer: syz
[  939.944442][    C1] vkms_vblank_simulate: vblank timer overrun
[  940.006968][ T5914] usb 6-1: SerialNumber: syz
[  940.043921][ T5914] usb 6-1: config 0 descriptor??
[  940.057452][ T5914] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  940.904430][ T5914] gspca_ov534_9: reg_w failed -110
[  942.431058][ T5914] gspca_ov534_9: Unknown sensor 0000
[  942.433255][ T5914] ov534_9: probe of 6-1:0.0 failed with error -22
[  942.976960][T13118] binder: 13117:13118 ioctl c0306201 0 returned -14
[  947.269014][T10529] usb 6-1: USB disconnect, device number 5
[  956.636031][T13192] fuse: Unknown parameter 'grou00000000000000000000'
[  962.229950][T13229] misc userio: No port type given on /dev/userio
[  962.249125][T13229] misc userio: The device must be registered before sending interrupts
[  962.766982][T13235] fuse: Unknown parameter 'grou00000000000000000000'
[  969.587215][T13265] fuse: Unknown parameter 'grou00000000000000000000'
[  972.208366][T13284] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  974.125090][T13301] fuse: Unknown parameter 'group_i00000000000000000000'
[  977.586544][T13324] loop3: detected capacity change from 0 to 40427
[  977.665643][T13324] F2FS-fs (loop3): build fault injection attr: rate: 174, type: 0x7ffff
[  982.129850][T13355] loop5: detected capacity change from 0 to 40427
[  982.226770][T13355] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[  982.573878][  T787] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  982.803445][  T787] usb 7-1: Using ep0 maxpacket: 8
[  982.811073][  T787] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  982.822529][  T787] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  982.945238][  T787] usb 7-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  983.563517][  T787] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  983.574409][  T787] usb 7-1: config 0 descriptor??
[  985.453167][  T787] usbhid 7-1:0.0: can't add hid device: -71
[  985.511606][  T787] usbhid: probe of 7-1:0.0 failed with error -71
[  985.556698][  T787] usb 7-1: USB disconnect, device number 5
[  986.816033][T13376] fuse: Unknown parameter 'group_i00000000000000000000'
[  989.501350][T13398] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1943'.
[  989.511069][T13398] netlink: 88 bytes leftover after parsing attributes in process `syz.5.1943'.
[  990.421042][T13400] loop5: detected capacity change from 0 to 40427
[  990.428774][T13400] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[  991.866596][T13263] I/O error, dev loop5, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  991.933592][ T5855] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  992.155053][ T5855] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  992.185916][ T5855] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  992.209115][ T5855] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  992.242758][ T5855] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  992.262982][ T5855] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  992.286747][ T5855] usb 7-1: config 0 descriptor??
[  992.741834][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  992.761049][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  992.783631][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  992.797868][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  992.824464][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  992.847909][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  992.865845][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  992.887542][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  992.943483][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  992.976532][T13420] fuse: Unknown parameter 'group_i00000000000000000000'
[  993.004354][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  993.011785][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  993.054324][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  993.061898][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  993.121511][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  993.182827][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  993.200388][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  993.235497][ T5855] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  993.351898][ T5855] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  993.800962][ T5855] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  994.275241][ T5855] usb 7-1: USB disconnect, device number 6
[  994.452514][T13435] fido_id[13435]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  996.763804][ T5855] IPVS: starting estimator thread 0...
[  996.863251][T13453] fuse: Unknown parameter 'group_id00000000000000000000'
[  997.003497][T13451] IPVS: using max 24 ests per chain, 57600 per kthread
[  997.885592][T13457] kvm: kvm [13456]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x10
[  998.950418][T13474] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1965'.
[ 1020.685051][T13603] netlink: 'syz.3.2002': attribute type 21 has an invalid length.
[ 1021.561761][T13610] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1022.494838][T13614] misc userio: No port type given on /dev/userio
[ 1022.515586][T13614] misc userio: The device must be registered before sending interrupts
[ 1023.083685][T13618] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2006'.
[ 1023.093507][T13618] netlink: 88 bytes leftover after parsing attributes in process `syz.5.2006'.
[ 1023.940494][T13620] loop5: detected capacity change from 0 to 40427
[ 1024.017433][T13620] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[ 1024.233507][T13532] I/O error, dev loop5, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1030.314306][T13652] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2016'.
[ 1030.333671][T13652] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2016'.
[ 1030.503641][T10529] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1030.713538][T10529] usb 7-1: Using ep0 maxpacket: 32
[ 1030.734334][T10529] usb 7-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1030.759615][T10529] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1030.778306][T10529] usb 7-1: Product: syz
[ 1030.782498][T10529] usb 7-1: Manufacturer: syz
[ 1030.807558][T10529] usb 7-1: SerialNumber: syz
[ 1030.845213][T10529] usb 7-1: config 0 descriptor??
[ 1030.870292][T10529] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1032.036500][T10529] gspca_ov534_9: reg_w failed -110
[ 1032.300108][T13664] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1032.672690][T10529] gspca_ov534_9: Unknown sensor 0000
[ 1032.672782][T10529] ov534_9: probe of 7-1:0.0 failed with error -22
[ 1034.621270][T10529] usb 7-1: USB disconnect, device number 7
[ 1037.184141][T13691] fuse: Bad value for 'user_id'
[ 1038.720743][T13698] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2030'.
[ 1038.730566][T13698] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2030'.
[ 1039.581017][T13700] loop5: detected capacity change from 0 to 40427
[ 1039.656080][T13700] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[ 1044.418684][T13726] fuse: Bad value for 'user_id'
[ 1045.131140][T13732] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2039'.
[ 1045.141701][T13732] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2039'.
[ 1045.881391][T13734] loop5: detected capacity change from 0 to 40427
[ 1046.093012][T13734] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[ 1053.873678][T13771] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2048'.
[ 1053.882596][T13771] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2048'.
[ 1055.741564][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1055.748874][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1057.744711][T13793] fuse: Bad value for 'user_id'
[ 1060.743688][T13809] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2057'.
[ 1060.752622][T13809] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2057'.
[ 1062.208386][T13823] fuse: Bad value for 'fd'
[ 1067.205625][T13853] fuse: Bad value for 'fd'
[ 1071.703643][T13870] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2067'.
[ 1071.712609][T13870] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2067'.
[ 1076.204106][T13901] fuse: Bad value for 'fd'
[ 1082.755131][T13944] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2086'.
[ 1082.765001][T13944] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2086'.
[ 1083.615911][T13946] loop6: detected capacity change from 0 to 40427
[ 1083.704125][T13946] F2FS-fs (loop6): build fault injection attr: rate: 174, type: 0x7ffff
[ 1084.945104][T13953] fuse: Bad value for 'fd'
[ 1091.963826][T13986] fuse: Bad value for 'fd'
[ 1098.321506][T14016] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2106'.
[ 1098.331292][T14016] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2106'.
[ 1099.179378][T14018] loop5: detected capacity change from 0 to 40427
[ 1099.320587][T14018] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[ 1105.154670][T14044] fuse: Bad value for 'fd'
[ 1106.010325][T14049] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2127'.
[ 1106.020325][T14049] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2127'.
[ 1106.866753][T14051] loop3: detected capacity change from 0 to 40427
[ 1106.944053][T14051] F2FS-fs (loop3): build fault injection attr: rate: 174, type: 0x7ffff
[ 1107.208686][T13988] I/O error, dev loop3, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1115.652903][T14101] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2138'.
[ 1115.662623][T14101] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2138'.
[ 1116.397511][T14103] loop6: detected capacity change from 0 to 40427
[ 1116.563842][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.570170][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.580678][T14103] F2FS-fs (loop6): build fault injection attr: rate: 174, type: 0x7ffff
[ 1120.714100][T14116] fuse: Invalid rootmode
[ 1127.561206][T14161] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2149'.
[ 1127.570909][T14161] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2149'.
[ 1128.308748][T14163] loop5: detected capacity change from 0 to 40427
[ 1128.495014][T14163] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[ 1131.171003][T14173] fuse: Invalid rootmode
[ 1139.224709][T14214] fuse: Invalid rootmode
[ 1144.283903][T14245] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2169'.
[ 1144.293930][T14245] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2169'.
[ 1145.039704][T14247] loop6: detected capacity change from 0 to 40427
[ 1145.219412][T14247] F2FS-fs (loop6): build fault injection attr: rate: 174, type: 0x7ffff
[ 1151.140546][T14277] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2192'.
[ 1151.898735][T14279] loop3: detected capacity change from 0 to 40427
[ 1152.106524][T14279] F2FS-fs (loop3): build fault injection attr: rate: 174, type: 0x7ffff
[ 1152.866539][T14282] fuse: Bad value for 'rootmode'
[ 1162.787495][T14332] program syz.5.2206 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1165.820919][T14345] fuse: Bad value for 'rootmode'
[ 1170.761453][T14379] fuse: Bad value for 'rootmode'
[ 1170.965119][  T788] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1171.207311][  T788] usb 6-1: Using ep0 maxpacket: 8
[ 1171.614694][  T788] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1171.733344][  T788] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1171.741379][  T788] usb 6-1: Product: syz
[ 1171.793516][  T788] usb 6-1: Manufacturer: syz
[ 1171.813475][  T788] usb 6-1: SerialNumber: syz
[ 1171.835754][  T788] usb 6-1: config 0 descriptor??
[ 1172.053594][  T788] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1174.293668][T14405] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2227'.
[ 1174.863088][  T788] dvb_usb_rtl28xxu: probe of 6-1:0.0 failed with error -32
[ 1174.987874][  T788] usb 6-1: USB disconnect, device number 6
[ 1177.149037][T14419] fuse: Unknown parameter 'use00000000000000000000'
[ 1177.469396][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.475794][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1179.824240][T14440] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2236'.
[ 1180.376923][T14441] loop3: detected capacity change from 0 to 40427
[ 1180.443477][T14441] F2FS-fs (loop3): build fault injection attr: rate: 174, type: 0x7ffff
[ 1180.703528][T14412] I/O error, dev loop3, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1181.004875][T14446] netlink: 27 bytes leftover after parsing attributes in process `syz.5.2240'.
[ 1181.206946][T14448] fuse: Unknown parameter 'use00000000000000000000'
[ 1181.408595][T14453] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1181.418262][T14453] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1181.427438][T14453] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1181.446853][T14453] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1181.454760][T14453] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1181.462109][T14453] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1181.478348][ T8643] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1181.487229][ T8643] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1181.494779][ T8643] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1181.578416][ T8643] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1181.589450][ T8643] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1181.601242][ T8643] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1182.496196][T14451] lo speed is unknown, defaulting to 1000
[ 1183.452827][T12786] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1184.715956][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880226c8800: rx timeout, send abort
[ 1184.733529][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880226c8800: 0x0f000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1184.994237][T14453] Bluetooth: hci4: command tx timeout
[ 1186.382508][T12786] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1186.832423][T12786] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1186.871678][T14451] chnl_net:caif_netlink_parms(): no params data found
[ 1187.045783][T12786] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1187.056438][T14453] Bluetooth: hci4: command tx timeout
[ 1187.417922][T14451] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1187.425441][T14451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1187.432602][T14451] bridge_slave_0: entered allmulticast mode
[ 1187.441628][T14451] bridge_slave_0: entered promiscuous mode
[ 1187.457045][T14451] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1187.464516][T14451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1187.471729][T14451] bridge_slave_1: entered allmulticast mode
[ 1187.484876][T14451] bridge_slave_1: entered promiscuous mode
[ 1187.639609][T14451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1187.671051][T14451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1188.180229][T14486] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2250'.
[ 1188.918439][T14488] loop5: detected capacity change from 0 to 40427
[ 1189.104497][T14488] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[ 1189.133426][T14453] Bluetooth: hci4: command tx timeout
[ 1189.722979][T14451] team0: Port device team_slave_0 added
[ 1189.879228][T14451] team0: Port device team_slave_1 added
[ 1190.976658][T12786] tipc: Left network mode
[ 1191.113637][T14451] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1191.160853][T14451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1191.223463][T14453] Bluetooth: hci4: command tx timeout
[ 1191.300865][T14451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1191.330982][T14451] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1191.351486][T14451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1191.390888][T14451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1192.008825][T14513] program syz.3.2255 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1192.908867][T14451] hsr_slave_0: entered promiscuous mode
[ 1192.994972][T14451] hsr_slave_1: entered promiscuous mode
[ 1193.015289][T14451] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1193.022848][T14451] Cannot create hsr debugfs directory
[ 1195.113611][T14539] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2260'.
[ 1195.601357][T12786] batman_adv: batadv0: Interface deactivated: gretap1
[ 1195.740440][T12786] batman_adv: batadv0: Removing interface: gretap1
[ 1202.012451][T14589] syz_tun: entered promiscuous mode
[ 1202.673712][T14589] syz_tun: left promiscuous mode
[ 1204.543466][T12786] hsr_slave_0: left promiscuous mode
[ 1204.608430][T12786] hsr_slave_1: left promiscuous mode
[ 1204.650181][T12786] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1204.667701][T12786] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1204.720143][T12786] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1204.743416][T12786] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1204.761564][T12786] bridge_slave_1: left allmulticast mode
[ 1204.767497][T12786] bridge_slave_1: left promiscuous mode
[ 1204.773294][T12786] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1204.884410][T12786] bridge_slave_0: left allmulticast mode
[ 1204.890098][T12786] bridge_slave_0: left promiscuous mode
[ 1204.917519][T12786] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1205.046253][T12786] bond0: left promiscuous mode
[ 1205.051747][T12786] bond_slave_0: left promiscuous mode
[ 1205.057698][T12786] bond_slave_1: left promiscuous mode
[ 1205.124626][T12786] veth1_macvtap: left promiscuous mode
[ 1205.130192][T12786] veth0_macvtap: left promiscuous mode
[ 1205.176455][T12786] veth1_vlan: left promiscuous mode
[ 1205.203525][T12786] veth0_vlan: left promiscuous mode
[ 1205.961782][T14624] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2277'.
[ 1207.887850][T12786] bond1 (unregistering): Released all slaves
[ 1209.042664][T12786] team0 (unregistering): Port device geneve0 removed
[ 1214.451782][T14683] input: syz0 as /devices/virtual/input/input8
[ 1214.781630][ T1003] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1215.171044][T12786] team0 (unregistering): Port device team_slave_1 removed
[ 1215.879059][T12786] team0 (unregistering): Port device team_slave_0 removed
[ 1216.620288][T12786] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1216.813680][ T8643] Bluetooth: hci0: command 0x1003 tx timeout
[ 1216.824695][T14453] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1217.314245][T12786] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1219.269703][T14719] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2299'.
[ 1221.458700][T14721] kvm: kvm [14720]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x800
[ 1221.511997][T14721] kvm: kvm [14720]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x800
[ 1221.522659][T14721] kvm: kvm [14720]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x800
[ 1222.516280][    T8] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1223.880601][T12786] bond0 (unregistering): Released all slaves
[ 1224.007632][    T8] usb 7-1: Using ep0 maxpacket: 8
[ 1224.030668][    T8] usb 7-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[ 1224.058733][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1224.113949][    T8] usb 7-1: config 0 descriptor??
[ 1224.355396][    T8] usb 7-1: string descriptor 0 read error: -71
[ 1224.367687][    T8] usb 7-1: Found UVC 0.00 device <unnamed> (2833:0201)
[ 1224.403763][    T8] usb 7-1: No valid video chain found.
[ 1224.446858][    T8] usb 7-1: USB disconnect, device number 8
[ 1224.603731][T14451] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1224.646043][T14451] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1224.738225][T14451] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1224.762156][T14451] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1226.078432][T14451] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1226.172704][T14451] 8021q: adding VLAN 0 to HW filter on device team0
[ 1226.346512][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1226.353711][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1226.385247][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1226.392377][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1228.943496][T12786] IPVS: stop unused estimator thread 0...
[ 1229.338344][T14451] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1229.467804][T14451] veth0_vlan: entered promiscuous mode
[ 1229.516438][T14451] veth1_vlan: entered promiscuous mode
[ 1229.656349][T14451] veth0_macvtap: entered promiscuous mode
[ 1229.696150][T14451] veth1_macvtap: entered promiscuous mode
[ 1229.747200][T14451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1229.803032][T14451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1229.824164][T14451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1229.843045][T14451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1229.863752][T14451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1229.889108][T14451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1229.929038][T14451] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1229.956515][T14451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1229.993183][T14451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1230.018878][T14451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1230.052281][T14451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1230.078631][T14451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1230.089610][T14451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1230.114646][T14451] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1230.159691][T14451] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1230.190681][T14451] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1230.202823][T14451] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1230.217474][T14451] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1231.386889][ T3449] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1231.413330][ T3449] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1231.529920][ T3449] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1231.550405][ T3449] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1236.167366][ T8643] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1236.183757][ T8643] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1236.192849][ T8643] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1236.202002][ T8643] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1236.211412][ T8643] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1236.219033][ T8643] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1236.336973][T14867] lo speed is unknown, defaulting to 1000
[ 1237.677507][T14888] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2332'.
[ 1238.336173][ T8643] Bluetooth: hci0: command tx timeout
[ 1238.526482][T14891] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1238.638893][T14891] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1238.734597][T14867] chnl_net:caif_netlink_parms(): no params data found
[ 1238.904870][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.912621][T14900] fuse: Unknown parameter '0x0000000000000003'
[ 1238.913135][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1240.443360][ T8643] Bluetooth: hci0: command tx timeout
[ 1240.575660][T14867] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1240.653519][T14867] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1240.660775][T14867] bridge_slave_0: entered allmulticast mode
[ 1240.678400][T14867] bridge_slave_0: entered promiscuous mode
[ 1240.734890][T14867] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1240.742026][T14867] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1240.782089][T14867] bridge_slave_1: entered allmulticast mode
[ 1240.805668][T14867] bridge_slave_1: entered promiscuous mode
[ 1241.528351][T14867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1241.557099][T14867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1241.676608][T14867] team0: Port device team_slave_0 added
[ 1241.689983][T14867] team0: Port device team_slave_1 added
[ 1241.752680][T14867] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1241.770165][T14920] Invalid option length (1047662) for dns_resolver key
[ 1241.780175][T14867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1241.831026][T14867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1241.845193][T14867] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1241.852268][T14867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1241.883618][T14867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1241.973845][T14867] hsr_slave_0: entered promiscuous mode
[ 1241.982804][T14867] hsr_slave_1: entered promiscuous mode
[ 1241.998535][T14867] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1242.018043][T14867] Cannot create hsr debugfs directory
[ 1242.554040][ T8643] Bluetooth: hci0: command tx timeout
[ 1244.359568][T14867] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.375716][T14935] fuse: Unknown parameter '0x0000000000000003'
[ 1244.499839][T14867] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.573316][ T8643] Bluetooth: hci0: command tx timeout
[ 1244.603000][T14867] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.830393][T14867] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1247.244483][T14867] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1247.282190][T14867] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1247.328628][T14867] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1247.390506][T14867] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1247.405223][    T8] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1247.638712][T14970] fuse: Unknown parameter '0x0000000000000003'
[ 1247.643383][    T8] usb 7-1: Using ep0 maxpacket: 32
[ 1247.676169][    T8] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[ 1247.705498][    T8] usb 7-1: config 0 has no interface number 0
[ 1247.735964][    T8] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1247.772934][    T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1247.805304][    T8] usb 7-1: Product: syz
[ 1247.811337][    T8] usb 7-1: Manufacturer: syz
[ 1247.823358][    T8] usb 7-1: SerialNumber: syz
[ 1247.836054][    T8] usb 7-1: config 0 descriptor??
[ 1247.838477][T14867] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1247.849975][    T8] smsc95xx v2.0.0
[ 1249.335297][T14867] 8021q: adding VLAN 0 to HW filter on device team0
[ 1249.342283][    T8] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[ 1249.374603][ T2923] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1249.381725][ T2923] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1249.422538][    T8] smsc95xx: probe of 7-1:0.67 failed with error -71
[ 1249.445390][ T2923] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1249.452652][ T2923] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1249.453820][    T8] usb 7-1: USB disconnect, device number 9
[ 1250.981464][T14867] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1252.296362][T14867] veth0_vlan: entered promiscuous mode
[ 1252.333674][T14867] veth1_vlan: entered promiscuous mode
[ 1252.402366][T14867] veth0_macvtap: entered promiscuous mode
[ 1252.520795][T14867] veth1_macvtap: entered promiscuous mode
[ 1252.570961][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1252.598206][T14997] fuse: Unknown parameter '0x0000000000000003'
[ 1252.623359][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1252.633210][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1252.679898][T14999] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[ 1252.683277][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1252.686450][T14999] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1252.703280][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1252.723284][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1252.743560][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1252.755035][T14999] vhci_hcd vhci_hcd.0: Device attached
[ 1252.773361][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1252.794859][T14867] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1252.815535][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1252.834528][T15000] vhci_hcd: connection closed
[ 1252.852115][ T1003] vhci_hcd: stop threads
[ 1252.861304][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1252.873998][ T1003] vhci_hcd: release socket
[ 1252.893568][ T1003] vhci_hcd: disconnect device
[ 1252.898434][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1252.922455][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1252.953404][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1252.963964][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1252.974955][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1252.984411][   T23] vhci_hcd: vhci_device speed not set
[ 1252.987017][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1253.004083][T14867] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1253.018780][T14867] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1253.027628][T14867] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1253.036994][T14867] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1253.663817][T14867] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1253.906462][ T1003] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1253.925763][ T1003] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1253.975958][ T2936] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1253.997805][ T2936] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1255.291932][T15028] netlink: 'syz.1.2365': attribute type 1 has an invalid length.
[ 1255.303264][T15028] netlink: 'syz.1.2365': attribute type 2 has an invalid length.
[ 1255.339595][T15028] netlink: 'syz.1.2365': attribute type 2 has an invalid length.
[ 1255.363940][T15028] netlink: 'syz.1.2365': attribute type 1 has an invalid length.
[ 1256.888935][T15031] fuse: Unknown parameter '0x0000000000000003'
[ 1262.068200][T15074] fuse: Unknown parameter '0x0000000000000003'
[ 1263.212947][   T23] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1263.833518][   T23] usb 4-1: Using ep0 maxpacket: 16
[ 1264.361045][   T23] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1264.370950][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1264.373529][T15089] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2387'.
[ 1264.389644][   T23] usb 4-1: Product: syz
[ 1264.400841][   T23] usb 4-1: Manufacturer: syz
[ 1264.407835][   T23] usb 4-1: SerialNumber: syz
[ 1264.416263][   T23] usb 4-1: config 0 descriptor??
[ 1264.430967][   T23] visor 4-1:0.0: Sony Clie 3.5 converter detected
[ 1266.323394][   T23] usb 4-1: clie_3_5_startup: get config number failed: -71
[ 1266.354531][   T23] visor: probe of 4-1:0.0 failed with error -71
[ 1266.388549][   T23] usb 4-1: USB disconnect, device number 8
[ 1266.438762][T15100] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1275.743889][   T23] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1275.906293][T15154] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1275.933482][   T23] usb 6-1: Using ep0 maxpacket: 32
[ 1275.962321][   T23] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1275.972562][   T23] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1275.991860][T14626] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1276.021417][   T23] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1276.607144][   T23] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1276.619612][   T23] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1276.632020][   T23] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1276.646863][   T23] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1276.658092][   T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1276.881390][   T23] usb 6-1: config 0 descriptor??
[ 1277.737893][T14626] usb 7-1: Using ep0 maxpacket: 16
[ 1277.755764][   T23] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1277.776294][   T23] usb 6-1: USB disconnect, device number 7
[ 1277.794518][T14626] usb 7-1: config 0 has an invalid interface number: 251 but max is 0
[ 1277.796705][   T23] usblp0: removed
[ 1277.802702][T14626] usb 7-1: config 0 has no interface number 0
[ 1277.802752][T14626] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1277.802774][T14626] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1277.872745][T14626] usb 7-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1277.883657][T14626] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1277.891682][T14626] usb 7-1: Product: syz
[ 1277.905902][T14626] usb 7-1: Manufacturer: syz
[ 1277.913633][T14626] usb 7-1: SerialNumber: syz
[ 1277.921799][T14626] usb 7-1: config 0 descriptor??
[ 1277.931582][T15144] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1277.942150][T15144] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1278.188681][T15144] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1278.213541][T15144] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1278.349250][   T23] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1278.788333][   T23] usb 6-1: Using ep0 maxpacket: 32
[ 1278.824804][   T23] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1278.831186][T14626] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1278.833179][   T23] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1278.866474][   T23] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1278.880525][   T23] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1278.898708][   T23] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1278.929234][T15176] random: crng reseeded on system resumption
[ 1279.586967][T14626] asix 7-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[ 1279.603496][   T23] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1279.616559][   T23] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1279.634322][T14626] asix: probe of 7-1:0.251 failed with error -71
[ 1279.647944][   T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1279.680826][   T23] usb 6-1: config 0 descriptor??
[ 1279.731834][   T23] usb 6-1: can't set config #0, error -71
[ 1279.771912][T14626] usb 7-1: USB disconnect, device number 10
[ 1279.780939][   T23] usb 6-1: USB disconnect, device number 8
[ 1283.383709][T15196] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1283.476405][T15196] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1283.692358][T15196] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1283.721318][T15196] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1283.740596][T15196] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1285.046747][ T8643] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1285.076832][T15196] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1285.398390][T15222] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1285.773526][ T8643] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1287.085076][ T8643] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1287.416111][  T787] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1288.669429][ T8643] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1288.753326][  T787] usb 2-1: Using ep0 maxpacket: 16
[ 1288.762444][  T787] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 1288.783377][  T787] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 1288.791485][  T787] usb 2-1: Product: syz
[ 1288.806263][  T787] usb 2-1: Manufacturer: syz
[ 1288.810896][  T787] usb 2-1: SerialNumber: syz
[ 1288.835814][  T787] usb 2-1: config 0 descriptor??
[ 1290.002517][ T8643] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1290.153474][  T787] usb 2-1: can't set config #0, error -71
[ 1290.224338][  T787] usb 2-1: USB disconnect, device number 5
[ 1290.734316][ T8643] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1291.786270][  T788] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[ 1291.866084][  T788] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1300.014497][  T788] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1300.239679][  T788] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1300.267692][  T788] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1300.290893][  T788] usb 6-1: Product: syz
[ 1300.303513][  T788] usb 6-1: Manufacturer: syz
[ 1300.308261][  T788] usb 6-1: SerialNumber: syz
[ 1300.331721][  T788] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1300.356561][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.362893][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.463343][T14669] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1301.292436][   T23] usb 6-1: USB disconnect, device number 9
[ 1302.871249][T14669] usb 6-1: Service connection timeout for: 256
[ 1302.926802][T14669] ath9k_htc 6-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1302.937782][T14669] ath9k_htc: Failed to initialize the device
[ 1302.963406][   T23] usb 6-1: ath9k_htc: USB layer deinitialized
[ 1305.571367][T10529] IPVS: starting estimator thread 0...
[ 1306.886661][T15354] IPVS: using max 23 ests per chain, 55200 per kthread
[ 1306.913824][T15353] nbd0: detected capacity change from 0 to 127
[ 1306.966207][T15359] netlink: 64 bytes leftover after parsing attributes in process `syz.6.2466'.
[ 1307.026035][T14453] block nbd0: Receive control failed (result -104)
[ 1309.813918][T15376] TCP: tcp_parse_options: Illegal window scaling value 254 > 14 received
[ 1311.067489][ T1169] block nbd0: Connection timed out, retrying (0/1 alive)
[ 1311.076918][ T1169] block nbd0: Connection timed out, retrying (0/1 alive)
[ 1311.085500][T11918] block nbd0: Dead connection, failed to find a fallback
[ 1311.093159][T11918] block nbd0: shutting down sockets
[ 1311.101260][ T1169] block nbd0: Connection timed out, retrying (0/1 alive)
[ 1311.108641][T11918] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1311.120383][ T1169] block nbd0: Connection timed out, retrying (0/1 alive)
[ 1311.127500][T11918] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1311.136069][T11918] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1311.145609][T11918] Buffer I/O error on dev nbd0, logical block 3, async page read
[ 1311.153658][T11918] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1311.162706][T11918] Buffer I/O error on dev nbd0, logical block 2, async page read
[ 1311.170574][T11918] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1311.179682][T11918] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1311.190014][ T1169] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1311.200432][ T1169] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1311.208418][ T1169] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1311.216345][ T1169] Buffer I/O error on dev nbd0, logical block 2, async page read
[ 1311.224157][ T1169] Buffer I/O error on dev nbd0, logical block 3, async page read
[ 1311.234846][ T1169] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1311.244318][ T1169] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1311.252318][ T1169] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1311.262685][ T1169] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1311.306362][ T1169] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1311.316044][ T1169] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1311.325520][ T1169] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1311.335079][T14961] ldm_validate_partition_table(): Disk read failed.
[ 1311.359525][T14961] Dev nbd0: unable to read RDB block 0
[ 1313.234428][T14961]  nbd0: unable to read partition table
[ 1313.333316][T14961] ldm_validate_partition_table(): Disk read failed.
[ 1313.371758][T14961] Dev nbd0: unable to read RDB block 0
[ 1313.484498][T14961]  nbd0: unable to read partition table
[ 1313.883453][ T5855] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1314.793942][ T5855] usb 2-1: Using ep0 maxpacket: 8
[ 1314.820217][ T5855] usb 2-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76
[ 1314.850484][ T5855] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1314.878436][ T5855] usb 2-1: Product: syz
[ 1314.882628][ T5855] usb 2-1: Manufacturer: syz
[ 1314.903821][ T5855] usb 2-1: SerialNumber: syz
[ 1314.916057][ T5855] usb 2-1: config 0 descriptor??
[ 1314.940440][ T5855] gspca_main: ALi m5602-2.14.0 probing 0402:5602
[ 1315.278800][T14625] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1315.504492][T14625] usb 7-1: Using ep0 maxpacket: 16
[ 1315.520403][T14625] usb 7-1: config 4 has an invalid interface number: 9 but max is 0
[ 1315.530436][T14625] usb 7-1: config 4 has no interface number 0
[ 1315.542489][T14625] usb 7-1: config 4 interface 9 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1315.562283][T14625] usb 7-1: config 4 interface 9 has no altsetting 0
[ 1315.682060][T14625] usb 7-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=76.fe
[ 1316.272429][T14625] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1316.290977][T14625] usb 7-1: Product: syz
[ 1316.298686][T14625] usb 7-1: Manufacturer: syz
[ 1316.313328][T14625] usb 7-1: SerialNumber: syz
[ 1316.335643][T15411] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1317.456078][ T5855] gspca_m5602: Failed to find a sensor
[ 1317.461612][ T5855] ALi m5602 2-1:0.0: ALi m5602 webcam failed
[ 1317.474701][T14625] usb 7-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1317.479434][ T5855] usb 2-1: USB disconnect, device number 6
[ 1317.488163][ T1003] usb 7-1: Failed to submit usb control message: -71
[ 1317.505363][ T1003] usb 7-1: unable to send the bmi data to the device: -71
[ 1317.516506][T14625] usb 7-1: USB disconnect, device number 11
[ 1317.608006][ T1003] usb 7-1: unable to get target info from device
[ 1317.632725][ T1003] usb 7-1: could not get target info (-71)
[ 1317.648797][ T1003] usb 7-1: could not probe fw (-71)
[ 1317.700616][T15425] Bluetooth: MGMT ver 1.22
[ 1324.897421][T15475] ax25_connect(): syz.5.2497 uses autobind, please contact jreuter@yaina.de
[ 1325.461947][T15467] ------------[ cut here ]------------
[ 1325.468900][T15467] refcount_t: decrement hit 0; leaking memory.
[ 1325.475529][T15467] WARNING: CPU: 0 PID: 15467 at lib/refcount.c:31 refcount_warn_saturate+0x147/0x1b0
[ 1325.485595][T15467] Modules linked in:
[ 1325.489515][T15467] CPU: 0 PID: 15467 Comm: syz.5.2497 Not tainted syzkaller #0
[ 1325.497059][T15467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1325.507193][T15467] RIP: 0010:refcount_warn_saturate+0x147/0x1b0
[ 1325.513447][T15467] Code: 0a 01 48 c7 c7 00 1b fc 8a e8 15 91 30 fd 0f 0b eb a8 e8 1c 2f 66 fd c6 05 20 64 15 0a 01 48 c7 c7 20 1c fc 8a e8 f9 90 30 fd <0f> 0b eb 8c e8 00 2f 66 fd c6 05 01 64 15 0a 01 48 c7 c7 00 1b fc
[ 1325.533265][T15467] RSP: 0018:ffffc90003437b48 EFLAGS: 00010246
[ 1325.539346][T15467] RAX: 513435c7b0f7fd00 RBX: 0000000000000004 RCX: ffff888026ca0000
[ 1325.547478][T15467] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[ 1325.555500][T15467] RBP: ffffc90003437ca0 R08: ffffc90003437747 R09: 1ffff92000686ee8
[ 1325.563526][T15467] R10: dffffc0000000000 R11: fffff52000686ee9 R12: ffff88807cf945b8
[ 1325.572036][T15467] R13: dffffc0000000000 R14: ffff88807cf945fc R15: 0000000000000001
[ 1325.580286][T15467] FS:  0000555578ae1500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1325.589526][T15467] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1325.596161][T15467] CR2: 000000110c45a682 CR3: 00000000614bb000 CR4: 00000000003526f0
[ 1325.604175][T15467] Call Trace:
[ 1325.607447][T15467]  <TASK>
[ 1325.610370][T15467]  ref_tracker_free+0x698/0x7d0
[ 1325.615319][T15467]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 1325.621213][T15467]  ? refcount_inc+0x70/0x70
[ 1325.625758][T15467]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1325.631650][T15467]  ? _raw_spin_unlock+0x40/0x40
[ 1325.636553][T15467]  ? skb_queue_purge_reason+0x6c/0x1c0
[ 1325.642050][T15467]  ? skb_dequeue+0x10e/0x140
[ 1325.646698][T15467]  ? ax25_destroy_socket+0x541/0x5b0
[ 1325.652092][T15467]  ax25_release+0x356/0x930
[ 1325.656639][T15467]  sock_close+0xbd/0x230
[ 1325.660950][T15467]  ? sock_mmap+0xa0/0xa0
[ 1325.665218][T15467]  __fput+0x234/0x970
[ 1325.669200][T15467]  task_work_run+0x1ce/0x250
[ 1325.674234][T15467]  ? task_work_cancel+0x240/0x240
[ 1325.679253][T15467]  ? exit_to_user_mode_loop+0x3b/0x110
[ 1325.685034][T15467]  exit_to_user_mode_loop+0xe6/0x110
[ 1325.690311][T15467]  exit_to_user_mode_prepare+0xf6/0x180
[ 1325.695959][T15467]  syscall_exit_to_user_mode+0x1a/0x50
[ 1325.701427][T15467]  do_syscall_64+0x61/0xb0
[ 1325.705889][T15467]  ? clear_bhb_loop+0x40/0x90
[ 1325.710606][T15467]  ? clear_bhb_loop+0x40/0x90
[ 1325.715320][T15467]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1325.721213][T15467] RIP: 0033:0x7fe42e78f749
[ 1325.725676][T15467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1325.745321][T15467] RSP: 002b:00007ffe90ef0428 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1325.753784][T15467] RAX: 0000000000000000 RBX: 00007fe42e9e7da0 RCX: 00007fe42e78f749
[ 1325.761743][T15467] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1325.769735][T15467] RBP: 00007fe42e9e7da0 R08: 0000000000000250 R09: 0000001a90ef071f
[ 1325.778161][T15467] R10: 00007fe42e9e7cb0 R11: 0000000000000246 R12: 0000000000143969
[ 1325.786432][T15467] R13: 00007fe42e9e6180 R14: ffffffffffffffff R15: 00007ffe90ef0540
[ 1325.794474][T15467]  </TASK>
[ 1325.797501][T15467] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1325.804773][T15467] CPU: 0 PID: 15467 Comm: syz.5.2497 Not tainted syzkaller #0
[ 1325.812222][T15467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1325.822275][T15467] Call Trace:
[ 1325.825549][T15467]  <TASK>
[ 1325.828474][T15467]  dump_stack_lvl+0x16c/0x230
[ 1325.833136][T15467]  ? show_regs_print_info+0x20/0x20
[ 1325.838318][T15467]  ? load_image+0x3b0/0x3b0
[ 1325.842842][T15467]  panic+0x2c0/0x710
[ 1325.846729][T15467]  ? bpf_jit_dump+0xd0/0xd0
[ 1325.851225][T15467]  __warn+0x2e0/0x470
[ 1325.855194][T15467]  ? refcount_warn_saturate+0x147/0x1b0
[ 1325.860727][T15467]  ? refcount_warn_saturate+0x147/0x1b0
[ 1325.866267][T15467]  report_bug+0x2be/0x4f0
[ 1325.870647][T15467]  ? refcount_warn_saturate+0x147/0x1b0
[ 1325.876185][T15467]  ? refcount_warn_saturate+0x147/0x1b0
[ 1325.881722][T15467]  ? refcount_warn_saturate+0x149/0x1b0
[ 1325.887259][T15467]  handle_bug+0xcf/0x120
[ 1325.891496][T15467]  exc_invalid_op+0x1a/0x50
[ 1325.895983][T15467]  asm_exc_invalid_op+0x1a/0x20
[ 1325.900819][T15467] RIP: 0010:refcount_warn_saturate+0x147/0x1b0
[ 1325.906961][T15467] Code: 0a 01 48 c7 c7 00 1b fc 8a e8 15 91 30 fd 0f 0b eb a8 e8 1c 2f 66 fd c6 05 20 64 15 0a 01 48 c7 c7 20 1c fc 8a e8 f9 90 30 fd <0f> 0b eb 8c e8 00 2f 66 fd c6 05 01 64 15 0a 01 48 c7 c7 00 1b fc
[ 1325.926555][T15467] RSP: 0018:ffffc90003437b48 EFLAGS: 00010246
[ 1325.932636][T15467] RAX: 513435c7b0f7fd00 RBX: 0000000000000004 RCX: ffff888026ca0000
[ 1325.940691][T15467] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[ 1325.948682][T15467] RBP: ffffc90003437ca0 R08: ffffc90003437747 R09: 1ffff92000686ee8
[ 1325.956725][T15467] R10: dffffc0000000000 R11: fffff52000686ee9 R12: ffff88807cf945b8
[ 1325.964678][T15467] R13: dffffc0000000000 R14: ffff88807cf945fc R15: 0000000000000001
[ 1325.972639][T15467]  ? refcount_warn_saturate+0x147/0x1b0
[ 1325.978173][T15467]  ref_tracker_free+0x698/0x7d0
[ 1325.983009][T15467]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 1325.988884][T15467]  ? refcount_inc+0x70/0x70
[ 1325.993378][T15467]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1325.999252][T15467]  ? _raw_spin_unlock+0x40/0x40
[ 1326.004084][T15467]  ? skb_queue_purge_reason+0x6c/0x1c0
[ 1326.009524][T15467]  ? skb_dequeue+0x10e/0x140
[ 1326.014096][T15467]  ? ax25_destroy_socket+0x541/0x5b0
[ 1326.019364][T15467]  ax25_release+0x356/0x930
[ 1326.023852][T15467]  sock_close+0xbd/0x230
[ 1326.028075][T15467]  ? sock_mmap+0xa0/0xa0
[ 1326.032293][T15467]  __fput+0x234/0x970
[ 1326.036266][T15467]  task_work_run+0x1ce/0x250
[ 1326.040838][T15467]  ? task_work_cancel+0x240/0x240
[ 1326.045846][T15467]  ? exit_to_user_mode_loop+0x3b/0x110
[ 1326.051304][T15467]  exit_to_user_mode_loop+0xe6/0x110
[ 1326.056587][T15467]  exit_to_user_mode_prepare+0xf6/0x180
[ 1326.062131][T15467]  syscall_exit_to_user_mode+0x1a/0x50
[ 1326.067593][T15467]  do_syscall_64+0x61/0xb0
[ 1326.072000][T15467]  ? clear_bhb_loop+0x40/0x90
[ 1326.076668][T15467]  ? clear_bhb_loop+0x40/0x90
[ 1326.081333][T15467]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1326.087215][T15467] RIP: 0033:0x7fe42e78f749
[ 1326.091617][T15467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1326.111228][T15467] RSP: 002b:00007ffe90ef0428 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1326.119623][T15467] RAX: 0000000000000000 RBX: 00007fe42e9e7da0 RCX: 00007fe42e78f749
[ 1326.127576][T15467] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1326.135526][T15467] RBP: 00007fe42e9e7da0 R08: 0000000000000250 R09: 0000001a90ef071f
[ 1326.143480][T15467] R10: 00007fe42e9e7cb0 R11: 0000000000000246 R12: 0000000000143969
[ 1326.151428][T15467] R13: 00007fe42e9e6180 R14: ffffffffffffffff R15: 00007ffe90ef0540
[ 1326.159391][T15467]  </TASK>
[ 1326.162741][T15467] Kernel Offset: disabled
[ 1326.167144][T15467] Rebooting in 86400 seconds..