last executing test programs:

9.533850127s ago: executing program 1 (id=491):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000900000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000580)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f00000001c0)={0x10, 0x0, r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000001400), r3)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r3, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000060014002a3a0000080001006c"], 0x24}}, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="12010000ca962e10d219d0ffc1e00102030109021b0001000000000904000001ffff1b0109058d030000000000"], 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$CAPI_REGISTER(0xffffffffffffffff, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0x800})
r5 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CAPI_REGISTER(r5, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0xd0})
r6 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$CAPI_REGISTER(r6, 0x400c4301, &(0x7f00000003c0)={0x0, 0x0, 0x1ff})
r7 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$CAPI_REGISTER(r7, 0x400c4301, &(0x7f0000000480)={0x0, 0x0, 0x8000})

7.736065308s ago: executing program 2 (id=487):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000900000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000580)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f00000001c0)={0x10, 0x0, r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000001400), r3)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r3, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000060014002a3a0000080001006c"], 0x24}}, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="12010000ca962e10d219d0ffc1e00102030109021b0001000000000904000001ffff1b0109058d030000000000"], 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$CAPI_REGISTER(0xffffffffffffffff, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0x800})
r5 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CAPI_REGISTER(r5, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0xd0})
r6 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$CAPI_REGISTER(r6, 0x400c4301, &(0x7f00000003c0)={0x0, 0x0, 0x1ff})

7.551167914s ago: executing program 1 (id=488):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
shmget$private(0x0, 0x2000, 0x78000840, &(0x7f0000ffb000/0x2000)=nil) (fail_nth: 1)

6.413877249s ago: executing program 1 (id=489):
syz_usb_connect(0x0, 0x3bf, &(0x7f0000000440)=ANY=[@ANYBLOB="120100004af96b40b822276082d2010203010902ad0301000000000904b90010020a000009050503000200074a07"], 0x0)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0xf9b, 0x4)
listen(r0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x3bf, &(0x7f0000000440)=ANY=[@ANYBLOB="120100004af96b40b822276082d2010203010902ad0301000000000904b90010020a000009050503000200074a07"], 0x0) (async)
socket$phonet_pipe(0x23, 0x5, 0x2) (async)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0xf9b, 0x4) (async)
listen(r0, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async)

5.45328568s ago: executing program 0 (id=495):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001480)=@base={0x12, 0x3, 0x4, 0x6}, 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000011c0)={r1, &(0x7f00000001c0)="4addc3", &(0x7f0000000000)=@udp=r2}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000680)={r1, 0x0, &(0x7f0000000640)=@udp=r2}, 0x20)
close_range(r0, 0xffffffffffffffff, 0x0)

5.381476516s ago: executing program 0 (id=496):
r0 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f00000002c0)={0x0, @reserved})

5.261766736s ago: executing program 0 (id=497):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$netlink(0x10, 0x3, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b4050000000009007110710000000000a60000000000000095"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x0, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000495"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x41)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000440)='virtiofs\x00', 0x0, &(0x7f0000000240))
socket$key(0xf, 0x3, 0x2)
r5 = memfd_secret(0x0)
socket$rds(0x15, 0x5, 0x0)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0xff}, 0x0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000000c0601080000000000008710ee6d00000000000005000100", @ANYBLOB="f9e023952160f2624c3d250eae69b31af6a117ab39260fafd72e49f0870eb25c2e42d87b01b041506efe3cc6fc1586c4d8749dac19d8e5d4163f14440ae46f2aa65056fb77cf3c7109c029ade5447f2f2c58ec46eed9e549b37414e2ab3d817d9c5236c63c7ca7d25ec5778f04fa6e1dfff07bc51affe5c928d8e4724563946de6f5b98f3ca1628acd3802133f27888ddcb501e20a3f62588502387d43872f52f370a50b495c4bc52b95d8c6014a3e8d5f643053dd5ffd98582a5c5d4f2bdfa5cbef1af741c4166caf22bf777e0d2bc6e6592a638e8b9d619ec3967fc8cdae2ea00ded3d844c49dacebae1d7"], 0x1c}}, 0x0)
bind$inet6(r0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000400)='\r', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

5.064546743s ago: executing program 2 (id=499):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000900000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000580)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f00000001c0)={0x10, 0x0, r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000001400), r3)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r3, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000060014002a3a0000080001006c"], 0x24}}, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="12010000ca962e10d219d0ffc1e00102030109021b0001000000000904000001ffff1b0109058d030000000000"], 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$CAPI_REGISTER(0xffffffffffffffff, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0x800})
r5 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CAPI_REGISTER(r5, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0xd0})
r6 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$CAPI_REGISTER(r6, 0x400c4301, &(0x7f00000003c0)={0x0, 0x0, 0x1ff})
r7 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$CAPI_REGISTER(r7, 0x400c4301, &(0x7f0000000480)={0x0, 0x0, 0x8000})

4.169488609s ago: executing program 0 (id=502):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000080)="a1", 0x20000081}], 0x2, 0x0)
vmsplice(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)='c', 0x1}], 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$cgroup_pressure(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0x0, 0x1}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
syz_usb_connect$uac1(0x3, 0x90, &(0x7f0000000380)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7e, 0x3, 0x1, 0x3, 0x60, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x1, 0xd}, [@output_terminal={0x9, 0x24, 0x3, 0xf, 0x100, 0x2, 0x1, 0x1}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x10, 0x81, 0x9, {0x7, 0x25, 0x1, 0x80, 0xff, 0x300}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0xf, 0x79, 0x51}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0xdb, 0x1, 0x80, 0x9, "c23348", "c51a"}]}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x8, 0x5, 0xe6, {0x7, 0x25, 0x1, 0x82, 0x5, 0x7}}}}}}}]}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

4.089796656s ago: executing program 3 (id=503):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000070000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c460880000000080000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000012, 0x100e, 0x2, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4.019921831s ago: executing program 3 (id=504):
syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0) (async)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280), 0x6) (async)
write(r0, &(0x7f0000000340)="05000000", 0x4) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) (async)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
getpid()
openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x501, 0x0) (async)
r2 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @empty}, 0x10) (async)
ioctl$sock_inet_udp_SIOCOUTQ(r2, 0x8905, 0x0) (async)
r3 = inotify_init1(0x0)
fcntl$setown(r3, 0x8, 0xffffffffffffffff) (async)
fcntl$getownex(r2, 0x10, &(0x7f0000000100)={0x0, <r4=>0x0})
r5 = syz_open_procfs(r4, &(0x7f0000000600)='fd/4\x00')
ioctl$EXT4_IOC_GROUP_EXTEND(r5, 0x40086607, &(0x7f0000000040))
r6 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x0, 0x0, r5}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x26})
io_uring_enter(r6, 0x7a98, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0) (async)
creat(&(0x7f0000000080)='./file0\x00', 0x1de)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000001c0)=[&(0x7f0000001e80)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xe6\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8s_\xfb\x00\x00\x00'])
r9 = open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
getdents(r9, &(0x7f0000000180)=""/98, 0x62) (async)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd, 0x0, 0x20000000, 0x8020, 0x0, 0x1, {0x2}})
syz_io_uring_setup(0x0, 0x0, &(0x7f00000003c0), &(0x7f0000000440))

3.988440734s ago: executing program 1 (id=505):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000900000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000580)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f00000001c0)={0x10, 0x0, r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000001400), r3)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r3, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000060014002a3a0000080001006c"], 0x24}}, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="12010000ca962e10d219d0ffc1e00102030109021b0001000000000904000001ffff1b0109058d030000000000"], 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$CAPI_REGISTER(0xffffffffffffffff, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0x800})
r5 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CAPI_REGISTER(r5, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0xd0})
r6 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$CAPI_REGISTER(r6, 0x400c4301, &(0x7f00000003c0)={0x0, 0x0, 0x1ff})

3.841773146s ago: executing program 3 (id=506):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001480)=@base={0x12, 0x3, 0x4, 0x6}, 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000011c0)={r1, &(0x7f00000001c0)="4addc3", &(0x7f0000000000)=@udp=r2}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000680)={r1, &(0x7f0000000540), &(0x7f0000000640)=@udp=r2}, 0x20)
close_range(r0, 0xffffffffffffffff, 0x0)

3.79248287s ago: executing program 3 (id=507):
r0 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f00000002c0)={0x0, @reserved})

3.734649725s ago: executing program 3 (id=508):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000005140)='./file0\x00', 0x0, &(0x7f0000005180), 0x11, 0x5109, &(0x7f000000f400)="$eJzs3U+IVVUcB/Dz5o8zKcw8QcighS3chhQtVIYeYZCL9KUQtDAnF0EIMtguwWxEEIwaCaSsQAuG3MgDIUGYEBe1CTRJEFqY4KaVQrtaFO/de968d67vvueojennEzP3nvu759zzHncx35fnvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhDVv194vq09tvHJh4eyWg7MHGsdvzh89EkKldbyS13e/8tqOd3fufn08dph+I9tWq72GzLr+njVWdB1s9uv+eSeEMJoMMJxvXx0ujNq5u784YKlrx/adnj25fdPCmvVTl3bNnyu+dJrGl3sCyyW/r24t3ku11u+h5Ix2u+PWq3Tdoln/9Ib7T14EAHBPNtRbm/afo/mfuO32obSetGtJey5px78Q5jobS5GNu6LXPNel9WWaZy2LCmM955nU8/e/3a6n/ZN2EjXuYZ7dp+aRZrzXPGeS+nLNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRcqb2wday+tTGKxcWzm45OHugcfzm/NEjIVRbxytZufL07RMjY9e3/fDRja9PvrT66t/Deb+4Hek4OVyPOxsnQ9jTUbkVh/1jIoR6d6HVDF8UC++1drbGAgAAAI+TZ1q/h9rtLA6OdrUrrTRZaf0XZWHx2rF9p2dPbt+0sGb91KVd8+eWPl69x3i1u47XblcXfyodwTjG33S8xXo8dX9hnHLpiGmeP//Ltq/K+hfyf7U8/8d3Tv4HAADgfsj/6Tjl+uX/PZufnSnrX8j/67ouWcj/ccYx/w+FpeV/AAAAeJQ97PxfK4xTrl/+f/Hwm9+X9S/k/w2D5f+RzmnHgz/HCe+dDGFDv6kDAAAAPcT/77740ULM69knB2lev/rNU7+WjVfI/7XB8v/oA31VAAAAwP3YXr3xfFm9kP/rg+X/sYc6awAAAOBefF75ZLasXsj/04Pl/5X5Nl/5kHX6Mf4rhM8mQxhv7sxkhZ/C3MvtAgAAAPCAxJz+6cffXi47r5D/Z8qf/x+fdBDX/3c9/6+w/r+jkD31b7MHAwAAAPAkKq7nj4/Hz765oNf37w+6/n/i5u3vyq5fyP+HBsv/w53bB/n9fwAAALAE/7fv/3urME65fs///2von4tl/Qv5f26w/B+3qzpf3sX4/hyeDGFtcyd/muCZeLm9SaEx2lFoqSc9dsYeeaEx1lFomUl6vDAZwnPNnUNJYXUszCWFOxN54VRSuBwL+f3QLpxNChfjnXZiIp9uWjgfC/kCi0ZcQbGqvSQi6fFnrx7Nwl17/Na+OAAAwBMlhuc8y452N0MaZRuVfies7HfCUL8ThvudMJKckJ7Y63iY7i7E4x/uOP1lKFHI/6cGy//xrViRbXqt/w9x/X/+vYbt9f/TsVBNCo1YqKdPDKjHa2Rh91i8RrWe97iztl0AAACAx1r8XGB4mecBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7J3rzFyXfUBwM8+Z3e93l0TpASKYAElIZW8Xm+wpZAgbKAEgQSbynyoUISNvUk33iTGDwmHh9YOQaAUNSkpCShQuxUUf0lWVIhHgVioGFVN1SiVkNOURwgUIUFNSJSKOpGrmXvP7J1zdx6Odx1v+vtJ3jkz//O8c2c85947ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP8fjt3xhotaxd981SPf/u4Db//44Y8s3P3EVz51RwjTtce7snDXxac+11s5+Z7vHfrpF7+wad2jp/vzcnk8rKn+6c7vfCLW+ou1IXyjK4TeNLB+OAv05feHY32vGg5hXVgM1EvMDGUl0obDDwZDOBIWA/WqvjUYwnAhsO3R7z/0mWrinsEQLg0hVNI2flzJ2hhMA5f1Z4GhNHBrbxb4nzOZeuCb3VkAzll8MdR3+oXpxgxjS5drsv/1LVvHXlzp8HpiYqx5vt9uXeFOFfSnD0yf09NWqo4VUXp5HPdqWwWvttJ2vsvTVvwglX9CObMYqoTuXTM37Dgwtz8+0h0mJnqa1bRCz/NjT31059mkV81+GDswtiz74b2f//nHvvTktfff98l3XP/gM78fP9dunixs0mJ6pVVCvs+tmucx2uL9ZBW8/EqfksbbPm21Ii/xD12f/tnf/kmreGn+P9Z6/h9353jb3ZA71np6JJubx0eGY+LUSDY3BwAAgFVjNRw1nf/K1VOt6ivN/8c7O/8fT/nnk/lstMdD2FJL3D4awiW1x7PAsdjcB0dDeG0tNd0Y2JoEjofwilriinpVSYmBWGI8CfxqJA9sSQInYmA6CXw5Bu5KAp+IgYUksDMGjieBt8ZAmG0cxx+P5OPoODAYA9uzjbgQr0J4eiS2lmyrx+tVAQAALJN8dtjXeLdwrcO5ZojTy4XBdhniFdhNM1SSGtIZbH1a1bSG3nY1dLeroT7u+dbDL9Xc1a7m0mUYXY0Z9n70d38WWijN/ydbz/8rS3Skq3T+P4Tran9j7u48MlePb59uyAAAAACcgzVbb9nWKl6a/2/p7Pr/eEykp5A5PBwPQ+weDWGyMZBVe3U5kJ31XpMHAAAAYDWon4+vnwufzW+zS7TT+XQ5//RZ5o8n/rcsmf/X73zTTa36W5r/T3d2/f9Q423WiROxF58dDWGgEPhh7GU1UDMeAz97S2MgH/+JuAHujFXlFybUq7ozltgeA5NJ4EizEo/US1zSGMifrHrjt9fHMZuXKAQAAADgvIuHA+J5+Xj9/2MHTr6tVbnS/H/72V3/X5sHly7vn1sTwobeEHrSLwY8PJQtDBgDw1154rtDWV09aVWHhkK4pjqwtKon8vX/e9M1Bh8dzKqKgUte99WnLqsm/m4whA3FwI/ef3RTNbE/CdQbf99gCK+pjjZt/OsDWeN9aeP3DoTw6kKgXtUHB0KoNtafVvX9Sv47BmlVD1ZCuKgQqFe1uRLCwQDAKhX/K91VfHDfwdt275ibm9m7gol4DH8w3DA7NzOx89a5XZUmfdqV9LlhGaND5TE1XQ4p8Xi+RNGx564a6SRd/57gZLEv+XH80oWD+f34WaivNs6pvoa7V6ZDfsPry02EwiepF2vIQ8VKFp/EUv0xf39YEwYO7JvZO/HhHfv3792Y/e00+1T2Nw4q21Yb0201tFTfLoDd4/JiJRv237xnw76Dt62fvXnHjTM3ztwyNfnGTZs3TU1u3ryhOqrJ7G+boV6+VNXJUM8cPf9DfWVvoZLz8a4hISGx2hLztx9d0+rtpzT/39N6/h/fdeI7f74+Q7Pz/2PxNH/2+OJp/u0xcKTT8/9jzc7m1y8MGE8C8zEw7zQ/AAAALw3xcGQ87BiPWvcfvfI3rcqV5v/znX3/f5nW/68vXf+uZsv8XxFLTDZb/z9d5r++/v98s/X/02X+6+v/H3kR1v8/UA8km+Rp6/8DAAAvBedv/f+2y/unPxBQytB2ef/0BwJKGdou49/pDwSc9fr/Uzf99BehhdL8/67O5v8W7gcAAIALx93/9NRrWsVL8/8jnc3/z//6f6HZ9f/jzQLTzRYGtP4fAAAAq1Sz9f/OjP7F+1qVK83/Fzqb/8fLLrobcsdaT49ka9qFdE27UyP1rwwAAADA6tAdJib6OszbsDLq1hfe5mP5UqCt0kU/vPq/bmxVX2n+f7yz+X/D9zLu/fzPP/alJ6+9//R9n3zH9Q8+8/vxxfP/AAAAwMrp9LgEAAAAAAAAAAAAAADw4jvwgX891Spe+v5/uK72eLPv/8ff/YvfL3h5Q+5Ya/v1//L72979wMHakoUPj4Tw+mJg9+Hd60L+2/yXFwMPXX/FxdXE4bTEd37y1l9WEx9IA+9c/7Jnq4lrksD2uEjiK9JA/FXFZ9cmgbi84r+ngbg9FtJAfx749NpsHF3ptvr1cLatutJt9R/DIYwWAvVt9Y3hrI2udID3JIH6AD+UBuIA35MHutNePbAm61UMDMeif7Mm6xUAABes+CmwL9wwOzczGT/Cx9tX9jbeRg1Llh0qV9vTYfOP50uTHXvuqpFO0j3pZ9HF3xrvC5XqEDaWPq4Ws3TVRrk8tbTZdC9vMuR2q72t1Kbrbz6iwWxEEztvndvV13bgV7bPMtXbNsvG0mSnmKW7tkk7qKWDvnQwog63TQddjve7w8RET5LrTTE4Fhq02yM6/b5+cZ2/ZntBMc+hub7nW9VXmv+PdTb/rxTH9Wz+YwDz8Zf1/nLUMv8AAACwsj699Q/3xX/fGX3vf7bKW5r/j3c2/48HxvJTwdnRjuPx9/9vHw2h9tP6Y1ngWGzug6MhvLaWmo4lsh/Uf1csMZkFjsUDJlfEEtunG6saiIGFJPCrkTxwPAmciIH8KMVXQ34o5+6REDbVUtc1ltgTS4wlgffGwHgSmIiBySSwNga2JIHfrM0D00ngX2IgzDZuq39Ym28rAACAs5HPs/oa74Z0nrfQ2y5DV7sMQ+0ydLfLUGmXodko4v2vxQx9xfPxeYb4UF9a62BSSylD/DH8s+5XKUN4pDFnWrDUdP1KkrHGnDHDtoXDa0MLpfn/ZGfz/6HG26z1E3H+v/j7f1ngh7F7n42Xjo/HwM/e0hjIDwyciJPdO+tVTecl8kn7nbHElhgYTwJ7YmBLEth+XR44cnFjIJ9p1xu/vd74bF6iEAAAAIDzLh4giIdp4vz/vwee/+tW5Urz/y2dzf9je2uKjX0i1vqLtSF8o2uxN/XA+uEsEI9jDMevx79qOIR1hQMc9RIzQ1mJ/qTh8IPB7Bvq/WlV3xrMvnwQ72979PsPfaaauGcwhEsLR1/qbfy4krUxmAYu688CQ2ng1t4sEI/81APf7M4CcM7qRwXjDpVf6lI3tnS5JvvfS+U3QdPhlY6BLpFvqe9crZRK+kB+TLXu7J62UnWsjHT7H/dqWw2vtufz/4Pr/fJqK36QOpNsnuoQu3fN3LDjwNz++Ejxm6wlK/Q8F7+l2kl6GfbD+Rfe26i7aaSSdmAyefuYXLrc0vthV6zu3s///GNfevLa++/75Duuf/CZ34+362C7/Td+UfiWm/535GRh8660Ssj3uQv+/SR9YNr7yWr4byB9YNzTFkK4Y+GSp1vFS/P/6c7m/73Jbc0f4sbcNxrCGwob9+G4+d82mr0PFgLZu+RF5UB2yv3JkabvnAAAALDc6oc76scLZvPb7ILwdJ5czj99lvnj8YotS+bvtN8fufTSf2wVL83/t7ee/w8k3XT+3/l/Vojz/0u60A9FD6QPzJ/ToehSdayI0svD+f+wCl5tpTM1zv8H5/+X7N8ynP9vzvn/lpz/X90u9Ket9Clpjw9dIYTBr1/9SKt4af6/p7P5v/X/ll60r77+3/Zm6//tabb+37z1/wAAgBXVZKG5dJ5XWr2vlCFdva+Uoe0CgW2XGLT+31mv/zf0V+//XWihNP+f72z+H3eHNcXWV8v6f+PXNanqrhjYY2FAAAAALkTNDhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw4vrVyaG3t4q/+apHvv3dB97+8cMfWbj7ia986o4QZmuPd2XhrotPfa63cvI93zv00y9+YdO6R09X8nJ9+e0fNeSOtZ4eCeFI4ZHhmDg1Ur2zGNj27gcO9lYTD4+E8PpiYPfh3euqiS+PhHB5MfDQ9VdcXE0cTkt85ydv/WU18YE08M71L3u2mrgmD3Sl3b1/bdbdrrS7n1kbwmghUO/uTWsbq6q3cW0e6E7b+PvhrI0YGI5F7xvO2oiBuVhidiCEDb0h9KRV/XMlq6onrerblayqnrSqj1dCuCaE0JtW9ZP+rKredOT/1p9VFQOXvO6rT11WTRzpD2FDMfCj9x/dVE18KAnUG//T/hBeU91l0sa/1pc13pc2fk9fCK8OIfSnJZ7pzUr0pyWe6A3hokKg3vif94ZwMPCSEN98dhUf3Hfwtt075uZm9q5goj9vazDcMDs3M7Hz1rldlaRPzXQV0mcOlePdHY798ac+urN6e+y5q0Y6Sffm5fpqXZ7qa7h75XL1vmuFeh/7NVSsZPH5KNUf8/eHNWHgwL6ZvRMf3rF//96N2d9Os09lf3vyaLatNi7XturUC91Wlxcr2bD/5j0b9h28bf3szTtunLlx5papyTdu2rxpanLz5g3VUU1mf5djqEfL8Z4VHuorewuVnI83AAkJidWW6G54d5u80P/LLn3QX+xoX6jU3qBL04pilq7aKJdj0Ftbx89y0NUeNf+c0nZEG0sTh1KWqfZZrixNJhazDGZZap/rSpPDYk3dtU0a73eHiYmm/9ONNd4tbr7fLrF5O/VYvuk6TQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA///jqU04")
open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b400000000000000791048000000000069003200000000009500740000000000998bfec8637188309757d4a7f415daf35396205c39eb6dbcfeca73f44d28723aff68e8417214cbbb2597854889b93e13970e1dfea682d6611501c37fd267a512d8381cc5028360d4535870d54fae9211a00c0b4d3afda1891ef0dff5d7381d0d2f0778b9461e9fb11c7710786c7b6bef03cd95360d85c4c40f12c76e2fbe9850265d403c3e3d7f1bc7f0a4adfc89"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x4f)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_BITWISE_MASK={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, '?'}]}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_BITWISE_XOR={0xc, 0x5, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "e03f"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)='qnx4\x00', 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
syz_open_dev$vcsn(&(0x7f0000000b00), 0x800, 0x10000)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0xa)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000440)=@framed={{}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0xfcd7, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x90)

3.378178435s ago: executing program 4 (id=509):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @private, @multicast2}, @timestamp_reply={0x11}}}}}, 0x0) (fail_nth: 1)

2.928420113s ago: executing program 4 (id=510):
keyctl$clear(0x3, 0xfffffffffffffffd)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)=<r0=>0x0)
prlimit64(r0, 0xf, &(0x7f0000000040)={0x3, 0x1ff}, 0x0)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0)

2.774186496s ago: executing program 2 (id=511):
syz_mount_image$udf(&(0x7f0000000a40), &(0x7f0000000380)='./bus\x00', 0x4400, &(0x7f00000004c0)=ANY=[@ANYBLOB='dmode=00000000000000000000006,rootdir=00000000000000000002,novrs,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c0000f1ffff071f1feea11e18ca67080dbf049f823016a5c7c47a3a3bb51f45eae4ad555aac29d4ec3686001e841ef39ec33701a5af414b075ddfc590e3020072233bf9fdc46d307eeac0d4dc7747d25891b39628dbf1eb25a11806b39a9c2c8f6d945ec2b7f50000000000003735d84a084013fa9de28d6c73c9b8547b8a866dd076e0b970531b8820bcae1200cdf884a9a2329c128dfbe875aa9b9102a133dbf8a7c42e0d3a0e561e0f75f0ab2b1467e90f2285f763bcdca0ebcf308971c01e788c8c04f6e501be393be94e"], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1eyaadrFbd1kzbLWLQIPKUN5P9KvAH2rApt5iZGZWXzZTBlyQ4R/askF043tB42oAjQg1FgPWzAkMsOA3bwDrvsFOwwDBg2GDsMxYp2Wrpm6Y3BBuS0aXhfPpQoWY7VOLZk+/Mx7C/58veSzx+afMmHbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/1lVNDB9N2twIAuJ9eGvvG0GHv/wDwSDnn8z8AAAAAAAAAAAAAAOx0KYr4s0jx6k/a6UJ1vaN+pjV75er4yOjmu+1JkaIWRVVf/q0fPHT4yNFjx4e7+cH7f9SejJfHzp1qnJ6bmV+YWlycmmyMz7Yuzk1Obfke7nb/jQarAWjMvHZl8tKlxcah5w6vu/nqwDu7H9s/cOL4i+f3dWvHR0ZHx3pq+vo/9KPf4nZneOyKIn4WKerfezc1I6IWdz8Wd3ju3Gt7qk4MVp0YHxmtOjLdas4ulTemWq6qRQz07HSyO0b3YS7uSiPiWtn8ssGDZffG5psLzYnpqcbZ5sJSa6k1N5tqndaW/RmIWgyniPmIaBe33l1/FPHvkeL777fTREQU3XF4tjox+M7tqd2DPm5BX9m3IuJmPABztoPtjiLeiBQ/OD8UF/O4VsP2TMTXy3w64ptlLkdcz9dT+QR5KuK9TZ5PPFj6ooh/ihRzqZ0mu3Nfva6ceaXxtdlLcz213deVB/794X7a4a9N9ShionrFb6cPf7ADAAAAAMDOU8TfRoobMwfSfPSuKbZmLzfONSemO98Kd7/7b+S9VlZWVgZSJxs5h3KezHk254Wc8zmv5bye882cN3K+lfNmzuWc7ZxRy4+fs5FzKOfJnGdzXsg5n/Nazus538x5I+dbOW/mXM7ZzhnWvQAAAAAAAADYYfZEET+OFF/4m29V5xVHdV76J04MH/jqF3vPGf/MHe6nrH0uIm7E1s7J7c+nDqda+eej7xdbU48ivpPP//vD7W4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwrWpRxGcixQ/faKdIEdGIuBCdXC62u3UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh1FPRZyOFL/4Sr26fjMiPhsR/7dS/omI5ZUNtrvFAAAAAAAAAMAtUhFDkeLxJ9tpICKuDryz+7H9AyeOv3h+XxFFpLKkt/7lsXOnGqfnZuYXphYXpyYb47Oti3OTU1t9uPqZ1uyVq+Mjo/ekM3e05x63f0/99Nz86wuty68ubXr73vqpicWlhebFzW+OPVGLGOrdMlg1eHxktGr0dKs5W+2aardpYC2isdXOAAAAAAAAAPDQ2JuKOBopXm0dSd11477Omv+vdK4Vq7V/8QdrvwWY3pBdvb8f2MrltNWGDlYL743xkdHRsZ7Nff23lpZtSqmIv44Un/vdJ6r18BR7N10bL+t2RYpj3zqS6wY+V9adXFdVHxwfGW28NDf75VPT03MXm0vNiempxth88+KWfzgAAAAAAAAAAPfQ3lTEn0eK3xu6mbrnnef1/77OtZ71/9+oltAr9bQ+V1Vr+x+v1vY7lz9xYrgx+mu3234v1v/LNqVUxL9Fisd//4nqfPru+v/Qhtqy7r8jxb/+41O5rrarrDvY7U7nHi+1pqeGUh6rzz/brY2q9niu/eRa7cGy9vOR4i+fWV87nGs/tVZ7qKz940jxv0c3r/30Wu3hsvaPIsVvv93o1u4ta8/k2v1rtc9dnJuevNOwlvP/d5Hi7C++mrp9vu389/z+49qGXHXLnH/w5Y9q/gd6tl3L8/rjPP8H7zD/fx8p/uSnT+W6ztgfyrc/Xv27Nv+/Eyn+61fX1x7LtfvWag9utVvbrZz/L0WKEz/60Wqf8/znkV2bod75/2zf+lx9lmzT/D/es20gt+vwLzkWj6LF17/9WnN6emrBBRdccGH1wna/MnE/lO///xwpXjhTS93jmPz+/7HOtbXjv/e/s/b+/8KGXLVN7//7era9kI9a+vsi6ksz8/37I+qLr3/7y62Z5uWpy1Ozw8eOHnl++Nix5/t3dY/t1i5teegeCuX8n4kUr/z0X1Y/x6w//tv8+H/vhly1TfP/yd4+rTuu2fJQPJLK+b8eKb779rurnzc/6Pi/+/n/wBfW5+r/v22a/0/1bKt+4//xiOd7th34dMSprT4WAAAAPGT25nXyP/31f1g953395//4Yre29/uf29kJ5/8DAAAAAMCjbm8q4q8ixf8MfSl1zyHbyu8/Jzfkqm36/d/+nm2T9+m8li0PMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADpSiiKcjxas/aaflorzeUT/Tmr1ydXxkdPPd9qRIUYuiqi//1g8eOnzk6LHjw9384P0/ak/Gy2PnTjVOz83ML0wtLk5NNsZnWxfnJqe2fA93u/9Gg9UANGZeuzJ56dJi49Bzh9fdfHXgnd2P7R84cfzF8/u6teMjo6NjPTV9/R/60W+RbrN9VxRxKVLUv/du+o8iohZ3PxZ3eO7ca3uqTgxWnRgfGa06Mt1qzi6VN6ZarqpFDPTsdLI7RvdhLu5KI+Ja2fyywYNl98bmmwvNiempxtnmwlJrqTU3m2qd1pb9GYhaDKeI+YhoF7feXX8UMREpvv9+O71dRBTdcXj2pbFvDB2+c3tq96CPvVa+u+nmvrJvRcTNeADmbAfbHUV8LFL84PxQ/KzojGs1bM9EfL3MpyO+WeZyxPV8PZVPkKci3tvk+cSDpS+KOBsp5lI7/WeR5756XTnzSuNrs5fmemq7rysP/PvD/bTDX5vqUcTPq1f8dvq5/88AAAAAAA+RIn4zUtyYOZCq9cHVNcXW7OXGuebEdOdr/e53/42818rKyspA6mQj51DOkznP5ryQcz7ntZzXc76Z80bOt3LezLmcs50zavnxczZyDuU8mfNszgs553Ney3k955s5b+R8K+fNnMs52znD9+QAAAAAAADADlSLIp6IFD98o51Wis4C74Xo5LJ1zofe/wcAAP//Vsw/Lg==")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x0, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000480)='GPL\x00'}, 0x90)
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00000, &(0x7f00000001c0)=ANY=[@ANYBLOB="01"], 0x1, 0xc77, &(0x7f0000000200)="$eJzs3U9sHNd5APDvDXfFldxUTOwqThon67ZIZcVy9S+mYhX2qqbZBpBlIRRzC8CVSKkLUyRBUq1spC3TSw89FCiKHnIi0KoFUjQwmiLooQemdYHk4kORU09ECxtB0QNbBHBRoGAws2/FJUXZsihRf/z72eS3M/vezHtvlvNsgt+8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAifuOV00eOpm3eGLgPjQEAdsXZsa8dObbd/A8APLLO3+r//wEAAAAAAAAAAAAAgAdFiiIejxRzZ9fSRLXd1TjTqV+9Nj4yun21vamqOVCVL78aR48dP/Hl54dP9uKZzswH1L/bPhuvjZ0/3Xx59src/NTCwtRkc3ymc3F2cuq2j7DT+lsdqgageeX1q5OXLi00jz13fNPb14beG3zswNCp4WcOP9UrOz4yOjq2UaTRX752xw3p2i7D4w8iYk8UcThSPPvdn6R2RBSx87Fo7O6132pv1YlDVSfGR0arjkx32jOL5ZvnegNRRDT7KrV6Y7T9tYhafVf7sFVx41UrYqncUTb4UNm9sbn2fPvC9FTzXHt+sbPYmZ05l7qtLfvTjCJOpojliFgdvPnA9SiiFim+vX8tXchP/ajG4UtVYvDttOi+KNvZrEcsFw/sNXsoDEYRr0aKn759MC7m+0x1r/lixKtl/H7E9TK+GJHKD8aJiHe3+RzxcKpFEX9cXv9//ESarO4HvfvKma83vzpzabavbO++8hHnh5vuFPd4fvjCLfbv3RJ3xwN+b2pEEe3qjr+WPmyC92MPAAAAAAAAAAAAAAAAsHv2RhGfiRSv/OvvVHnFUeWl7z81/JtDn+jPGX/yQ45Tln0uIpaK28vJ3ZMTA8+lcynd51zij7NGFPF7Of/vW/e7MQAAAAAAAAAAAAAAAAAAAB9rRfw4UrzwzsG0HP1rindmLjfPty9Md1eF7a3921szfX19fb2ZurGV40SOSzku57iS42qOUeT6ObZynMhxKcflHFdyXM0xBnL9HFs5TuS4lONyjis5ruYYtVw/x1aOE72VgfP2co4rOa7mGA/I2r0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+SIoqo9zZSRLRisLe5MnjfmgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9BlMRXwvUjR/q3VjXy0iUvVv18Hy24lo7Snjp6I1XMYXo3U6x3YVa61v3Yf2szP1VMSPIsVg460bFzxf/3p368bHIK5/c2Prs7VuHOi9OfTe4GMH9p8aHv38k7d6nbZrwKEznZmr15rjI6OjY327a/nsn+rbN5TPW9ydrhMRC2+8+Xp7enpq/s5flB+BHVR/iF6k2p339C4O+Mf5RWNXTxq12y68PvCI/RRsvk807sO9iXuvnP/fjRS/9s6/9Sb87vzfiJ/rbt2Y4eP939+Y/1/YeqAPm/9fimr+r22tl+f/ck7fbv5/vG/fC/m/Ruq1iMbilbn6gYjGwhtvHu5caV+eujw1c+LIka8MD3/l+JH6nojGpc70VN+ruzJcAAAAAAAAAAAAAAAAALsnFfFSpGj/aC01I+Jala81dGr4mcNPDcRAlW+1KW/7tbHzp5svz16Zm59aWJiabI7PdC7OTk7d7ukaVbrX+MjoPenMh9p7j9u/t/Hy7Nwb853Lv7247fv7GqcvLCzOty8u5ubc1L4iotW/51DV4PGR0arR0532TFX13LbJ9B9dPRXx75Hi4olmejrvy/n/WzP8N+X/L2090M7y/2v9+f+f37eR//fJvqLlOVMq4v1I8at/+mQ8XbVzX9w0ZrncX0aKQyc/l8vFnrJcrw3d5wp0MwPLsv8dKf7u/zeX7eVDPr5R9uhHGtyHQHn990eK7/3Rd+KX8r7Nz3/Y/vrv23qge/T8hyf69u3blD6/466Tr//hSPHi42/FL1d7/u8Dn//Re/bGwW7hjedz3KPr/wt9+4byeX/lbnUeAAAAAAAAAADgIVZPRfx1pPjBaC09n/fdzt//TW490D36+69P9+2b3KXlc3Y8qAAAAADwgKinIn4cKS4vvnUjh3pz/nfvt3ZFXP/1nP/5v+vr62nzu93f8/189dyAu/n7v35DETGSIibuUt8BAAAAAAAAAAAAAAAAAADgQZFSEc/n9dQnqnz+yVuup74SKV75z2dzuXSgLNdbB36o+t44Oztz+PT09GwjFtsXpqeaY3Pti1Nl3ScixdpffC7XLar11Z+OZt8ZNtZin48Uo3/TK9tdi723NvkTG2WPlmU/GSn+4283l81LU+e1o6uyx8qyfx4pvvEP25c9sFH2eFn2O5Hih99o9sruK8v2no/66Y2yz12cLe76NQEAAAAAAAAAAAAAAAAAAODjp56K+MNI8V9Xlm/k8uf1/+t9m5Xr3+xb73+La9U6/0PV+v+3en0n6/9XzxVYutVZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg0ZSiiDcjxdzZtbQyWG53Nc50Zq5eGx8ZjYiBm6vtTVXNgap8+dU4euz4iS8/P3yyF/vq74LPxGtj5083X569Mjc/tbAwNdkcn+lcnJ2cuu0j7LT+VoeqAWheef3q5KVLC81jzx3fNJLXht4bfOzA0KnhZw4/1Ss7PjI6OtZ3iFr9js9+k3SL/XuiiD+LFM9+9yfpB4MRRex8LBq7e+232lt14lDVifGR0aoj0532zGI5+ud6A1FENPsqtXpjtAvXYkdaEUtl88sGHyq7NzbXnm9fmJ5qnmvPL3YWO7Mz51K3tWV/mlHEyRSxHBGrgzcfrh5FvB4pvr1/Lf3TYPcTWo3Dl86Ofe3IsVu3o7iHfbwNZTub9Yjl4iG4Zg+wwSji7yPFT98+GP88GFGL7ld8MeLVMn4/4np0r3cqPxgnIt7d5nPEw6kWRfxPef1PraW3B8v7Qe++cubrza/OXJrtK9u7r3zQ/LDnNs553+eH3dR3b/pC3+5yJP/qpV1tybYaUcQPqzv+WvoXP9cAAAAAAAAAAAAAAAAAD5AifjFSvPDOwVTlB9/IKe7MXG6eb1+Y7qZ993L/ejnT6+vr683Uja0cJ3JcynE5x5UcV3OMItfPsVXGxvr6RN5eynE5x5UcV3OMgVw/x1aOEzku5bic40qOqzlGLdfPsZXjRI5LOS7nuJLjao4hrxgAAAAAAAAAAAAAAAAAALgHiuqfFH/yu2tpfbC7vvREdOOK9UAfeT8LAAD//+5q8Ug=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x10, 0x15, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f40)={{r2, <r6=>0xffffffffffffffff}, &(0x7f0000000e80), &(0x7f0000000ec0)=r3}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x18, 0x76, 0x0, 0x0, 0x86040000}}, &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xa, 0x4cd, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{r8}, &(0x7f0000000480), &(0x7f00000004c0)='%-010d \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x3, &(0x7f00000003c0)={{r8}, &(0x7f0000000340), 0x0}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{}, &(0x7f0000000040), &(0x7f0000000140)='%-010d \x00'}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{0x1}, &(0x7f0000000200), &(0x7f0000000240)=r7}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x2, 0x4, 0x7fff, 0x2000, r6, 0x401, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x2, 0x5}, 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0xa, 0x4, 0x3}, 0x48)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r10, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000580)={r9, &(0x7f0000000480), &(0x7f0000000540)=@tcp=r10}, 0x20)
recvmmsg(r10, &(0x7f0000002740)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)=""/226, 0xe2}], 0x1}}], 0x2, 0x62, 0x0)

2.669852875s ago: executing program 4 (id=512):
keyctl$clear(0x3, 0xfffffffffffffffd)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0) (fail_nth: 1)

2.669438744s ago: executing program 3 (id=513):
creat(&(0x7f0000000000)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0) (async)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}})
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x4, &(0x7f00000003c0)={[{@nostrict}, {@unhide}, {@unhide}, {@dmode={'dmode', 0x3d, 0x6}}, {@gid}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@gid}, {@noadinicb}]}, 0xff, 0xc43, &(0x7f0000001040)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x74, &(0x7f0000000400)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x62, 0x1, 0x1, 0x8, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xff, 0x16, 0x2, 0x2, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, [@call_mgmt={0x5, 0x24, 0x1, 0x3, 0x16}, @acm={0x4, 0x24, 0x2, 0x2}, @mdlm={0x15, 0x24, 0x12, 0x6}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x400, 0x2, 0x4}}], {{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x0, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff}}}}}]}}]}}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) (async)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
capget(0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x5423, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f0000001a40)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRES16, @ANYRES64=0x0], 0xfd, 0x1500, &(0x7f0000001b80)="$eJzs3AuYTmX3MPC17vveDDk8SXLa616bJzncJEkoSQ5JkoTknJAkSV6vJIackpCEHCfJYUzIOU0a5/Mh56TJK0mSkJDk/q4pff69p97e7/1/+v9n/a5rX8+9Zu9177VnzTP7cM08X3UfUbNJrWoNmRn+HfqXAf78kggACQAwGAByA0AAAOXzlM+TsT6bxsR/ayfiv0mj5CtdgbiSpP+Zm/Q/c5P+Z27S/8xN+p+5Sf8zN+l/5ib9FyJTSylwtSyZd5Hn///Dqf+XZDn/Zwr4j1ZI//+30b9ra+l/5ib9z9yk/5mb9D8zC650AeIKk/d/5ib9FyJT+48/U95w7ko/05bldyxCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIcT/B+f8ZQYAfhlf6bqEEEIIIYQQQgjxn+PfudIVCCGEEEIIIYQQ4r8fggINBgLIAlkhAbJBdrgKckBOyAW5IQZXQx64BvLCtZAProP8UAAKQiEoDCEQWGCIoAgUhThcD8XgBigOJaAklAIHpaEM3Ahl4SYoBzdDebgFKsCtUBEq/bTPDHdAVbgTqsFdUB1qQE2oBXdDbbgH6sC9UBfug3pwP9SHB6ABPAgNoRE0hoegCTwMTaEZNIcW0BJaQevfyE/K/ffyn4Ne8Dz0hj6QCH2hH7wA/WEADIRBMBhehCHwEgyFl2EYDIcR8AqMhFdhFLwGo2EMjIXXYRyMhwkwESbBZEiCN2AKvAlT4a2Hc8J0mAEzIRlmQQq8DbNhDsyFd2AezIcFkJRtESyGJfAuLIX3IBXeh2XwAaTBclgBK2EVrIY1sBbWwXrYABthE2yGLbAVtsGHsB12wE7YBbthD+yFj2AffAz74RNIx09/Z/7ZX+dDDwQEVKjQoMEsmAUTMAGzY3bMgTkwF+bCGMYwD+bBvJgX82E+zI/5MRELYmEsjISEjIxFsAjGMY7FsBgWx+JYEkuiQ4dlsAyWxZuwHJbD8lgeK2AFrIiVsBLehrdhFayCVbEqVsNqWB2rY02siXfj3XgP1sE6WBfrYj2sh/WxPjbABtgQG2JjbIxNsAk2xabYHJtjS2yJrbE1tsE22BbbYntsjx2wA3bEjtgJO2Fn7IxdsEvGDxt2w27YHbtjD3wWn8Xn8Dl8Hp/HPlhd9cV+2A/7Y38ciINwEL6IQ/AlfAlfxmE4HEfgK/gKvoqj8AyOxjE4FsdiFTUeJ+BEZDUZkzAJs8IUnIpTcRpOx+k4E5NxFqZgCs7GOTgH38F5OB/n40JciItxCS7BpfgepmIqLsOzmIbLcQWuxFW4GlfhWlyHa3EDbsQNuBk341bcih/ih7gDd+Au3IV7cA9+hB/hx/gxDsN0TMcDeAAP4kE8hIfwMB7GI3gEj+JRPIbH8DgexxN4Ek/hSTyNp/EMnsVzAHAez+MFvIAX8WLGm19lMMqoLCqLSlAJKrvKrnKoHCqXyqViKqbyqDwqr8qr8ql8Kr/KrwqqgqqwKqxIkWIVqSKqiIqruCqmiqniqrgqqUoqp5wqo8qosqqsKqfKqfLqFlVB3aoqqkqqnbtN3aaqqPauqrpTVVPVVHVVQ9VUtVQtVVvVVnVUHVVX1VX1VD1VXz2gGqi+OBAbqYzONFHDsakagc1VC9VStVKv4iOqjRqFbVU71V49psbgaOyo2rhO6knVWU3ALuppNRGfUd3UZOyu/qx6qGdVT/Wc6qXaut6qj5qGfVU/NRP7qwFqoBqkZmMNldGxmupl9VzW4WqEekUtxlfVKPWaGq3GqLHqdTVOjVcT1EQ1SU1WSeoNNUW9qaaqt9Q0NV3NUDNVspqlUtTbaraao+aqd9Q8NV8tUAvVIrVYLVHvqqXqPZWq3lfL1AcqTS1XK9RKtUqtVmvUWrVOrVcb1Ea1SW1WW9RWtU19qLarHWqn2qV2qz1qr/pI7VMfq/3qE5WuPlUH1F/UQfWZOqQ+V4fVF+qI+lIdVV+pY+prdVx9o06ok+qU+ladVt+pM+qsOqe+V+fVD+qC+lFdVF6BRq201kYHOovOqhN0Np1dX6Vz6Jw6l86tY/pqnUdfo/Pqa3U+fZ3ObwrogrqQLqxDTdpq1pEuoovquL5eF9M36OK6hC6pS2mnS+sy+kZdVt+ky+mbdXl9i66gb9UVdSVd2YO+XVfRd+iq+k5dTd+lq+sauqaupe/WtfU9uo6+V9fV9+l6+n5dXz+gG+gHdUPdSDfWD+km+mHdVDfTzXUL3VK30q31I7qNflS31e10e/2Y7qAf1x31E7qTflJ31k/pLvpp3VU/o7vpP+nu+s+6h35W99Q/6ova6966j07UfXU//YLurwfogXqQHqxf1EP0S3qoflkP08P1CP2KHqlf1aP0a3q0HqPH6tf1OD1eT9AT9SQ9WSfpN/QU/aaeqt/S0/R0PUPP1Ml6lh54aaa5/0L+m38nf+hPe9+qt+kP9Xa9Q+/Uu/RuvUfv1Xv1Pr1P79f7dbpO1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9vf5Wn9bf6TP6rD6rv9fn9Xl94dL3AAwaZbQxJjBZTFaTYLKZ7OYqk8PkNLlMbhMzV5s85hqT11xr8pnrTH5TwBQ0hUxhExoy1rCJTBFT1MTN9aaYucEUNyVMSVPKOFPalDE3/t58+Ov836qvtWlt2pg2pq1pa9qb9qaD6WA6mo6mk+lkOpvOpovpYrqarqab6Wa6m+6mh+lhepqeppfpZXqb3ibRJJp+5gXT3wwwA80gM9i8aIaYIWaoGWqGmWFmhBlhRpqRZpQZZUab0WasGWvGmXFmgplgJplJJsnnNlPMFDPVTDXTzDQzY3Buk2ySTYpJMbPNbDPXzDXzzDyzwCwwi8wis8QsMUvNUpNqUs0ys8ykmeVmuVlpVprVZrVZa9aa9Wa92Wg2ms1ms0kz28w2s91sNzvNTrPb7DZ7zV6zz+wz+81+k27SzQFzwBw0B80hc8gcNofNEXPEHDVHzTFzzBw3x80Jc8KcMqfMaXPanDFnzDlzzpw3580Fc8FcNBczLvsCFajABCbIEmQJEoKEIHuQPcgR5AhyBbmCWBAL8gR5grzBtUG+4Logf1AgKBgUCgoHYUCBDTiIgiJB0SAeXB8UC24IigclgpJBqcAFpYMywY1B2eCmoFxwc1A+uCWoENwaVAwqBZWD24LbgyrBHUHV4M6gWnBXUD2oEdQMagVZAeCeoE5wb1A3uC+oF9wf1A8eCBoEDwYNg0ZB4+ChoEnwcNA0aBY0D1oELYNWQevfNf/dQe3gn83v/ZnrHnW9wz5hYtg37Be+EPYPB4QDw0Hh4PDFcEj4Ujg0fDkcFg4PR4SvhCPDV8NR4Wvh6HBMODZ8PRwXjg8nhBPDSeHkMCl8I5wSvhlODd8Kp4XTwxnBzDA5nBWmhG+Hs8M54dzwnXBeOD9cEC4MF4WLQ/z5khhSw/fDZeEHYVq4PFwRrgxXhavDNeHacF24PtwQbgw3hZvLD/l503B7uCPcGe4Kd4d7wr3hR+G+8ONwf/hJmB5+Gh4I/xIeDD8LD4Wfh4fDL8Ij4Zfh0fCr8Fj4dXg8/CY8EZ4MT4XfhqfD78Iz4dnwXPh9eD78IbwQ/hheDH3GxX3G6Z0MGcpCWSiBEig7ZacclINyUS6KUYzyUB7KS3kpH+Wj/JSfClJBKkyFKQMTUxEqQnGKUzEqRsWpOJWkkuTIURkqQ2WpLJWjclSeylMFqkAVqSJVpsp0O91Od9AddCfdSXfRXVSDalAtqkW1qTbVoTpUl+pSPapH9ak+NaAG1JAaUmNqTE2oCTWlptScmlNLakmtqTW1oTbUltpSe2pPHagDdaSO1Ik6UWfqTF2oC3WlrtSNulF36k49qAf1pJ7Ui3pRb+pNiZRI/agf9af+NJAG0mAaTENoCA2loTSMhtEIGkEjaSSNolE0msbQWHqdxtF4mkATaRJNpiRKoik0habSVJpG02gGzaBkSqYUSqHZNJvm0lyaR/NoAS2gRbSIltASWkpLKZVSaRktozRKoxW0glbRKlpDa2gdraMNtIE20SbaQltoG22j7bSddtJO2k27aS/tpX20j/bTfkqndDpAB+ggHaRDdIgO02E6QkfoKB2lY3SMjtNxOkEn6BSdotN0ms7QGTpH5+g8/UAX6Ee6SJ4SbDab3V5lc9icNpfNbf86zm8L2IK2kC1sQ5vPXvermKy1xW0JW9KWss6WtmXsjX8TV7SVbGV7m73dVrF32Kq2os0G/zWube+xdey9tq69z9ayd/8qrmfvt/Xtw7aBbWYb2ha2sW1lm9iHbVPbzDa3LWxL28p2sI/bjvYJ28k+aTvbp/4mXmrfs+vservBbrT77Mf2nP3eHrVf2fP2B9vb9rGD7Yt2iH3JDrUv22F2+K9jADvWvm7H2fF2gp1oJ9nJfxPPsDNtsp1lU+zbdrad8zfxEvuunWdT7QK70C6yi3+KM2pKte/bZfYDm2aX2xV2pV1lV9s1du3/rXWl3Wy32K12r/3Ibrc77E67y+62e36KM45jv/3EpttP7RH7pT1oP7OH7DF72H7xU5xxfMfs1/a4/caesCftKfutPW2/s2fs2Z+OP+PYv7U/2ovWW2BkxZoNB5yFs3ICZ+PsfBXn4Jyci3NzjK/mPHwN5+VrOR9fx/m5ABfkQlyYQya2zBxxES7Kcb6ei/ENXJxLcEkuxY5Lcxm+kcvyTVyOb+byfAtX4Fu5Ilfiynwb385V+A6uyndyNb6Lq3MNrsm1+G6uzfdwHb6X6/J9XI/v5/r8ADfgB7khN+LG/BA34Ye5KTfj5tyCW3Irbs2PcBt+lNtyO27Pj3EHfpw78hPciZ/kzvwUd+GnuSs/w934T9yd/8w9+Fnuyc9xL36ee3MfTuS+3I9f4P48gAfyIB7ML/IQfomH8ss8jIfzCH6FR/KrPIpf49E8hsfy6zyOx/MEnsiTeDIn8Rs8hd/kqfwWT+PpPINncjLP4hR+m2fzHJ7L7/A8ns8LeCEv4sW8hN/lpfwep/L7vIw/4DRezit4Ja/i1byG1/I6Xs8beCNv4s28hbfyNv6Qt/MO3sm7eDfv4b38Ee/jj3k/f8Lp/Ckf4L/wQf6MD/HnfJi/4CP8JR/lr/gYf83H+Rs+wSf5FH/Lp/k7PsNn+Rx/z+f5B77AP/JF9gwRRirSkYmCKEuUNUqIskXZo6uiHFHOKFeUO4pFV0d5omuivCs6/Hw2igpEBaNCUeEojCiyEUdRVCQqGsWj66Ni0Q1R8ahEVDIqFbmodFQmujEqG90UlYtujspHt0QVolujilGlqHJ0W3R7VCW6I6oa3RlVi+6Kqkc1oppRrejuqHZ0T1QnujeqG90XlYvuj+pHD0QNogejhlGjqHH0UNQkejhqGjWLmkctopZRq6h19EjUJno0ahu1i9pHj0UdosejjtETUafoyahz9NTl9SWCS/X/en1i1DfSl56Q3asXxRfHl8TfjS+NvxdPjb8fXxb/IJ4WXx5fEV8ZXxVfHV8TXxtfF18f3xDfGN8U3xzfEt8a975WVnCYcSMMxgUui8vqElw2l91d5XK4nC6Xy+1i7mqXx13j8rprXT53ncvvCriCrpAr7EJHzjp2kSviirq4u94Vcze44q6EK+lKOedKuzKulWvtWrs27lHX1rVz7d1j7jH3uHvcPZFwqXDXxT3turpnXDf3J/cn92fXwz3rerrnXC/3vOvt+rhEl+j6uX6uv+vvBrqBbrAb7Ia4IW6oG+qGuWFuhBvhRrqRbpQb5Ua70W6sG+vGuXFugpvgJrlJLskluSluipvqprppbpqb4Wa4ZJfsUlyKm+1mu7lurpvn5rkFboFb5Ba5JW6JW+qWulSX6pa5ZS7NpbkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra57W672+l2ut1ut9vr9rp9bp/b7/a7dJfuDrgD7qA76A65z92lC6jEo+4rd8x97Y67b9wJd9Kdcl6fdt+5M+6sO+e+d+fdD+6C+9FddN4lxd6ITYm9GZsaeys2LTY9NiM2M5YcmxVLib0dmx2bE5sbeyc2LzY/tiC2MLYotji2JPZubGnsvVhq7P3YstgHsbTY8tiK2MrYqtjqmPeFtke+iC/q4/56X8zf4Iv7Er6kL+WdL+3L+Bt9WX+TL+dv9uX9Lb6Cv9VX9JV8Zd/MN/ctfMuM8v0jvo1/1Lf17Xx7/5jv4B/3Hf0TvpN/0nf2T/ku/mnf1T/zy4Pb+ZdefS//vO/t+/hE39f38y/4/n6AH+gH+cH+RT/Ev+SH+pf9MD/cj/Cv+JH+VT/Kv+ZH+zF+rH/dj/Pj/QQ/0U/yk32Sf8NP8W/6qf4tP81P9zP8TJ/sZ/kU/7af7ef4uf4dP8/P9wv8Qr/IL/ZL/Lt+qX/Pp/r3/TL/gU/zy/0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv8x/67X6H3+l3+d1+j9/rP/L7/Md+v//Ep/tP/QH/F3/Qf+YP+c/9Yf+FP+K/9Ef9V/6Y/9of99/4E/6kP+W/9af9d/6MP+vP+e/9ef+Dv+B/9Bflf9aEEEIIIf4l+jfW9/07X1OXlgz9ACDnjgKH/3rOTfl+Hg9Q+zrHAODJPt0b/bI0apSYmHhp2zQNQdGFABC7nP/T5w9cipdDe3gcOkE7KPt36xugKv903ffP5o/fApAdINsvOQm//AHCr+a/6R/M3+xd/q35FwIUL3o5J2NHv8SX5y/3D+bf0+E35s/2WRJA2/+SkwMux5fnLwOPwlPQ6VdbCiGEEEIIIYQQPxugzvf4rfvbjPvzguZyTla4HP/W/flvqPqfOAYhhBBCCCGEEEL8c8882/OJRzp1atf1f/Mg6x+jjD/AAAHgD1CGDP74gyv9m0kIIYQQQgjxn3b5ov9KVyKEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQmRe//4nhKl/eeMrfYxCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfZ/AgAA//91hEhA")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000100)='./file0\x00')
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r3, 0x0) (async)
listen(r3, 0x0)
syz_emit_ethernet(0x96, &(0x7f0000000440)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x60, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x79, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x5, "03c0ab"}, @window={0x3, 0x3}, @mss={0x1e, 0x4, 0x10}, @sack_perm={0x4, 0x2}, @generic={0x0, 0xa, "8bfbd54ae56dd076"}, @timestamp={0x8, 0xa}, @sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, "7232407c80067615774fdbb46eb86cc8"}, @generic={0x0, 0xa, "111fad2ea7434823"}, @exp_fastopen={0xfe, 0x9, 0xf989, "b43eb61a1a"}]}}}}}}}}, 0x0) (async)
syz_emit_ethernet(0x96, &(0x7f0000000440)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x60, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x79, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x5, "03c0ab"}, @window={0x3, 0x3}, @mss={0x1e, 0x4, 0x10}, @sack_perm={0x4, 0x2}, @generic={0x0, 0xa, "8bfbd54ae56dd076"}, @timestamp={0x8, 0xa}, @sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, "7232407c80067615774fdbb46eb86cc8"}, @generic={0x0, 0xa, "111fad2ea7434823"}, @exp_fastopen={0xfe, 0x9, 0xf989, "b43eb61a1a"}]}}}}}}}}, 0x0)
getdents(r1, 0x0, 0x0) (async)
getdents(r1, 0x0, 0x0)
openat$cgroup_devices(r1, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0) (async)
openat$cgroup_devices(r1, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x105021, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x9, &(0x7f0000000040), 0x4) (async)
setsockopt$packet_int(r5, 0x107, 0x9, &(0x7f0000000040), 0x4)

1.865049172s ago: executing program 4 (id=514):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000070000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c460880000000080000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000012, 0x100e, 0x2, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.576755837s ago: executing program 0 (id=515):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x21081e, &(0x7f0000000840), 0x1, 0x4e6, &(0x7f0000001400)="$eJzs3U1vW0sZAODXzpeTm3uTe+kCENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYXSOT1I3tZvQfDiKn0c6OmdmHL8zdc9M/brxBNC3LkXEVkQMR8TDiJjI6nPZEXdbR/K4V9tP53e2n87notm8/89c2p7URdvPJD7KnrMQET/6XsRPc+/GrW9sLs9VKuW1rDzVqK5O1Tc2ry9V5xbLi+WVUml2Znb69o1bpWMb68XqcHb15Zd/2PrWz5NujWc17eM4Tq2hD+3FSQxGxA9OIlgPDGTjGe51R/gg+Yj4LCIup/f/RAykryYAcJ41mxPRnGgvAwDnXT7NgeXyxSwXMB75fLHYyuFdiLF8pVZvXHtUW19ZaOXKJmMo/2ipUp7OcoWTMZRLyjPp9ZtyaV/5RkR8GhG/GBlNy8X5WmWhl//wAYA+9tG+9f8/I631HwA45wq97gAAcOqs/wDQf6z/ANB/rP8A0H+s/wDQf6z/ANB/rP8A0Fd+eO9ecjR3su+/Xni8sb5ce3x9oVxfLlbX54vztbXV4mKttph+Z0/1oOer1GqrMzdj/cnkt1frjan6xuaDam19pfEg/V7vB+WhUxkVAPA+n1588edcRGzdGU2PaNvLwVoN51u+1x0Aemag1x0AesZuX9C/jvAeX3oAzokOW/S+pRARo/srm81m8+S6BJywq1+Q/4d+1Zb/97+Aoc/I/0P/kv+H/tVs5g67538c9oEAwNkmxw90+fz/s+z82+zDgZ8s7H/E85PsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxtu/v/FrO9wMcjny8WIz6OiMkYyj1aqpSnI+KTiPjTyNBIUp7pcZ8BgKPK/y2X7f91deLK+P7W4dzrkfQcET/71f1fPplrNNb+mNT/a6++8TyrL/Wi/wDAQXbX6fTc9kb+1fbT+d3jNPvz9+9GRKEVf2d7OHb24g/GYHouxFBEjP07l5Vbcm25i6PYehYRn+80/lyMpzmQ1s6n++MnsT8+1fj5t+Ln07bWOfmz+Nwx9AX6zYtk/rnb6f7Lx6X03Pn+L6Qz1NFl81/yVPM76Rz4Jv7u/DfQZf67dNgYN3///dbV6LttzyK+OBixG3unbf7ZjZ/rEv/KIeP/5UtfudytrfnriKvROX57rKlGdXWqvrF5fak6t1heLK+USrMzs9O3b9wqTaU56qnuq8E/7lz7pFtbMv6xLvELB4z/64cc/2/++/DHX31P/G9+rVP8fFx4T/xkTfzGIePPjf2u0K0tib/QZfwHvf7XDhn/5V8339k2HADonfrG5vJcpVJec+Hi7F8kf2XPQDc6XnzntGINx//1U83mB8XqNmMcR9YNOAv2bvqIeN3rzgAAAAAAAAAAAAAAAB2dxm8s9XqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA///77dI4")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r0, 0x0, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x88, 0x0, &(0x7f0000000a80)="3b1c2fac82e71ea0f1bbe02f0ad1b1596b940795b65167892b6288f1232d882d6867f0498018bfe4b82f85768644038e5ceece9c99c9035aed496dd5121ef3ffa33e5aa053a4f3311d1800970743a60e97d402ca798fa7629f0ab7f4feddc43587bfee674941b874533cf13b89cdb1f987430b31643e4c25ab9d7577dcf16a3b1cde1388c1d59328", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000001a000f"], 0x1c}}, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
r6 = dup(r4)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)

1.506641133s ago: executing program 4 (id=516):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x21081e, &(0x7f0000000840), 0x1, 0x4e6, &(0x7f0000001400)="$eJzs3U1vW0sZAODXzpeTm3uTe+kCENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYXSOT1I3tZvQfDiKn0c6OmdmHL8zdc9M/brxBNC3LkXEVkQMR8TDiJjI6nPZEXdbR/K4V9tP53e2n87notm8/89c2p7URdvPJD7KnrMQET/6XsRPc+/GrW9sLs9VKuW1rDzVqK5O1Tc2ry9V5xbLi+WVUml2Znb69o1bpWMb68XqcHb15Zd/2PrWz5NujWc17eM4Tq2hD+3FSQxGxA9OIlgPDGTjGe51R/gg+Yj4LCIup/f/RAykryYAcJ41mxPRnGgvAwDnXT7NgeXyxSwXMB75fLHYyuFdiLF8pVZvXHtUW19ZaOXKJmMo/2ipUp7OcoWTMZRLyjPp9ZtyaV/5RkR8GhG/GBlNy8X5WmWhl//wAYA+9tG+9f8/I631HwA45wq97gAAcOqs/wDQf6z/ANB/rP8A0H+s/wDQf6z/ANB/rP8A0Fd+eO9ecjR3su+/Xni8sb5ce3x9oVxfLlbX54vztbXV4mKttph+Z0/1oOer1GqrMzdj/cnkt1frjan6xuaDam19pfEg/V7vB+WhUxkVAPA+n1588edcRGzdGU2PaNvLwVoN51u+1x0Aemag1x0AesZuX9C/jvAeX3oAzokOW/S+pRARo/srm81m8+S6BJywq1+Q/4d+1Zb/97+Aoc/I/0P/kv+H/tVs5g67538c9oEAwNkmxw90+fz/s+z82+zDgZ8s7H/E85PsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxtu/v/FrO9wMcjny8WIz6OiMkYyj1aqpSnI+KTiPjTyNBIUp7pcZ8BgKPK/y2X7f91deLK+P7W4dzrkfQcET/71f1fPplrNNb+mNT/a6++8TyrL/Wi/wDAQXbX6fTc9kb+1fbT+d3jNPvz9+9GRKEVf2d7OHb24g/GYHouxFBEjP07l5Vbcm25i6PYehYRn+80/lyMpzmQ1s6n++MnsT8+1fj5t+Ln07bWOfmz+Nwx9AX6zYtk/rnb6f7Lx6X03Pn+L6Qz1NFl81/yVPM76Rz4Jv7u/DfQZf67dNgYN3///dbV6LttzyK+OBixG3unbf7ZjZ/rEv/KIeP/5UtfudytrfnriKvROX57rKlGdXWqvrF5fak6t1heLK+USrMzs9O3b9wqTaU56qnuq8E/7lz7pFtbMv6xLvELB4z/64cc/2/++/DHX31P/G9+rVP8fFx4T/xkTfzGIePPjf2u0K0tib/QZfwHvf7XDhn/5V8339k2HADonfrG5vJcpVJec+Hi7F8kf2XPQDc6XnzntGINx//1U83mB8XqNmMcR9YNOAv2bvqIeN3rzgAAAAAAAAAAAAAAAB2dxm8s9XqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA///77dI4")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r0, 0x0, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f00000010c0)={<r4=>0x0})
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={r4}, 0x1)

1.506473263s ago: executing program 2 (id=517):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001480)=@base={0x12, 0x3, 0x4, 0x6}, 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000011c0)={r1, &(0x7f00000001c0)="4addc3", &(0x7f0000000000)=@udp=r2}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000680)={r1, &(0x7f0000000540), &(0x7f0000000640)=@udp=r2}, 0x20)
close_range(r0, 0xffffffffffffffff, 0x0)

1.505910923s ago: executing program 1 (id=518):
r0 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f00000002c0)={0x0, @reserved})

1.4257878s ago: executing program 1 (id=519):
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x4e, 0xa2, 0x8, 0x10, 0x55d, 0x9002, 0x235e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x24, 0x84, 0xb4}}]}}]}}, 0x0)
r0 = syz_mount_image$reiserfs(&(0x7f0000000080), &(0x7f0000000140)='./file0\x00', 0x120c083, &(0x7f0000000480), 0xfd, 0x1117, &(0x7f00000024c0)="$eJzs2cFq1FAUBuD/JqPtbiTug6ALF1JaxgewC4XZutWNSEGwqw4Iiq/hG/gWvoJ25b50r4uCSyESM3GqDKh0KgjfB8k9OcnJyV3emwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBvknwqyfUqacZclaQkbXs8P03Sjvlr7+sqJQ8P5ov7R7MHiyT198fLo6T0VX1Zmr2b282smTV7zd17+7c+LF6+ev7k8PDgaPmakjYnZxudRRlP9flc2WgPAAAA+G91FzbNmxd/0unqJfUHAAAAfmfT+wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6ubruJmDKokJWnb4/lpknZN3ZV/9H0AAADAxZVUeTxdlx+2AVbu5OO0/Mj345fSx7t5u6YeAAAAWHn27qfLbmsZnP+//rUb9Ovu25kM6/Lt4d6NTLKzM8TLIZ/3kzrJ7i+9Ts5ePx2P0tXJ1uXMCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBv7MABCQAAAICg/6/bESgAAAAAAAAAAAAAAAAAAAAAAAAAFwUAAP//YwzhLg==")
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000100)='.\x00', 0x1a484bc, &(0x7f0000007480)=ANY=[@ANYRES8=r0, @ANYBLOB="eea73c3ca047349ab66dff07b1e2bdc61875c6ccebea30ba1b8977c632dd4bd75d3cfd10cce0c88ccff020447cd9caded4abf65767e9dbbd7b5841a8ce3eb44c7151dec2b7b8f9cf870af04f1cc951b195c7fd36ffdbd0622cdc14395f095fb0d31f384214d59a0105d577557215473973f3b70178f49f07562f4d21cad59fafb7fbaf76061c56fdd2093329e2ece7cf96435bca11a90ba7f31e69c4b73ba3d172906ffc90f5de134a696a731d20a9cf70009a31f83d4b774b0d99de69f14de9e655b84b646166d979b9cdbde38324510998bba500000000007cf791c3e2fc9c72f920a64e00"/240, @ANYRES8, @ANYRESDEC=r0, @ANYRESOCT, @ANYRES16, @ANYRESHEX=r0, @ANYRESHEX, @ANYRESDEC], 0x1, 0x0, &(0x7f0000000480))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
truncate(&(0x7f0000000200)='./file0\x00', 0x3a6001)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000040)='\x00', 0x1}], 0x1, 0x8000000, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$binfmt_elf64(r3, &(0x7f0000000140)=ANY=[], 0xfe6f)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
truncate(&(0x7f0000000000)='./file0\x00', 0xf00)
write$FUSE_NOTIFY_POLL(r1, &(0x7f0000000240)={0x18}, 0x18)

1.322423568s ago: executing program 2 (id=520):
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x7, 0x8, 0x22}, 0x48)
setsockopt$nfc_llcp_NFC_LLCP_MIUX(r1, 0x118, 0x1, &(0x7f0000000100)=0x436, 0x4)
r3 = socket(0x10, 0x3, 0x0)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_RW(r4, 0x118, 0x0, &(0x7f0000000080)=0x12, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r7 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r7)
getsockname$packet(r7, &(0x7f00000004c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$FOU_CMD_ADD(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2c, r6, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @local}, @FOU_ATTR_IFINDEX={0x8, 0xb, r8}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}]}, 0x2c}}, 0x0) (fail_nth: 1)
r9 = socket$inet6(0xa, 0x2, 0x0)
r10 = fcntl$dupfd(r9, 0x0, r9)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r2, &(0x7f0000000240), &(0x7f0000000280)=@udp6=r10}, 0x20)
recvfrom$inet_nvme(r10, &(0x7f0000000000)=""/6, 0x6, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x3ff, &(0x7f0000000500))
migrate_pages(0x0, 0x3, &(0x7f00000002c0)=0x7f, &(0x7f0000000300)=0xa)
syz_emit_ethernet(0x4e, &(0x7f0000000440)={@broadcast, @random="42e17dbe6edb", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "2e5cea", 0x18, 0x3c, 0x0, @rand_addr=' \x01\x00', @mcast2, {[@hopopts={0x90, 0x1, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}, @ra={0x5, 0x2, 0x4}]}], {0x0, 0x0, 0x8}}}}}}, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r11=>0x0)
io_submit(r11, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000080)="0d32818e7e6ae0cd0289", 0xa}])

456.721541ms ago: executing program 4 (id=521):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000900000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000580)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f00000001c0)={0x10, 0x0, r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000001400), r3)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r3, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000060014002a3a0000080001006c"], 0x24}}, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="12010000ca962e10d219d0ffc1e00102030109021b0001000000000904000001ffff1b0109058d030000000000"], 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$CAPI_REGISTER(0xffffffffffffffff, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0x800})
r5 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CAPI_REGISTER(r5, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0xd0})
r6 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$CAPI_REGISTER(r6, 0x400c4301, &(0x7f00000003c0)={0x0, 0x0, 0x1ff})
r7 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$CAPI_REGISTER(r7, 0x400c4301, &(0x7f0000000480)={0x0, 0x0, 0x8000})

41.656276ms ago: executing program 0 (id=522):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
memfd_create(&(0x7f0000000140)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6#\r\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?$^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xce\xe5\x19THP\xf4O\xe2\x9f\xd9\xae\xcf>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0\xb04\xb7T5\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\x03\x8a\xc40\xbe\xe3\x93A\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\xcbC\x15\xfcp\x11\xdai\f{\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\x82t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6^r\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9w\xd2\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x00\x00\x00\x00\x00\x00\x00', 0x0)
r3 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
write(r3, &(0x7f0000000040)="0600", 0x2)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000180)=ANY=[], 0xe)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f000002eff0)={0x135, &(0x7f0000000000)=[{}]}, 0x10)

0s ago: executing program 2 (id=523):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000540)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x45e, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x0, "22f527ff"}]}}, 0x0}, 0x0)
r1 = syz_mount_image$reiserfs(&(0x7f0000000140), &(0x7f0000001140)='./file0\x00', 0x98, &(0x7f0000000280), 0x1, 0x10ef, &(0x7f00000022c0)="$eJzs2DGLE0EYBuB3dg/kqshcvx5oYSHHHfEPXKGQxsLaLljZmUrJz/HnyFX2R3pTBOyVTQwJEhDJYuB4Hlh252Vmvp1yvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvLPlekosmqdusSVKSrrubLJJ02/zx17ZJydv3k9mrj+PXs8209FmT0q9aj+vN01rHdVxv6suL22d19unzh3avZEmX+9V8ev5mOehR+trtoDsCAADAw/DzaKMT1wcAAAD+ZrBGAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA6vajSVKSrrubLJJ0p/0tAAAA4EglTd6NDuWbNsDOi3wblZRHu+RH6edc58uB9QAAAMC/KXv38ec5z5O9/DJnubrajH+/srxN2iTXf+xzv5pP18/lfFr+5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAGCqAAAA//9TGNII")
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = signalfd(r2, &(0x7f0000000000)={[0x10001]}, 0x8)
write$UHID_INPUT(r3, &(0x7f0000001180)={0x8, {"4e07f4617d023f456175e27e9b81d466b9979c182e4f831ff7aa04e87b49905a666808f65347fcd46b9fbddb619c9c9e4fe66e8746fa6d08def4fc9b36640108d613621dbe33880cba88383eae7aed8ef8216bd507e23b98cc79530b13a9bd30097b45bac98429d32381a3da081bf41b892188c312ab6b2e97b7d7b03dbd1ca667d836997c7a378e1d000583367c25c96557429612e41468d6804d0be0aeb558a6c9936052729dd54f6353ac803620376b5a1859ba3d869fd36872a1f9897995f16aad2f10c7626d338b2efd5a632d1dd7a0e9241204739e1902dde9748083af63a75e9fdd030c7dbffb19fe9822e79f31dcc233ce44bf875fb8fa0b6eefbbdb4caba9ed05b7947f7e230ae363f50355c5c4fdb35c48fa0381a5f9c85a25a45b44d1a1935d951f20a5329b77c59412490772766399100941bbe8de3d463e896c0ea91bf5897b6b37816d1ed72a5f9586c578b9d3f95271aa3db05061a64eb8d44a72ff860c13d68a58326418da15c0f5722c3f758fd0f445595a7710929bd5cc5db73ae3687cd6f2b19d7c38bd9adb0ac4c410f9aff9cb6a0ebc3d3a4436f7aba220949217110fcffcb30e2a4cd02ad1ad6abadf516f1d712a92281acad59847d5227d1493c7a9d8eecb17b690115a91721ae6d12400588ab39fbd3453448612fb91a26c6a088f462e3d3715c9bb159e3f9114a573a7e3358996b60d7814c1b8ef886f4bb9b1028c3acd0897d851106891c53cd406e42334111a82ce5e883eef8f9e3de3e69489d68d6e515cf194da681d6b2ac443f2082011e667e5f2e4bf71d3c79ea27dc82a5f5e713b518b0ca35e48a4eeba8be2c042c03e79b0af4b2be48eb9da37d63997d2201f2eece27ab5726ce78a2ed58f32cd355c1bdf626a70275d7a2292bc8ba460e51736d8ad2e3a25b3cb3f80ddd685b5e7ad38b39cbea3b21e27e1cf2c380585f347fbecb532c5f0cd0ef59b7553aadb494fbf21d30a00344df32483637b4240f3cd6d3135bff022695de68fc0fff5418fc67b5574acb7c269a8b3634b5c8f768ab823f4b0780dec6a3e27b4507e7066c67c4917c37e13bb67d3f16618107d3399dc423644984c2c1308e129893f50d5f5ac6f022151e602d23ef44c9b695156c03f18dd318ca6158f78c250e75a33a3d96a57c5dc74443d0f7c0b08c75070c81c2be40007d983f04d96fa6de73c508917587ca94047e7ef09f191f4711f613f65cb22dca5b3a0f0a88c6d3680d03d197819e8891187d6f9430d7ae8c3f4b0d800d0d4e17374b37799d3ddbca3c6cc5f49c3557c17379b48cecec0c9fb490e0622068563133245692ad7fadb219de2433543a8a13a6e061063cc9402af4bde020dad68993794ff72618d68b35458c09c9b6adeffcd0b8c4dd9a3414f0c97f2a7df0cfe39ef50b77c867aa1625c17c69e32c8f3672aa824b00dffd03fc55f4e6c19d4a695e7ee50c12522b243d53582a7c5c2f60d0cdce0214f901d75f132173fa00c6300147be3581cb810194df4f304f67d746b21b89fa1a731e52d5876a062e0107f2181f11383cf23217eb0ab85f95ed3395d14c9927379bde1b31ee9c98b5720f054fa51af79b446c698d89554725ae8998164e3a2308ee66f54cb0aa7ca88ca75d91debeff3646ed2bedbcc15c2be68b6c6c533e6873f38765a85cd252ad18414e189ba95e4ecbc894cabbc8bce459bb635ae3e16d423040fd115b970026364308b1bf0e072f7eefa6a92e219135e288cca04a7bc5ced8320253ff8b8a5b4d1438c2e07313f1919241e25914cd95417bf9bf89302d6a36849ce9a619cbae52db5a899f099f1bf039b46926f3b97bcd9f67a9fe8239eb44aa616be1876767432f32cccfcfe497f3520de74e674a7051c61d7adcc3d4c01cf1c5c75dc6a7ebd197124e42fa509e0cfe535acc8dd66de2a2842a095ad7b57c1893a8f2dde1ed6a10a7df660f5a67c5be76af36fbebe38c72311a6e15382b8a99262012aeb14b172c5cb0d0af932a9513657aefead8035df90524e6129fe7070779a0e4b9432eea368bea04923331d3aa65d97d5563d834d2e552870a99fd57eb1fa6c0cfbf19a68775be84e2ebf61903b8fa152d2e81c4bed4112f1e9238072d7be5e42ba1ae33209003eb81f5630ca40c3eb0c580168094e5ac3c94fff0edae2206833986ee0da7ad2cd3efc2dad9e436a6b7da4d1fe8ecef017a000fcbe53054a917072484424732d0f9e5a842b1dfefa6e7eb511e05332c038584ad8edc0842d75668d53b3045551286448c4c6a33278733c7a9d47b1819ccd09e0b309b10eab95fa35f73b85c01031f057d39d0a045f6f11d4a4e0cdae165ad682453799d0d89d0aae5fcb9cc7378d8a39703bc9c2df56f42ee19226dee784adaca1638e7f8ece4e618e91b400124462e5f92192ee27459445f20527007d8732bd9cf1ffedc4466161ad5d73a229a6d8ea5ee59c168990c17e55da34e9dc3f8b7fbda5d1e40699481d5ab391250b2d02e44e925230b28a740578829af9cf34243f5e8ea625c590103629867cead71558ad3cbc98278edcf302dd0a960f2811e4121f32bc6f5923dc8008362e19eae0f713f8eab8bd972cab84d071d1ee77d5ccfb47084b423df3272469e224df60c7699863f211dfaabfc140e26b739f4de42a3aec2c0f71cdda0ff660cbfc5a1b8c66fa9fb6a4f7a11bd191f1d0310060f8548e0b1d4421c277e58749d7d4f97b12581f027a577745be12b1b47b2c737403cad63b40572538bcc173ecfb044bc3162ab68d7049c42b56abb540b8b9f7a0a7f1dd3dbaabcc7d5524b21b930fa5f6dd7dd939f7d869e033051f99748085490afa5aa30777fe17b37bd530c89f00f7e739bd280edb28920546c9523a43e4746d570055be09ec3ffe1fa6f31bea58991957585d983503bd9be64dba77b4d21248bff883bb6d93939ad8e59c4681f2f77740a373af6d4b11abf6c59c53236f2cdbca1a936bc2771cdae7c568037bd22c2ff4222b12490e2d494b298c72317fa2291769a73ed53247de573021bce6466c8be058e88a707add4a7fe1f4ee9aed71bb8d63b8f2bcef89128d1ad615435f10ff53d9b9291b3e8f402df6689d099532d45d310cc2ff85edac4c6565b8d17d9cd84b8f9dde72d09974375eba9e7da018ccf7ddc03e7ff45a268ba2f0c679ca2891ffc47b48be0a3c8f29c993e84225ffcc60c210d3c8b007ebe264ea353cb812d3446a956cca57540ce25d6856a68784a494da21b68d6af6e066d45a063b5528d6535022e7ad3032d34411ac1a1c67dfccd6f4495c86f94a1efc94ab2e19dd78eb321ddd1fd2f72354192ebfd1305e3282f6fd49459374e55ac951782e792f9d2fc018ade69b740191df5f4702fc4a06516f53b1d1380e9e3e8075af095c0895fbd754253f65630e3be0353ab7cb0f57519e008aa5fac99eb9ca8718230884ce68cf854e71b0531c34965e8ba703bb34dcfa9be2056b5931b66496d98d7c695d9b6cc0231ea2aa44aeed2fd1d8581f62c61337bbad503faaa86b9729b7f8982d7fc69694653620102bb87c7222c6d9c37d200ae2bf698082211773a068e2bd3857ec623d674b0d6e199d96e017a9b0bbdda97fabec910314157fcf586ca2699eaf5b214a6b7ab9c1a195a78d14fedbfd19b3900acdb42a8557865fa5bcbf12455ca510ec21c6672d503d96092cb462e87345d525551eeaaa9e2a4af65fd127466b401e0c256d26792b231b8bbc12ed9cf53015d7b6d3db732037d37b325a95635ea9ccece6d5f5aa858b3aed63db6f5054f35b1093d2f8fee7207d7bbca9c38697f412aff7f10b75947f66db3b92355f988363f010e8cd2e03f9ff62067a30eb29fe26ae2b1399a37de0f1090a0d1f93740514fef950ea889cde0eecb71ec5ab431efbc22c272d8a2a8a6085c3a46a54bae37f895054bf339d458e92b682d7d81656d934fefef8c1af187f10a9fd15919589f9253dec38babb7f024fb2954589066d475e1dbd2b784b743a6dd60cba35958d1c60c960d4df4c44866d06de276dfdde2ed8c9d8f0baaf201a48e8e1bedfa61fb5e3b5d1cd530fb428cc45e4c7362cdeda42f0ac72f78dfc92a19ce656ccda4661d59a8f6306e0007d22c6123ac3ef4552fd84e606aeb732e4ed979a3a623a52f32972e02013a71937690641545a8371d07be28af54d1715df4eac1adb467d953e57436bd6653ee6f795546b30641fb130498c85ea5e0e6241015f5180815a7cb0f8e639b1d723f38ffb6613a21b6bc92a54645c5f2569d119c5b8c676164943a9a1bdf6c6e754b1a2838e4772d3234031f03aa471f4cafcd1369571b7b3d3b138df9f5830af2646f20d8d135ab0fe56ac18c7e731e7a7eb50daa7d1f70c9c3e28f4ae5d67d4e3e29ef1666e3a3afb2b218197ea700097c9b6a834dfa2a48d07c1ee424a5a11d123c0822ba51a16cc085c1d2fc240e6f0a6953f75f59fa4dfac89c7d4f3c088765c54fe4305840527fc91cc4f5350059c878e9221a2105477805020b1af6c5d3517d8a0adaae097074a3f14efda0d70513d22631d6929c7a059972699cc359478610b3e20d36047869ca163c569e502885a71b4a7410725943588e61d68f80b96e1de735cf5b5de2b276896cedce436635ee0f3d7d663f60ec6d9bd265c5a4746e64dd56e7b4d0d0b5cf3a092c86b5a66bb8dde16c3a70a57863042d907d374eec95ed7b0c65ce0b2f96063f238fbad8f184ffc1aada6cfb51255a669b16fcdc6b6d708f96c7c3b2b9801551cdbe7925e44686195d0c2f41d7bb572d5571e0e45265c6d2a0bb8b8fb673bbfec3b0b0a2a50346a7f4037b0a0c52d990a677dfb65f2f547d5bb7fa612270aa684ff6c0bfdb0ca2b0bfd3b1a93435d5b2d24339d4923f49471480f0d32a65919f8a1691c7e4f60c0826c8986b6bc2ef4e6bc2d1d257a096848e49f55a57b9b87d20cc3c2900a03a725769f3b8de8713bf32970c503067c38c6e205f76be7320ccd2316af3e7acf750d9757ef311e51db76eef08b509ac7e7342b31e768df41bc481caa725c2635f9ef4ac2cba349b4370c682eaa415e50e1494628c6bb87d0bdc7c365e1d72fcabe293048b75d62f1469da4101ea11f13b50fbcc81198e067b902c8d7d89fdf7b8fcf6f82c67ed43abe4be2c33b4301c7f7a907a4e6354f6bef17464be80b165cf2dee2bf8b6a3446db171cea32501c5ec17ddaf136074ddef5803b4f25e7b6cd9c19ccc81ce53b1bb803ecd34fee9ba2309945383745b4c5f4459d25cb6700cb287413ed9c15f3949b6453b33a3f3ed18b669c83568e12d95db726a21dc3bbba7f5ee8897f012f426f7b93943a1fe50946ada97cc7371eb5c18f442e0d4c91989edbd7367c77bc07e3bb3a814cc7171a7c1fed2e5e3a703340b6845f42c873fee5505df3d1400005db887db122d4686555cd5091486744ad79a1f26bb705b212f823516cbdfb446eed25c0cffbc2b5a327b3de0f73dfc6f9bf2281db737d8112eb8c73b2d6d8729e8e165d0f1ebfedb4ea0b1c7d8d237275cc87b73d29f7d0e0deba5012fb6d669144f6eabb39b16aee0cb83bc27284ca98381412ca7a4aa019786e24a9a7495df347a7f00915dbbebec6099507f3b5e6903794ea7e329456fd37015c3a55b2fb279b4b63ac6af1c36df6342dcce90351b381d66f5edd8b74a951cb9e4d231cbcabe4c53422080fb9028f3bdd8e9ba60cd6c76ee79f92ebe9101444e9c30f0b9579e2e6c2e27830412609e6eae46823d0d600852456ff9b27d89ce9a974e51b686419", 0x1000}}, 0x1006)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={r3}, 0x4)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x5}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r5}, @generic={0x66}, @initr0, @exit, @printk={@x={0x18, 0x0}, {0x3, 0x3, 0x3, 0xa, 0x0}, {0x5, 0x1, 0xb, 0x1, 0x5}, {0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffe00}, {}, {}, {0x85, 0x0, 0x0, 0x19}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000003e40)=""/222}, 0x90)
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)={0x40, r8, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}]}]}, 0x40}}, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f00000000c0)={0x400000, "0300001b000000fd480000000000b4c98300", <r9=>0xffffffffffffffff})
r10 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000040))
r11 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r9, &(0x7f0000000100)={0x30000000})
setuid(r4)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000440)={0x1, 0x0, 0x1000, 0x1000, &(0x7f00000033c0)="a270ae120d2b0e45694716bd5a1bb61a2ee6aac1cf6c44f5e7a434cde720d7d7aa8235b5627e8848b22a25e317ce833d2359085ccb92687c28183d00f320d5761136dc24316c9a5e56283436364288b017f5107ec8a8f5564e8d368b5c86c7efa4dc1a5726c2335b4da63fa6426fa41dea3ee2964cb7814db54cd8f4b8361d4a2cca9ec1a1affae935262bbdd45570fab22c1f145909bedc561b5c03f974d6c2c5d9b342378e2d8d1aa95a7c2009c4d189bf7f0b8d4a79fc699b1cd387f95cb86c3a53385f963d6db23e396dff03f8f5c61c409f0165407752392e536fb5c88f4b036b7c875e26361dbd334935c43ce69b0fe5d11f04ff5620c6b011a5c094ac110c7791883724900e4b9fed6809b1c67058f40e54d59e0c2abaa40a8e9b1bbbf5b7645be3a3d4a94bb4f5c6164f6584514b74a06d67319a41d57b91a01312f22a4919d7588e470ca3dbf64d74d2e6cf3634b8b897aeeeac49e29ce70d0eb4263e2e52209d8895a94159a9b41980f93cbb2c9357811e93143a08f752a1afd53662e0289dd0fd216f5a6e889b663d01b58241dd693cec4f1361a44ad4641db26341591c282a35c87ca35fb164f6ae5a67fa59c43274cbe52ac51c0595d1d204ec6cd5222b767e0de7f39ec8e8bc8b4a0f3942a9b216ea0be6be7edd86901bbfa3d98b5062a7111f43068e16bdef16c29e56baeb0b0e7248374b62a6f7584159b6c881d1c74a5045256006b1947ac8916aac9631ce90245efc2df8f413d3837116e06d3c969311a87a53f4aa58a3db76a394dc03a39d107ae433172282e44728e525f35d2b0e2be91d741bfec4694541632e3b858ae5ce1f73bd62e5c58d0603883fe446c5e3a5f357f35f9ff703c329e20de9ef228ce17d7c4e762791d5f057a3bff1e2f5d60966453e5fec0f2124ecf98f6a3df42f39794987986e7bbb3cb413ec5f650fd5d64aa63b96db8116eccdc95952d8e5d11f8c1609d9eb0eebbe9dff4314b1ebf5a82732d105c2480476f0ef2a4e6c6fe3f7ccc334cc92811fdad577dad8034b6110d4410dea3bb2dc011672d0f89faa6c65ee755e63911031c5d887780afc23993b0062e1a5dec7011d12e375488d5f11c34cafc07dda398ed680fea400cf9064ce91113b6665f416cb783832200d3dfcd488fbb382471a0e6c6ac2a7ff588b02c44698a267605746212dc4f40bc57d2f0e820ae3242da485fef1536fa5cd0ec10a5e2ebe5c504dce3fcd74e034f29b9a82b21e11986a2e921e7f1e9a7144d2c5618ac831443c3de13a75a9ef33914f5d07a4a71bbaf18d2233161742a942958277451d247ee5e24ea20bea47a417fdbdc3829389d87ee98fcb130cf7ac72756d66c9cd70b38e058ee5fb592bd66c320988bc623bc95763f7daac52d053eb3c6c04672632bc67f9bf219058b8b8413f37b12336e558bfa0cf8e6558cbec21cadf34e291d510c788bf8c2cd2e13d3d70ef7e66c57ee63ab09906097eb8987403dd1fab3f4d896697c4d9e6ba404eb2e67b70b5509019edf510d66f52c38383b44e1c178f89ca3f3730d00bc17c920b67fd4afb92fa495fb998a0d7f546c5d20fcd7534e31095b9a76c17689eeaa0735e3220078b26b26f23d14055ade11cca86ad43fc0512bbf00e0908c113fb9e15e2e24045bee053c621840a1f9a9c4d5ea07b472418c3197f5ad264974553c8342863a2eb0280094473e9512a4ace8e69fba3b11a76f329cf81acb9ae20f5e6ceff56ebe31843984563f6e689ba4a0dcc423c70cefbc128d87888e4d33cbd0d471b76e64defbfa038233673347cb71ec7161681575fcdc1d9d68d9d58beaaa3d2f2e96b4aeb6bc11eb3475d8b70e69229321817b138ca402e3f278af534cc250757fbaae3df0be00a86729a51c192449914f64fb1c33bcccbc9f726483f4a632eef1a3d9176f21bdb71fc085784cc78b6a4a3feaddc38d91060d7aa834c3dd325e4d31924f560ebce487eed150d9eb931d82dc43243f28ba785ef4a7888cdef5ac75a353eb0875ad6fe7a74ca6813542918a629d9e82540aa0c43b2ce13a562ca8eaffe51083df0bd0559c4b706eb21d6f632c2d0a95ed15713b2b6c50b7ec129047d55cf2c0f5d5761a02cd748913ab99460e1b3145c80d5269d6b8f78eddc5d294ae018e9b5b2b5fbac9ffb16e600a2c993bb03716ea48386c5425d7b20cf1b85d99815e0374baa69a1a0aa506b1c194059b339bb9ffac6ad9842b6b74653c532bad579ed0122a42619d3ddc587b862735b62d1159b73dac9a702f20a79d484d1c51a86961bfa6c9b585c7e142c6c2d0e23fcce6786baa39afd29db38c109e8a52309c42bc3728aaa66e0293ce5b1d702047e59717ec683922164a8565b519fac48e315c25cdf81b75c5e9c3c0b50a3a9e371c5c87ac79106cf863647fb1ebb2662a1bbd33185fa43ad1aa714d978729703e3e1619df6982a1cc162a1a75f7f0916394ef75ccef428540864a7284947d7477a5be2e8ff6b616a613fd3e6a71c9cd4a6a0946822a25a31bc062cc54c7dd9706ef8dc03350d885f43e44fde1a28056b7ebd847bb2186dd8f08c2c0a8acabe36f40f080907cd562250c19f37391c6f2b3dcb7d53e55dbc9321fd01c5139502a389d03a15da9b2c0aed109ad2ced4d85aa85290b6d496113ddc7fa92841eb9a531c795357f5d0fa39b01b29b8ff5f177a6ee83a28a56debf78999c2cbea3c01bcd5418f6cf2b2b1345b14f662ec08d2ade75d6452894df52c73263b9af56596fcfaa6508f28a979dea49ee79f3940bee675e7b7e356388e0f260a02bfb1c35e25107ef3ad41e5d1ee3067e5e8fe5d46b027d9414d6b3e161832ce005bd838adce497d40830353e472cd9031968311a10c862ae33cbefee6d535ca53270fbfc3c5ad8ec5d5132fe50cffd0ac8e90db2cd7c27735cdc13a664c174ad070b5105ac83c271c55d2c5cb249efc0bee348e481406201e6661686d83fa9852d9f0cd7c51df5227fe290bfa282299ebde233ddfe2bc7386edcbd647cb0603f69b749868935d1ac0353a5a5c539b58a07844c6c53368fdb19e025e729ae3008646d13fb8cab3298734ee52052eae40e015911df7d736c243b11018cc8511219baec45f64357efdf9d72d52f5f71e7d9f0f1fc72ab08290c24afcc401d55db9ca53cc4864bbb5dc6e7287f035b8ea5fcb0ca857e768e93c416637eb4cb2176d4c96bf0161c409995708d0fe607ac0882952fb858190e30cd92005bbb0420f099c823a2cf513d24ea5aacec4cd6c0b7cc672e33622658181bf4bcf56dcffb414aa250127df10b823142c65ec5628afb8f230f0be2794163383ea4afa1ad388452455350bd6c36fe8081ed1c2d3cfc3cd7ffaf68ca223f173ba4aa0833db72e4e5f385bfcad4edb9877bbfa54368bb056e110c37a03e751e295724da7334ce0c8622a4303fdb9427107b86c5881c25b8337bf62416bf696317c6c92abe5272bb006f3aa93c080a870d81d4c3d23b995acf36a839cb90c870eb3cd6e3e90d177c8a5e1fab91a472ad5e8b71bf6fdb2f08671c9b2e3c2d2a3ef0513e072e8bf52ac2ab648a914bcaa78a83419e920a8c70dcf389f92ae49226eece155c52bd3a1fb231fb791817b37339b02c97e9a55e0f6a8d6c2f9126afa8a32fce35cd4f4760e3b7836415c32e3742f0130a1440d6799fca98247d707e9f971806b7b0589f6b014cb689e8c701156b7873e2e6de764b9dca767d7185cee5225c71db898089a16f58fb9b95250b2b748cd7a85903d88daddef1388d370c5116539f661a14dd681c697211e42400f6e37673819cbd148ecb696b88c1703da61d76921d9dc7c5bae5d288ddf924b48be2fa6788cd308c1168e2a308a757df32e5ea4f394092abd8b486802ec3017264844ed28ca922b2a1741eaa7bfec8345db74ea168e91e1b276cc42096bae75fc2b24f365e6a0970032c1bbd33f814a7fed2ab94ce56e32c963bc949803c72d471c461a344abd4a51400b42e6e242030cf97e97c6cb53f70eab4a751e26b4c74768fcb9ec1815be53421ae3d01daa456e25db67ed7d535b7bb430bcabe40ce1a14102417fccf6c51120020f50e92f6f7deb76bc43ee707df1003c17d45ceaeaab94fdf38beb24a4846088d8c6db1ed3d1720218245785455133ffdf17f2988b93da3dcb254c895006c8b1b75548b259739358826252ed53176d41eca18e4f87ece37fa92bf4a99f4adba853b5300284bf0208cf2ab6440257204fea26ded850156bea59f8291fba809e9c0be306d381fabcba92955c1772f38c4184eda5792ff54c94e0439851ed64ea362f84746244a67997b79f4b0dcc4706266c4e94c029bb570b77f7709f04dfbdcd403052104f3bfbe9b458c41c3412f62106fb01296cd9f5b19a8ec47d447e7f75fd59e0f957b74c7cdc2cd5d8676b7df8628de4da54be1759f4500e251a694aedcf4e5a2e2e508d225807aaa097c1343fbaa0d16466a318ed403add44517399d7fe10e6c6e574de90e05060df9bb2c0d9bf1a220e0148017333ba6864ecde4edc8226effa8285055ba9462ad580001a931955e2b9c4af2a1a97b0d03a510df415a8c4b9eb3dd911aa9d61c4fc43b53f6a620c0780b53b07d08354baf3cddd34106272fa4e9e627aa4e0ba9977f63c4735bd292546e2f03223f3ab602d605ea923f91104a95390ccb6b5ba2014ad9bc113c40e16c0aa02d51f10437353cee3d63057f6c411b45719fcff0b009a5c8f2725cf2c606a36977fe9127feaef464b54e1c9c5e8856e474de0c8291fa530bb4bc27e690856f582dc40e1c3cd6cd89a2d39cca20e2e5941e9d0a5dabf40ef7d25de86d31687754b96a757a3c4f4f1d8cd76269ce2d5716022b0b40b8ed552fdbd0ff525c5ae0e4e70977cf9651e33ddcca4a9dcc5687c27236861b00dc4dfa00e0a876632d09bc48846da753df0e7a00229e303845236af26e75d86214d2b52490ce905aea397d1d6053588856881a43e18303e2bda52273e20f4dad9004400dd1327550b85e2789f46ca2d43e97dbeedfe8b06dc7fba7549b4864698b445cea096c588608b95361075e1a963bf5e884414c8f4119a7fad0ba549c68875aaef32c15736cf14271f4272f4282bbb1afb2c3308d6ffe265f352127e6e975de2d38cd9ce6e3e177abbdc2e24617a0c091bf17a46f3cb4cfd6e1a93e02cd099b4dec09987606237e9b14c60c71679c320ac4b650fd9e366c270344b001bbff907e8fad37227c54fae6612bc3e7888d253d272ba69d61e1c665aca4dc452d1cc8ab1d62f328eb71926938017b86fd6282d2a8dde59e294612028e7e04e8516d5b21be0bccab568ebf54e9d66213aca73c1c529481dd0cb94187561b6559668211a427dfd33524c2d22539b71da5d3fc6de93dc5f3a164f8e0be8d4498cf503c4ea985207546dbfa02ee490e0655680eac23ae3495a7f739d65a7e0aed7a5a6a7759ef2a721cf74c6d6877d8ef904ba5552df00953451856d76a2c3222d8da021f76130ea5c2e1ce1d3971645bddf9cf8bb8cf786ead31792a8477191e9447628a8cb2eb5895db3754fd38e2bd7537f9f7c8b0f18904b72168f03ad4b6cc8b0d55347d11b9170431afe425a47cbeb0a06445bc9c4995aac3497fc46dae55e1db88d9f95f123712c149f429bac1091bea966b7eaa2d141bc105b106426f178b0c5a6530913b16f690aacb7d03e84127a07ad7f920759ad8bd94b17ff5172af101c707ed41f6de27edae2890ddeb0bab49bfee6e727daf8bac95446bbfc21e8211f66ed9d64", 0xe7, 0x0, &(0x7f0000000340)="ea52942fafbfcae5ea64edc2360ad9c0f55055cbed6686a4ac3c0b46cd4e08230b6f3cac16365d0d284bb4b723e54caac6ed14a77269d304fe5530f228ea3fd767e616e88e4f71771ee0e560bcf039add6571c4c9d8c5594e2c65c22bd0e4a5eadc9b9bd533b4d03d4b0ede0f7aa9af833225a78d7f260c82a8eaf4c674e5f609935d176a1749784cad07f7adaf19053a90d5055d8b56248eddad1349732d77227f0732b6a3c606b27d47f1adce5eebd2982bad67bd8e12a7388275172033379a6c1a7702c3c6b3bd071f2b819ed94d52c7be103d159440b82f0a852042e1efc39405dd43dcafa"})
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000014c0)={&(0x7f0000001540)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, 0x0}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/5, 0x63}], 0x1, 0xfffffffffffffffe, 0x19}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x2f, &(0x7f00000000c0)=[{&(0x7f0000000080)="ff", 0x45}], 0x1, &(0x7f00000015c0)=ANY=[], 0x11f0}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

kernel console output (not intermixed with test programs):

e+0x125b/0x1f80
[  160.562874][ T5283]  ? mark_lock+0x9a/0x340
[  160.567206][ T5283]  ? aa_label_sk_perm+0x4f7/0x6e0
[  160.572318][ T5283]  ? aa_sk_perm+0xa60/0xa60
[  160.576828][ T5283]  ? __might_sleep+0xb0/0xb0
[  160.581414][ T5283]  ? __fget_files+0x28/0x4a0
[  160.585990][ T5283]  ? proc_fail_nth_read+0x210/0x210
[  160.591191][ T5283]  ? __lock_acquire+0x1f80/0x1f80
[  160.596220][ T5283]  ? aa_sk_perm+0x92d/0xa60
[  160.600732][ T5283]  ? aa_af_perm+0x350/0x350
[  160.605228][ T5283]  ? __fget_files+0x435/0x4a0
[  160.609896][ T5283]  ipv6_setsockopt+0x58/0x190
[  160.614567][ T5283]  ? sock_common_recvmsg+0x240/0x240
[  160.619856][ T5283]  __sys_setsockopt+0x57e/0xa00
[  160.624715][ T5283]  ? __ia32_sys_recv+0xb0/0xb0
[  160.629476][ T5283]  ? syscall_enter_from_user_mode+0x2e/0x230
[  160.635460][ T5283]  __x64_sys_setsockopt+0xb1/0xc0
[  160.640488][ T5283]  do_syscall_64+0x3b/0xb0
[  160.644894][ T5283]  ? clear_bhb_loop+0x45/0xa0
[  160.649562][ T5283]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  160.655445][ T5283] RIP: 0033:0x7f10c6f79e79
[  160.659847][ T5283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.679443][ T5283] RSP: 002b:00007f10c7db6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  160.687849][ T5283] RAX: ffffffffffffffda RBX: 00007f10c7115f80 RCX: 00007f10c6f79e79
[  160.695809][ T5283] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  160.703769][ T5283] RBP: 00007f10c7db6090 R08: 00000000000003a8 R09: 0000000000000000
[  160.711731][ T5283] R10: 00000000200003c0 R11: 0000000000000246 R12: 0000000000000001
[  160.719687][ T5283] R13: 0000000000000000 R14: 00007f10c7115f80 R15: 00007ffcb56c1cd8
[  160.727654][ T5283]  </TASK>
[  160.747726][ T5285] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  160.756541][ T5285] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  160.930285][ T5259] cdc_ncm 5-1:1.0: bind() failure
[  160.980809][ T5259] cdc_ncm: probe of 5-1:1.1 failed with error -71
[  161.020186][ T5259] cdc_mbim: probe of 5-1:1.1 failed with error -71
[  161.050390][ T5259] usbtest: probe of 5-1:1.1 failed with error -71
[  161.084094][ T5293] netlink: 76 bytes leftover after parsing attributes in process `syz.3.326'.
[  161.129168][ T5259] usb 5-1: USB disconnect, device number 12
[  161.302311][   T27] audit: type=1400 audit(1724673651.711:74): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=":proc/thrr/current" pid=5292 comm="syz.3.326"
[  161.532435][ T5290] loop1: detected capacity change from 0 to 32768
[  161.540362][ T5290] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.325 (5290)
[  161.557551][ T5290] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  161.572942][ T5290] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  161.584293][ T5290] BTRFS info (device loop1): using free space tree
[  161.807590][ T5324] fuse: Unknown parameter 'grou00000000000000000000'
[  161.926125][   T62] BTRFS warning (device loop1): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xa066537a level 0
[  161.996137][ T5290] BTRFS error (device loop1): failed to read chunk root
[  162.050498][ T4949] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  162.083446][ T5290] BTRFS error (device loop1): open_ctree failed
[  162.410302][ T4949] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  162.466520][ T4949] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  162.505631][ T5331] loop2: detected capacity change from 0 to 32768
[  162.549661][ T5331] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.337 (5331)
[  162.680687][ T4949] usb 1-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  162.705654][ T5331] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  162.718978][ T4949] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.727999][ T5331] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  162.737145][ T4949] usb 1-1: Product: syz
[  162.742129][ T4949] usb 1-1: Manufacturer: syz
[  162.746935][ T5331] BTRFS info (device loop2): using free space tree
[  162.754659][ T4949] usb 1-1: SerialNumber: syz
[  162.760750][ T5290] loop1: detected capacity change from 0 to 4096
[  162.774842][ T4949] usb 1-1: config 0 descriptor??
[  162.816324][ T5331] BTRFS info (device loop2): enabling ssd optimizations
[  162.876346][ T5290] loop1: detected capacity change from 0 to 256
[  162.930463][ T4162] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  163.046916][ T5290] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d)
[  163.103118][ T4949] usb 1-1: USB disconnect, device number 18
[  163.327137][ T5372] FAULT_INJECTION: forcing a failure.
[  163.327137][ T5372] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.342916][ T4162] usb 4-1: Using ep0 maxpacket: 8
[  163.349184][ T5372] CPU: 0 PID: 5372 Comm: syz.4.343 Not tainted 6.1.106-syzkaller #0
[  163.349207][ T5372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  163.349217][ T5372] Call Trace:
[  163.349224][ T5372]  <TASK>
[  163.349232][ T5372]  dump_stack_lvl+0x1e3/0x2cb
[  163.349262][ T5372]  ? nf_tcp_handle_invalid+0x642/0x642
[  163.349284][ T5372]  ? panic+0x764/0x764
[  163.349304][ T5372]  ? __lock_acquire+0x1f80/0x1f80
[  163.349334][ T5372]  should_fail_ex+0x3a6/0x4d0
[  163.349360][ T5372]  _copy_from_user+0x2b/0x170
[  163.401887][ T5372]  __sys_bpf+0x226/0x6c0
[  163.406121][ T5372]  ? __fget_files+0x435/0x4a0
[  163.410794][ T5372]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  163.416202][ T5372]  ? print_irqtrace_events+0x210/0x210
[  163.421665][ T5372]  ? print_irqtrace_events+0x210/0x210
[  163.427109][ T5372]  ? syscall_enter_from_user_mode+0x2e/0x230
[  163.433070][ T5372]  ? lockdep_hardirqs_on+0x94/0x130
[  163.438248][ T5372]  __x64_sys_bpf+0x78/0x90
[  163.442650][ T5372]  do_syscall_64+0x3b/0xb0
[  163.447048][ T5372]  ? clear_bhb_loop+0x45/0xa0
[  163.451709][ T5372]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  163.457584][ T5372] RIP: 0033:0x7f6767579e79
[  163.461989][ T5372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.481591][ T5372] RSP: 002b:00007f6768416038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  163.489988][ T5372] RAX: ffffffffffffffda RBX: 00007f6767715f80 RCX: 00007f6767579e79
[  163.497943][ T5372] RDX: 0000000000000050 RSI: 0000000020000000 RDI: 000000000000000a
[  163.505897][ T5372] RBP: 00007f6768416090 R08: 0000000000000000 R09: 0000000000000000
[  163.513854][ T5372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.521807][ T5372] R13: 0000000000000000 R14: 00007f6767715f80 R15: 00007ffc02599b98
[  163.529770][ T5372]  </TASK>
[  163.650648][ T4162] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.669441][ T4162] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.707612][ T5377] netlink: 48 bytes leftover after parsing attributes in process `syz.1.345'.
[  163.731096][ T5377] loop1: detected capacity change from 0 to 1024
[  163.754170][ T4162] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  163.793984][ T4162] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  163.839900][ T4162] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  163.868850][ T4162] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  163.879579][ T5381] fuse: Unknown parameter 'grou00000000000000000000'
[  163.898060][ T4763] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  164.050298][ T4162] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  164.073484][ T4162] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.090322][ T4162] usb 4-1: Product: syz
[  164.104717][ T4162] usb 4-1: Manufacturer: syz
[  164.109338][ T4162] usb 4-1: SerialNumber: syz
[  164.115088][ T5383] loop0: detected capacity change from 0 to 2048
[  164.166948][    C1] eth0: bad gso: type: 1, size: 1408
[  164.214662][ T5383] NILFS (loop0): corrupt root inode
[  164.468005][ T5390] netlink: 'syz.2.348': attribute type 29 has an invalid length.
[  164.577454][ T5394] FAULT_INJECTION: forcing a failure.
[  164.577454][ T5394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.594644][ T5346] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  164.656414][ T5346] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.689684][ T5394] CPU: 0 PID: 5394 Comm: syz.2.348 Not tainted 6.1.106-syzkaller #0
[  164.697694][ T5394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  164.707748][ T5394] Call Trace:
[  164.711031][ T5394]  <TASK>
[  164.713962][ T5394]  dump_stack_lvl+0x1e3/0x2cb
[  164.718652][ T5394]  ? nf_tcp_handle_invalid+0x642/0x642
[  164.724120][ T5394]  ? panic+0x764/0x764
[  164.728193][ T5394]  ? __lock_acquire+0x1f80/0x1f80
[  164.733233][ T5394]  should_fail_ex+0x3a6/0x4d0
[  164.737919][ T5394]  _copy_from_user+0x2b/0x170
[  164.742600][ T5394]  copy_msghdr_from_user+0xaa/0x670
[  164.747820][ T5394]  ? sendmsg_copy_msghdr+0x70/0x70
[  164.752959][ T5394]  __sys_recvmsg+0x24b/0x3d0
[  164.757568][ T5394]  ? ____sys_recvmsg+0x530/0x530
[  164.762534][ T5394]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  164.768537][ T5394]  ? syscall_enter_from_user_mode+0x2e/0x230
[  164.774521][ T5394]  ? lockdep_hardirqs_on+0x94/0x130
[  164.779725][ T5394]  ? syscall_enter_from_user_mode+0x2e/0x230
[  164.785710][ T5394]  do_syscall_64+0x3b/0xb0
[  164.790130][ T5394]  ? clear_bhb_loop+0x45/0xa0
[  164.794813][ T5394]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  164.800732][ T5394] RIP: 0033:0x7f10c6f79e79
[  164.805154][ T5394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.824766][ T5394] RSP: 002b:00007f10c7d74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  164.833192][ T5394] RAX: ffffffffffffffda RBX: 00007f10c7116130 RCX: 00007f10c6f79e79
[  164.841171][ T5394] RDX: 0000000000000000 RSI: 0000000020000900 RDI: 0000000000000003
[  164.849148][ T5394] RBP: 00007f10c7d74090 R08: 0000000000000000 R09: 0000000000000000
[  164.857134][ T5394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.865113][ T5394] R13: 0000000000000001 R14: 00007f10c7116130 R15: 00007ffcb56c1cd8
[  164.873107][ T5394]  </TASK>
[  164.900183][ T4162] cdc_ncm 4-1:1.0: bind() failure
[  164.908461][   T46] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.950587][ T4162] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  164.970550][ T5390] netlink: 'syz.2.348': attribute type 29 has an invalid length.
[  164.979615][ T5392] netlink: 'syz.2.348': attribute type 29 has an invalid length.
[  164.988663][ T4162] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  165.020573][ T4162] usbtest: probe of 4-1:1.1 failed with error -71
[  165.057076][ T4162] usb 4-1: USB disconnect, device number 15
[  165.178894][   T46] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.210073][ T5397] loop2: detected capacity change from 0 to 190
[  165.230384][ T5397] ntfs: (device loop2): is_boot_sector_ntfs(): Invalid boot sector checksum.
[  165.267670][ T5397] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  165.296818][ T5397] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x1, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  165.339031][ T5383] loop0: detected capacity change from 0 to 40427
[  165.344793][ T5397] ntfs: (device loop2): check_mft_mirror(): Failed to read $MFTMirr.
[  165.362153][   T46] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.372646][ T5397] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT.  Will not be able to remount read-write.  Run ntfsfix and/or chkdsk.
[  165.380825][ T5383] F2FS-fs (loop0): invalid crc value
[  165.425451][ T3647] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  165.430724][ T5383] F2FS-fs (loop0): Found nat_bits in checkpoint
[  165.449398][ T3642] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  165.475437][ T5397] ntfs: (device loop2): ntfs_attr_find(): Inode is corrupt.  Run chkdsk.
[  165.484128][ T3642] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  165.495931][ T3642] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  165.507214][ T5397] ntfs: (device loop2): ntfs_read_locked_inode(): Failed to lookup attribute list attribute.
[  165.519264][ T3642] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  165.526982][ T5397] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  165.545987][ T5397] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  165.558431][ T5397] ntfs: volume version 3.1.
[  165.569527][ T5397] syz.2.355: attempt to access beyond end of device
[  165.569527][ T5397] loop2: rw=0, sector=552, nr_sectors = 8 limit=190
[  165.630273][ T3642] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  165.668229][ T5397] syz.2.355: attempt to access beyond end of device
[  165.668229][ T5397] loop2: rw=0, sector=552, nr_sectors = 8 limit=190
[  165.692224][   T46] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.703823][ T5383] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  165.724613][ T5397] syz.2.355: attempt to access beyond end of device
[  165.724613][ T5397] loop2: rw=0, sector=552, nr_sectors = 8 limit=190
[  165.770138][ T3839] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  165.807275][ T5397] syz.2.355: attempt to access beyond end of device
[  165.807275][ T5397] loop2: rw=0, sector=552, nr_sectors = 8 limit=190
[  165.867007][ T5397] syz.2.355: attempt to access beyond end of device
[  165.867007][ T5397] loop2: rw=0, sector=552, nr_sectors = 8 limit=190
[  165.911675][ T5414] loop3: detected capacity change from 0 to 16
[  165.990545][ T5400] chnl_net:caif_netlink_parms(): no params data found
[  166.000509][ T5397] syz.2.355: attempt to access beyond end of device
[  166.000509][ T5397] loop2: rw=0, sector=552, nr_sectors = 8 limit=190
[  166.008146][ T5414] erofs: (device loop3): z_erofs_parse_cfgs: unidentified algorithms fffc, please upgrade kernel
[  166.025007][ T5397] syz.2.355: attempt to access beyond end of device
[  166.025007][ T5397] loop2: rw=0, sector=560, nr_sectors = 8 limit=190
[  166.061839][ T5397] syz.2.355: attempt to access beyond end of device
[  166.061839][ T5397] loop2: rw=0, sector=560, nr_sectors = 8 limit=190
[  166.130461][ T3839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  166.160008][ T3839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  166.410839][ T3839] usb 5-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  166.429967][ T3839] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.494293][ T5400] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.510060][ T5400] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.518459][ T5400] device bridge_slave_0 entered promiscuous mode
[  166.548121][ T5400] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.573719][ T5400] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.592809][ T5400] device bridge_slave_1 entered promiscuous mode
[  166.723330][ T5400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.789606][ T5400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.795462][ T3839] usb 5-1: Product: syz
[  166.803002][ T3839] usb 5-1: Manufacturer: syz
[  166.807607][ T3839] usb 5-1: SerialNumber: syz
[  166.813947][ T3839] usb 5-1: config 0 descriptor??
[  166.889630][ T5400] team0: Port device team_slave_0 added
[  166.911955][ T5400] team0: Port device team_slave_1 added
[  166.983025][ T5400] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.000143][ T5400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.089525][ T5400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.128619][ T5400] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.142407][ T5400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.188827][ T3839] usb 5-1: USB disconnect, device number 13
[  167.245116][ T5431] fuse: Unknown parameter 'grou00000000000000000000'
[  167.279947][ T5400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  167.479717][ T5400] device hsr_slave_0 entered promiscuous mode
[  167.501315][ T5400] device hsr_slave_1 entered promiscuous mode
[  167.529725][ T5400] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  167.577485][ T5400] Cannot create hsr debugfs directory
[  167.650380][ T3636] Bluetooth: hci0: command tx timeout
[  167.834794][ T5443] loop4: detected capacity change from 0 to 8192
[  168.079626][ T5451] loop0: detected capacity change from 0 to 2048
[  168.179401][ T5451] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  168.236954][ T5451] ext4 filesystem being mounted at /69/bus supports timestamps until 2038 (0x7fffffff)
[  168.462609][ T3635] EXT4-fs (loop0): unmounting filesystem.
[  168.487685][ T5477] loop4: detected capacity change from 0 to 2048
[  168.539838][ T5477] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[  168.570060][ T5477] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  168.581357][ T3839] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  168.590012][ T5474] netlink: 'syz.4.369': attribute type 15 has an invalid length.
[  168.727026][ T5485] fuse: Bad value for 'fd'
[  168.831166][ T3839] usb 4-1: Using ep0 maxpacket: 8
[  168.914045][   T46] device hsr_slave_0 left promiscuous mode
[  168.930982][   T46] device hsr_slave_1 left promiscuous mode
[  168.939893][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.951874][ T3839] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.973056][ T3839] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.980667][ T5497] FAULT_INJECTION: forcing a failure.
[  168.980667][ T5497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.982995][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.002576][ T5497] CPU: 1 PID: 5497 Comm: syz.4.374 Not tainted 6.1.106-syzkaller #0
[  169.011061][ T5497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  169.013463][ T3839] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  169.021103][ T5497] Call Trace:
[  169.021113][ T5497]  <TASK>
[  169.021120][ T5497]  dump_stack_lvl+0x1e3/0x2cb
[  169.021151][ T5497]  ? nf_tcp_handle_invalid+0x642/0x642
[  169.021173][ T5497]  ? panic+0x764/0x764
[  169.021191][ T5497]  ? __lock_acquire+0x1f80/0x1f80
[  169.021220][ T5497]  should_fail_ex+0x3a6/0x4d0
[  169.046425][ T3839] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  169.047192][ T5497]  _copy_from_user+0x2b/0x170
[  169.051404][ T3839] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  169.056234][ T5497]  io_submit_one+0xbf/0x18d0
[  169.061026][ T3839] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  169.070583][ T5497]  ? lookup_ioctx+0x6a0/0x6a0
[  169.070610][ T5497]  ? __might_fault+0xa1/0x110
[  169.070632][ T5497]  ? __lock_acquire+0x1f80/0x1f80
[  169.070660][ T5497]  ? __might_fault+0xa1/0x110
[  169.118062][ T5497]  ? __might_fault+0xbd/0x110
[  169.122729][ T5497]  __se_sys_io_submit+0x17b/0x2f0
[  169.127740][ T5497]  ? __x64_sys_io_submit+0x80/0x80
[  169.132840][ T5497]  ? syscall_enter_from_user_mode+0x2e/0x230
[  169.138802][ T5497]  ? lockdep_hardirqs_on+0x94/0x130
[  169.143981][ T5497]  ? syscall_enter_from_user_mode+0x2e/0x230
[  169.149951][ T5497]  do_syscall_64+0x3b/0xb0
[  169.154368][ T5497]  ? clear_bhb_loop+0x45/0xa0
[  169.159029][ T5497]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  169.164904][ T5497] RIP: 0033:0x7f6767579e79
[  169.169302][ T5497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.188891][ T5497] RSP: 002b:00007f6768416038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  169.197291][ T5497] RAX: ffffffffffffffda RBX: 00007f6767715f80 RCX: 00007f6767579e79
[  169.205247][ T5497] RDX: 00000000200002c0 RSI: 0000000000000001 RDI: 00007f67683f5000
[  169.213204][ T5497] RBP: 00007f6768416090 R08: 0000000000000000 R09: 0000000000000000
[  169.221180][ T5497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.229131][ T5497] R13: 0000000000000000 R14: 00007f6767715f80 R15: 00007ffc02599b98
[  169.230177][ T3839] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  169.237092][ T5497]  </TASK>
[  169.249989][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.257399][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.264850][ T3839] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.273044][ T3839] usb 4-1: Product: syz
[  169.277218][ T3839] usb 4-1: Manufacturer: syz
[  169.281846][ T3839] usb 4-1: SerialNumber: syz
[  169.288768][   T46] device bridge_slave_1 left promiscuous mode
[  169.295244][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.304735][   T46] device bridge_slave_0 left promiscuous mode
[  169.311085][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.342082][   T46] device veth1_macvtap left promiscuous mode
[  169.348130][   T46] device veth0_macvtap left promiscuous mode
[  169.354600][   T46] device veth1_vlan left promiscuous mode
[  169.366830][   T46] device veth0_vlan left promiscuous mode
[  169.390292][ T3960] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  169.398012][ T3711] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  169.781057][ T3960] usb 3-1: device descriptor read/64, error -71
[  169.971171][ T3711] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  170.011922][ T5467] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.098276][ T3711] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  170.120564][ T3960] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  170.197589][ T3636] Bluetooth: hci0: command tx timeout
[  170.204494][ T5467] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.273599][ T3839] cdc_ncm 4-1:1.0: bind() failure
[  170.301965][ T3839] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  170.350065][ T3839] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  170.380194][ T3839] usbtest: probe of 4-1:1.1 failed with error -71
[  170.385356][ T3960] usb 3-1: device descriptor read/64, error -71
[  170.420673][ T3839] usb 4-1: USB disconnect, device number 16
[  170.430326][ T3711] usb 1-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  170.446288][ T3711] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.457046][ T3711] usb 1-1: Product: syz
[  170.461997][ T3711] usb 1-1: Manufacturer: syz
[  170.466963][ T3711] usb 1-1: SerialNumber: syz
[  170.488216][ T5505] loop4: detected capacity change from 0 to 512
[  170.490164][ T3711] usb 1-1: config 0 descriptor??
[  170.499217][ T5505] EXT4-fs: Ignoring removed orlov option
[  170.506522][ T5505] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  170.522460][ T3960] usb usb3-port1: attempt power cycle
[  170.536349][ T5505] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.377: casefold flag without casefold feature
[  170.549356][ T5505] EXT4-fs (loop4): Remounting filesystem read-only
[  170.556272][ T5505] EXT4-fs (loop4): 1 truncate cleaned up
[  170.564324][ T5505] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  170.643313][   T46] team0 (unregistering): Port device team_slave_1 removed
[  170.685756][   T46] team0 (unregistering): Port device team_slave_0 removed
[  170.738587][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  170.798203][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  170.913345][ T3711] usb 1-1: USB disconnect, device number 19
[  171.027522][ T5511] EXT4-fs warning (device loop4): ext4_empty_dir:3145: inode #2: comm syz.4.377: directory missing '.'
[  171.516899][ T3960] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  171.562380][ T4545] EXT4-fs (loop4): unmounting filesystem.
[  171.630395][ T3960] usb 3-1: device descriptor read/8, error -71
[  171.948675][ T5533] FAULT_INJECTION: forcing a failure.
[  171.948675][ T5533] name failslab, interval 1, probability 0, space 0, times 0
[  171.962579][ T5533] CPU: 1 PID: 5533 Comm: syz.0.384 Not tainted 6.1.106-syzkaller #0
[  171.970565][ T5533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  171.980690][ T5533] Call Trace:
[  171.983951][ T5533]  <TASK>
[  171.986870][ T5533]  dump_stack_lvl+0x1e3/0x2cb
[  171.991561][ T5533]  ? nf_tcp_handle_invalid+0x642/0x642
[  171.997006][ T5533]  ? panic+0x764/0x764
[  172.001058][ T5533]  ? __might_sleep+0xb0/0xb0
[  172.005628][ T5533]  ? __lock_acquire+0x125b/0x1f80
[  172.010640][ T5533]  should_fail_ex+0x3a6/0x4d0
[  172.015303][ T5533]  should_failslab+0x5/0x20
[  172.019790][ T5533]  slab_pre_alloc_hook+0x59/0x300
[  172.024808][ T5533]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  172.030520][ T5533]  __kmem_cache_alloc_node+0x47/0x260
[  172.035897][ T5533]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  172.041600][ T5533]  __kmalloc+0xa1/0x230
[  172.045741][ T5533]  ? rcu_is_watching+0x11/0xb0
[  172.050503][ T5533]  tomoyo_realpath_from_path+0xcb/0x5d0
[  172.056062][ T5533]  tomoyo_path_number_perm+0x21f/0x7f0
[  172.061511][ T5533]  ? tomoyo_path_number_perm+0x1f2/0x7f0
[  172.067128][ T5533]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  172.072578][ T5533]  ? __fget_files+0x28/0x4a0
[  172.077161][ T5533]  ? __fget_files+0x28/0x4a0
[  172.081731][ T5533]  ? __fget_files+0x435/0x4a0
[  172.086397][ T5533]  ? __fget_files+0x28/0x4a0
[  172.090980][ T5533]  security_file_ioctl+0x6d/0xa0
[  172.095988][ T5533]  __se_sys_ioctl+0x47/0x160
[  172.100565][ T5533]  do_syscall_64+0x3b/0xb0
[  172.104966][ T5533]  ? clear_bhb_loop+0x45/0xa0
[  172.109627][ T5533]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  172.115504][ T5533] RIP: 0033:0x7f415f379e79
[  172.119900][ T5533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.139502][ T5533] RSP: 002b:00007f416006f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  172.147899][ T5533] RAX: ffffffffffffffda RBX: 00007f415f516130 RCX: 00007f415f379e79
[  172.155857][ T5533] RDX: 0000000020000400 RSI: 0000000040345410 RDI: 0000000000000009
[  172.163818][ T5533] RBP: 00007f416006f090 R08: 0000000000000000 R09: 0000000000000000
[  172.171776][ T5533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.179728][ T5533] R13: 0000000000000000 R14: 00007f415f516130 R15: 00007ffe531bc298
[  172.187688][ T5533]  </TASK>
[  172.219261][ T5533] ERROR: Out of memory at tomoyo_realpath_from_path.
[  172.296149][ T3636] Bluetooth: hci0: command tx timeout
[  172.489089][ T5541] netlink: 80 bytes leftover after parsing attributes in process `syz.0.388'.
[  172.686063][   T46] bond0 (unregistering): Released all slaves
[  172.747178][ T5529] loop2: detected capacity change from 0 to 32768
[  172.756697][ T5529] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.385 (5529)
[  172.784074][ T5529] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  172.803821][ T5529] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  172.819673][ T5529] BTRFS info (device loop2): using free space tree
[  172.860246][ T4165] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  172.947133][   T62] BTRFS warning (device loop2): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xa066537a level 0
[  173.018833][ T5529] BTRFS error (device loop2): failed to read chunk root
[  173.113131][ T4165] usb 4-1: Using ep0 maxpacket: 8
[  173.144916][ T5529] BTRFS error (device loop2): open_ctree failed
[  173.231410][ T4165] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.244880][ T5564] mmap: syz.4.389 (5564) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  173.262697][ T4165] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.294520][ T4165] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  173.298871][ T5400] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  173.338404][ T4165] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  173.358513][ T4165] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  173.377372][ T4165] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  173.452930][ T5400] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  173.485892][ T5400] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  173.533748][ T5400] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  173.550194][ T4165] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  173.568052][ T4165] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.600742][ T5572] loop0: detected capacity change from 0 to 1764
[  173.618670][ T4165] usb 4-1: Product: syz
[  173.644509][ T4165] usb 4-1: Manufacturer: syz
[  173.659896][ T4165] usb 4-1: SerialNumber: syz
[  173.818675][ T5400] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.838360][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  173.881178][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  173.913845][ T5400] 8021q: adding VLAN 0 to HW filter on device team0
[  173.939416][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  174.027176][ T5529] loop2: detected capacity change from 0 to 4096
[  174.076281][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  174.091246][ T3956] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  174.119882][ T3863] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.127034][ T3863] bridge0: port 1(bridge_slave_0) entered forwarding state
[  174.252578][ T5543] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  174.271423][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  174.304226][ T5529] loop2: detected capacity change from 0 to 256
[  174.320578][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  174.329862][ T5543] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.399973][ T3642] Bluetooth: hci0: command tx timeout
[  174.411791][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  174.422588][ T3863] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.429712][ T3863] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.432237][ T5529] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d)
[  174.460014][ T4165] cdc_ncm 4-1:1.0: bind() failure
[  174.496021][ T4165] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  174.517374][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  174.530618][ T3956] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  174.541675][ T4165] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  174.562027][ T3956] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  174.577419][ T4165] usbtest: probe of 4-1:1.1 failed with error -71
[  174.591850][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  174.607263][ T4165] usb 4-1: USB disconnect, device number 17
[  174.783235][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  174.879272][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  175.250270][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  175.258430][ T3956] usb 5-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  175.258969][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  175.276826][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  175.285305][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  175.295075][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  175.303746][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  175.365993][    C1] eth0: bad gso: type: 1, size: 1408
[  175.373819][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  175.401265][ T3956] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.429896][ T3956] usb 5-1: Product: syz
[  175.431819][ T5592] FAULT_INJECTION: forcing a failure.
[  175.431819][ T5592] name failslab, interval 1, probability 0, space 0, times 0
[  175.475574][ T3956] usb 5-1: Manufacturer: syz
[  175.480637][ T3956] usb 5-1: SerialNumber: syz
[  175.519478][ T3956] usb 5-1: config 0 descriptor??
[  175.559812][ T5592] CPU: 1 PID: 5592 Comm: syz.3.394 Not tainted 6.1.106-syzkaller #0
[  175.567826][ T5592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  175.577889][ T5592] Call Trace:
[  175.581177][ T5592]  <TASK>
[  175.584112][ T5592]  dump_stack_lvl+0x1e3/0x2cb
[  175.588801][ T5592]  ? nf_tcp_handle_invalid+0x642/0x642
[  175.594273][ T5592]  ? panic+0x764/0x764
[  175.598342][ T5592]  ? __might_sleep+0xb0/0xb0
[  175.602912][ T5592]  ? __lock_acquire+0x125b/0x1f80
[  175.607923][ T5592]  should_fail_ex+0x3a6/0x4d0
[  175.612584][ T5592]  should_failslab+0x5/0x20
[  175.617066][ T5592]  slab_pre_alloc_hook+0x59/0x300
[  175.622080][ T5592]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  175.627781][ T5592]  __kmem_cache_alloc_node+0x47/0x260
[  175.633137][ T5592]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  175.638847][ T5592]  __kmalloc+0xa1/0x230
[  175.642990][ T5592]  ? rcu_is_watching+0x11/0xb0
[  175.647734][ T5592]  tomoyo_realpath_from_path+0xcb/0x5d0
[  175.650236][ T3647] Bluetooth: hci1: command 0x0406 tx timeout
[  175.653271][ T5592]  tomoyo_path_number_perm+0x21f/0x7f0
[  175.653297][ T5592]  ? tomoyo_path_number_perm+0x1f2/0x7f0
[  175.653317][ T5592]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  175.653350][ T5592]  ? __fget_files+0x28/0x4a0
[  175.653385][ T5592]  ? __fget_files+0x28/0x4a0
[  175.653401][ T5592]  ? __fget_files+0x435/0x4a0
[  175.653420][ T5592]  ? __fget_files+0x28/0x4a0
[  175.653444][ T5592]  security_file_ioctl+0x6d/0xa0
[  175.653463][ T5592]  __se_sys_ioctl+0x47/0x160
[  175.653487][ T5592]  do_syscall_64+0x3b/0xb0
[  175.653508][ T5592]  ? clear_bhb_loop+0x45/0xa0
[  175.653531][ T5592]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  175.659504][ T3647] Bluetooth: hci2: command 0x0406 tx timeout
[  175.664912][ T5592] RIP: 0033:0x7fb177579e79
[  175.664932][ T5592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.664946][ T5592] RSP: 002b:00007fb178357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  175.664965][ T5592] RAX: ffffffffffffffda RBX: 00007fb177715f80 RCX: 00007fb177579e79
[  175.664977][ T5592] RDX: 0000000020000000 RSI: 000000000000891c RDI: 0000000000000004
[  175.664988][ T5592] RBP: 00007fb178357090 R08: 0000000000000000 R09: 0000000000000000
[  175.664998][ T5592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.665009][ T5592] R13: 0000000000000000 R14: 00007fb177715f80 R15: 00007fffdd9269b8
[  175.665034][ T5592]  </TASK>
[  175.824072][ T5592] ERROR: Out of memory at tomoyo_realpath_from_path.
[  176.064567][ T3956] usb 5-1: USB disconnect, device number 14
[  176.419399][ T5613] loop2: detected capacity change from 0 to 256
[  176.446684][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  176.463889][ T5613] exfat: Deprecated parameter 'utf8'
[  176.469484][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  176.491188][ T5613] exfat: Unknown parameter 'esrors'
[  176.503758][ T5400] 8021q: adding VLAN 0 to HW filter on device batadv0
[  176.560461][ T5613] UBIFS error (pid: 5613): cannot open "./file0", error -22
[  176.579405][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  176.621882][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  176.676382][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  176.698988][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  176.731630][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  176.779284][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  176.862813][ T5400] device veth0_vlan entered promiscuous mode
[  176.905466][ T5400] device veth1_vlan entered promiscuous mode
[  176.980175][   T26] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  176.994664][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  177.021143][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  177.069532][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  177.100421][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  177.153846][ T5400] device veth0_macvtap entered promiscuous mode
[  177.174802][ T5400] device veth1_macvtap entered promiscuous mode
[  177.220129][   T26] usb 5-1: Using ep0 maxpacket: 16
[  177.240928][ T5400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.271949][ T5400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.302344][ T5400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.333152][ T5400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.343437][   T26] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x13, skipping
[  177.364334][   T26] usb 5-1: New USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00
[  177.391166][ T5400] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.398713][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  177.410221][   T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.447316][   T26] usb 5-1: config 0 descriptor??
[  177.448455][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  177.495904][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  177.505366][ T5616] loop3: detected capacity change from 0 to 32768
[  177.525260][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  177.559600][ T5616] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.398 (5616)
[  177.581555][ T5400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.622006][ T5400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.662424][ T5616] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  177.675758][ T5400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.700096][ T5616] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  177.709097][ T5400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.719120][ T5616] BTRFS info (device loop3): using free space tree
[  177.729774][ T5621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.742278][ T5613] loop2: detected capacity change from 0 to 32768
[  177.780977][ T5621] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.790100][ T5400] batman_adv: batadv0: Interface activated: batadv_slave_1
[  177.797466][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  177.840925][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  177.893027][ T5400] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.933364][ T5613] XFS (loop2): Mounting V5 Filesystem
[  177.957561][ T5661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.975786][ T5400] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.025247][ T5400] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.034422][ T5400] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.046734][ T5661] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.069352][ T5616] BTRFS info (device loop3): enabling ssd optimizations
[  178.138563][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.202631][ T5613] XFS (loop2): Ending clean mount
[  178.209080][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.226330][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.236769][ T5613] XFS (loop2): Quotacheck needed: Please wait.
[  178.254939][ T3863] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  178.262363][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.286543][ T5633] loop0: detected capacity change from 0 to 32768
[  178.324644][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  178.332229][   T26] usb 5-1: string descriptor 0 read error: -71
[  178.342511][ T5633] jfs: Unrecognized mount option "" or missing value
[  178.374495][   T26] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  178.418702][   T26] usb 5-1: USB disconnect, device number 15
[  178.447444][ T5613] XFS (loop2): Quotacheck: Done.
[  178.504951][ T3638] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  179.082539][ T4763] XFS (loop2): Unmounting Filesystem
[  179.140136][ T3953] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  179.203220][ T5708] FAULT_INJECTION: forcing a failure.
[  179.203220][ T5708] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.230168][   T22] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  179.288620][ T5708] CPU: 1 PID: 5708 Comm: syz.4.408 Not tainted 6.1.106-syzkaller #0
[  179.296637][ T5708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  179.306702][ T5708] Call Trace:
[  179.309983][ T5708]  <TASK>
[  179.312917][ T5708]  dump_stack_lvl+0x1e3/0x2cb
[  179.317611][ T5708]  ? nf_tcp_handle_invalid+0x642/0x642
[  179.323079][ T5708]  ? panic+0x764/0x764
[  179.327161][ T5708]  ? snprintf+0xd6/0x120
[  179.331410][ T5708]  should_fail_ex+0x3a6/0x4d0
[  179.336099][ T5708]  _copy_to_user+0x2b/0x130
[  179.340615][ T5708]  simple_read_from_buffer+0xc6/0x150
[  179.346004][ T5708]  proc_fail_nth_read+0x1a3/0x210
[  179.351046][ T5708]  ? proc_fault_inject_write+0x390/0x390
[  179.356695][ T5708]  ? fsnotify_perm+0x439/0x590
[  179.361466][ T5708]  ? proc_fault_inject_write+0x390/0x390
[  179.367122][ T5708]  vfs_read+0x2ed/0xbf0
[  179.371291][ T5708]  ? __fdget_pos+0x2ba/0x360
[  179.375889][ T5708]  ? kernel_read+0x1f0/0x1f0
[  179.380504][ T5708]  ? __fget_files+0x28/0x4a0
[  179.385103][ T5708]  ? __fget_files+0x435/0x4a0
[  179.389798][ T5708]  ? __fdget_pos+0x2ba/0x360
[  179.394387][ T5708]  ? ksys_read+0x77/0x2c0
[  179.398708][ T5708]  ksys_read+0x19c/0x2c0
[  179.402935][ T5708]  ? print_irqtrace_events+0x210/0x210
[  179.408383][ T5708]  ? vfs_write+0xbc0/0xbc0
[  179.412782][ T5708]  ? syscall_enter_from_user_mode+0x2e/0x230
[  179.418747][ T5708]  ? lockdep_hardirqs_on+0x94/0x130
[  179.423928][ T5708]  ? syscall_enter_from_user_mode+0x2e/0x230
[  179.429892][ T5708]  do_syscall_64+0x3b/0xb0
[  179.434301][ T5708]  ? clear_bhb_loop+0x45/0xa0
[  179.438965][ T5708]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  179.444842][ T5708] RIP: 0033:0x7f67675788bc
[  179.449241][ T5708] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  179.468830][ T5708] RSP: 002b:00007f67683f5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  179.477228][ T5708] RAX: ffffffffffffffda RBX: 00007f6767716058 RCX: 00007f67675788bc
[  179.485183][ T5708] RDX: 000000000000000f RSI: 00007f67683f50a0 RDI: 0000000000000004
[  179.493135][ T5708] RBP: 00007f67683f5090 R08: 0000000000000000 R09: 0000000000000000
[  179.501087][ T5708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.509053][ T5708] R13: 0000000000000000 R14: 00007f6767716058 R15: 00007ffc02599b98
[  179.517028][ T5708]  </TASK>
[  179.570109][ T3953] usb 4-1: Using ep0 maxpacket: 8
[  179.590149][ T3959] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[  179.690423][ T3953] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.717772][ T3953] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.730191][   T22] usb 2-1: Using ep0 maxpacket: 8
[  179.896239][ T3953] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  179.906097][ T3953] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  179.916081][ T3953] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  179.926422][ T3953] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  179.970340][   T22] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  179.979458][   T22] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  179.990523][   T22] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  180.004773][   T22] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  180.025785][   T22] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  180.044451][ T5727] loop4: detected capacity change from 0 to 16
[  180.072146][   T22] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  180.081491][ T3959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  180.092787][ T3953] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  180.111551][ T3953] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.116639][ T5727] erofs: (device loop4): z_erofs_parse_cfgs: unidentified algorithms fffc, please upgrade kernel
[  180.120114][ T3959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  180.140075][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.148772][ T3953] usb 4-1: Product: syz
[  180.153207][ T3953] usb 4-1: Manufacturer: syz
[  180.159205][ T3953] usb 4-1: SerialNumber: syz
[  180.320132][ T3959] usb 1-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  180.334331][ T3959] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.355846][ T3959] usb 1-1: Product: syz
[  180.367244][ T3959] usb 1-1: Manufacturer: syz
[  180.378691][ T3959] usb 1-1: SerialNumber: syz
[  180.408321][ T3959] usb 1-1: config 0 descriptor??
[  180.413804][   T22] usb 2-1: GET_CAPABILITIES returned 0
[  180.420668][   T22] usbtmc 2-1:16.0: can't read capabilities
[  180.641340][ T5691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.681883][ T5691] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.706990][ T3959] usb 1-1: USB disconnect, device number 20
[  180.730205][ T5731] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.740168][ T3953] cdc_ncm 4-1:1.0: bind() failure
[  180.760101][ T3953] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  180.768705][ T5731] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.787227][ T3953] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  180.789726][ T5729] loop2: detected capacity change from 0 to 32768
[  180.800211][ T5697] usbtmc 2-1:16.0: usb_control_msg returned -32
[  180.802513][ T5259] usb 2-1: USB disconnect, device number 16
[  180.820378][ T3953] usbtest: probe of 4-1:1.1 failed with error -71
[  180.847298][ T3953] usb 4-1: USB disconnect, device number 18
[  180.901135][ T5729] XFS (loop2): Mounting V5 Filesystem
[  180.983022][ T5729] XFS (loop2): Ending clean mount
[  181.006569][ T5729] XFS (loop2): Quotacheck needed: Please wait.
[  181.025224][ T4949] XFS (loop2): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 
[  181.053057][ T4949] XFS (loop2): Unmount and run xfs_repair
[  181.069727][ T4949] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  181.094558][ T4949] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  181.114933][ T4949] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  181.141479][ T4949] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  181.176455][ T4949] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  181.194141][ T4949] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  181.213294][ T4949] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  181.229940][ T4949] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  181.268561][ T4949] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  181.305401][ T3863] XFS (loop2): metadata I/O error in "xfs_alloc_read_agfl+0x250/0x430" at daddr 0x3 len 1 error 74
[  181.346127][ T5729] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  181.473506][ T3959] XFS (loop2): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 
[  181.499517][ T3959] XFS (loop2): Unmount and run xfs_repair
[  181.505380][ T3959] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  181.541116][ T3959] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  181.574333][ T3959] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  181.594850][ T3959] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  181.614178][ T3959] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  181.624480][ T3959] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  181.638044][ T3959] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  181.640092][ T4949] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  181.654917][ T3839] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  181.665660][ T3959] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  181.709824][ T3959] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  181.760280][ T5729] XFS (loop2): metadata I/O error in "xfs_alloc_read_agfl+0x250/0x430" at daddr 0x3 len 1 error 74
[  181.846903][ T5729] XFS (loop2): page discard on page ffffea0001c1c900, inode 0x244b, pos 0.
[  182.040145][ T3953] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  182.250033][ T3953] usb 2-1: device descriptor read/64, error -71
[  182.385159][ T5729] netlink: 8 bytes leftover after parsing attributes in process `syz.2.412'.
[  182.433688][ T4165] XFS (loop2): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 
[  182.447019][ T3839] usb 1-1: device descriptor read/64, error -71
[  182.453974][ T4165] XFS (loop2): Unmount and run xfs_repair
[  182.459712][ T4165] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  182.467651][ T4165] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  182.476732][ T4165] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  182.485819][ T4165] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  182.495196][ T4165] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  182.504268][ T4165] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  182.514147][ T4165] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  182.527452][ T4165] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  182.530012][ T3953] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  182.537807][ T4165] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  182.553419][ T3863] XFS (loop2): metadata I/O error in "xfs_alloc_read_agfl+0x250/0x430" at daddr 0x3 len 1 error 74
[  182.568394][ T3863] XFS (loop2): page discard on page ffffea0001c1c900, inode 0x244b, pos 0.
[  182.588061][ T4763] XFS (loop2): Unmounting Filesystem
[  182.669483][ T5757] loop4: detected capacity change from 0 to 2048
[  182.735037][ T4949] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  182.746009][ T3839] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  182.759122][ T4949] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.760124][ T3953] usb 2-1: device descriptor read/64, error -71
[  182.780142][ T4949] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.791511][ T5757] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  182.799965][ T4949] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  182.826659][ T5757] ext4 filesystem being mounted at /47/bus supports timestamps until 2038 (0x7fffffff)
[  182.900215][ T4949] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  182.905256][ T3953] usb usb2-port1: attempt power cycle
[  182.914571][ T4949] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  182.924208][ T4949] usb 4-1: Manufacturer: syz
[  182.933191][ T5757] EXT4-fs error (device loop4): ext4_find_dest_de:2113: inode #2: block 16: comm syz.4.419: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[  182.956446][ T4949] usb 4-1: config 0 descriptor??
[  182.961487][ T3839] usb 1-1: device descriptor read/64, error -71
[  182.983963][   T27] kauditd_printk_skb: 24 callbacks suppressed
[  182.983976][   T27] audit: type=1800 audit(1724673673.471:75): pid=5757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.419" name="file1" dev="loop4" ino=15 res=0 errno=0
[  183.119996][ T3839] usb usb1-port1: attempt power cycle
[  183.360134][ T3953] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  183.452444][ T3953] usb 2-1: device descriptor read/8, error -71
[  183.587509][ T4545] EXT4-fs (loop4): unmounting filesystem.
[  183.612080][ T4949] appleir 0003:05AC:8243.0006: unknown main item tag 0x0
[  183.619711][ T4949] appleir 0003:05AC:8243.0006: No inputs registered, leaving
[  183.658549][ T4949] appleir 0003:05AC:8243.0006: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  183.671947][ T5767] loop2: detected capacity change from 0 to 256
[  183.686956][ T5767] FAT-fs (loop2): Unrecognized mount option "nnonumtail=1" or missing value
[  183.695839][ T3839] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  183.724830][ T3953] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  183.830392][ T3953] usb 2-1: device descriptor read/8, error -71
[  183.919829][ T3839] usb 1-1: device descriptor read/8, error -71
[  183.942392][ T5259] usb 4-1: USB disconnect, device number 19
[  183.950787][ T3953] usb usb2-port1: unable to enumerate USB device
[  184.210020][ T3839] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  184.217741][ T3712] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  184.260182][ T4949] usb 3-1: new low-speed USB device number 14 using dummy_hcd
[  184.310133][ T3839] usb 1-1: device descriptor read/8, error -71
[  184.440580][ T3839] usb usb1-port1: unable to enumerate USB device
[  184.463266][ T4949] usb 3-1: device descriptor read/64, error -71
[  184.482730][ T3712] usb 5-1: Using ep0 maxpacket: 8
[  184.545240][ T5777] loop3: detected capacity change from 0 to 2048
[  184.551944][ T5779] FAULT_INJECTION: forcing a failure.
[  184.551944][ T5779] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.569244][ T5779] CPU: 0 PID: 5779 Comm: syz.1.426 Not tainted 6.1.106-syzkaller #0
[  184.577246][ T5779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  184.583199][ T5777] NILFS (loop3): corrupt root inode
[  184.587289][ T5779] Call Trace:
[  184.587299][ T5779]  <TASK>
[  184.598658][ T5779]  dump_stack_lvl+0x1e3/0x2cb
[  184.603333][ T5779]  ? nf_tcp_handle_invalid+0x642/0x642
[  184.608807][ T5779]  ? panic+0x764/0x764
[  184.612866][ T5779]  ? snprintf+0xd6/0x120
[  184.617097][ T5779]  should_fail_ex+0x3a6/0x4d0
[  184.621767][ T5779]  _copy_to_user+0x2b/0x130
[  184.626270][ T5779]  simple_read_from_buffer+0xc6/0x150
[  184.631644][ T5779]  proc_fail_nth_read+0x1a3/0x210
[  184.636662][ T5779]  ? proc_fault_inject_write+0x390/0x390
[  184.642288][ T5779]  ? fsnotify_perm+0x439/0x590
[  184.647038][ T5779]  ? proc_fault_inject_write+0x390/0x390
[  184.652664][ T5779]  vfs_read+0x2ed/0xbf0
[  184.656812][ T5779]  ? kernel_read+0x1f0/0x1f0
[  184.661385][ T5779]  ? do_sys_openat2+0x1f9/0x4f0
[  184.666234][ T5779]  ? do_sys_open+0x220/0x220
[  184.670826][ T5779]  ? __fdget_pos+0x2c1/0x360
[  184.675405][ T5779]  ksys_read+0x19c/0x2c0
[  184.679635][ T5779]  ? print_irqtrace_events+0x210/0x210
[  184.685085][ T5779]  ? vfs_write+0xbc0/0xbc0
[  184.689490][ T5779]  ? syscall_enter_from_user_mode+0x2e/0x230
[  184.695473][ T5779]  ? lockdep_hardirqs_on+0x94/0x130
[  184.700672][ T5779]  ? syscall_enter_from_user_mode+0x2e/0x230
[  184.706648][ T5779]  do_syscall_64+0x3b/0xb0
[  184.711059][ T5779]  ? clear_bhb_loop+0x45/0xa0
[  184.715723][ T5779]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  184.721606][ T5779] RIP: 0033:0x7f96005788bc
[  184.726015][ T5779] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  184.745607][ T5779] RSP: 002b:00007f96012db030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  184.754022][ T5779] RAX: ffffffffffffffda RBX: 00007f9600715f80 RCX: 00007f96005788bc
[  184.761983][ T5779] RDX: 000000000000000f RSI: 00007f96012db0a0 RDI: 0000000000000004
[  184.769939][ T5779] RBP: 00007f96012db090 R08: 0000000000000000 R09: 0000000000000000
[  184.777895][ T5779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.785858][ T5779] R13: 0000000000000000 R14: 00007f9600715f80 R15: 00007ffd08328be8
[  184.793827][ T5779]  </TASK>
[  184.850120][ T3712] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.874852][ T3712] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.892596][ T3712] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  184.906310][ T3712] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  184.926681][ T3712] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  184.952576][ T3712] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  184.965825][ T4949] usb 3-1: new low-speed USB device number 15 using dummy_hcd
[  185.023740][ T3839] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[  185.165106][ T3712] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  185.178791][ T5783] loop1: detected capacity change from 0 to 16
[  185.189997][ T4949] usb 3-1: device descriptor read/64, error -71
[  185.200347][ T3712] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.208347][ T3712] usb 5-1: Product: syz
[  185.213138][ T5783] erofs: (device loop1): z_erofs_parse_cfgs: unidentified algorithms fffc, please upgrade kernel
[  185.235566][ T3712] usb 5-1: Manufacturer: syz
[  185.249960][ T3712] usb 5-1: SerialNumber: syz
[  185.325767][ T4949] usb usb3-port1: attempt power cycle
[  185.422021][ T5777] loop3: detected capacity change from 0 to 40427
[  185.445579][ T3839] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  185.467121][ T5777] F2FS-fs (loop3): invalid crc value
[  185.480931][ T3839] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  185.503736][ T5777] F2FS-fs (loop3): Found nat_bits in checkpoint
[  185.574448][ T5777] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  185.660208][ T3839] usb 1-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  185.669292][ T3839] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.700231][ T3839] usb 1-1: Product: syz
[  185.704419][ T3839] usb 1-1: Manufacturer: syz
[  185.709059][ T3839] usb 1-1: SerialNumber: syz
[  185.711471][ T5773] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.720704][ T3839] usb 1-1: config 0 descriptor??
[  185.740995][ T5773] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.775394][ T4949] usb 3-1: new low-speed USB device number 16 using dummy_hcd
[  185.815384][ T3712] cdc_ncm 5-1:1.0: bind() failure
[  185.840152][ T3712] cdc_ncm: probe of 5-1:1.1 failed with error -71
[  185.860036][ T3712] cdc_mbim: probe of 5-1:1.1 failed with error -71
[  185.870144][ T4949] usb 3-1: device descriptor read/8, error -71
[  185.880034][ T3712] usbtest: probe of 5-1:1.1 failed with error -71
[  185.901314][ T3712] usb 5-1: USB disconnect, device number 16
[  186.046674][ T3839] usb 1-1: USB disconnect, device number 25
[  186.139966][ T4949] usb 3-1: new low-speed USB device number 17 using dummy_hcd
[  186.241289][ T4949] usb 3-1: device descriptor read/8, error -71
[  186.275654][ T5789] FAULT_INJECTION: forcing a failure.
[  186.275654][ T5789] name failslab, interval 1, probability 0, space 0, times 0
[  186.289720][ T5789] CPU: 1 PID: 5789 Comm: syz.1.428 Not tainted 6.1.106-syzkaller #0
[  186.297722][ T5789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  186.307780][ T5789] Call Trace:
[  186.311061][ T5789]  <TASK>
[  186.313996][ T5789]  dump_stack_lvl+0x1e3/0x2cb
[  186.318690][ T5789]  ? nf_tcp_handle_invalid+0x642/0x642
[  186.324156][ T5789]  ? panic+0x764/0x764
[  186.328230][ T5789]  ? __might_sleep+0xb0/0xb0
[  186.332820][ T5789]  ? strncpy_from_kernel_nofault+0xf6/0x1c0
[  186.338722][ T5789]  should_fail_ex+0x3a6/0x4d0
[  186.343425][ T5789]  should_failslab+0x5/0x20
[  186.347932][ T5789]  slab_pre_alloc_hook+0x59/0x300
[  186.352967][ T5789]  ? bpf_trace_run2+0x110/0x410
[  186.357830][ T5789]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  186.363555][ T5789]  __kmem_cache_alloc_node+0x47/0x260
[  186.368937][ T5789]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  186.374662][ T5789]  __kmalloc+0xa1/0x230
[  186.378826][ T5789]  ? rcu_is_watching+0x11/0xb0
[  186.383603][ T5789]  tomoyo_realpath_from_path+0xcb/0x5d0
[  186.389168][ T5789]  tomoyo_path_number_perm+0x21f/0x7f0
[  186.394634][ T5789]  ? tomoyo_path_number_perm+0x1f2/0x7f0
[  186.400258][ T5789]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  186.405713][ T5789]  ? __fget_files+0x28/0x4a0
[  186.410302][ T5789]  ? __fget_files+0x28/0x4a0
[  186.414875][ T5789]  ? __fget_files+0x435/0x4a0
[  186.419533][ T5789]  ? __fget_files+0x28/0x4a0
[  186.424110][ T5789]  security_file_ioctl+0x6d/0xa0
[  186.429035][ T5789]  __se_sys_ioctl+0x47/0x160
[  186.433614][ T5789]  do_syscall_64+0x3b/0xb0
[  186.438021][ T5789]  ? clear_bhb_loop+0x45/0xa0
[  186.442686][ T5789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  186.448565][ T5789] RIP: 0033:0x7f9600579e79
[  186.452963][ T5789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.472551][ T5789] RSP: 002b:00007f96012db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  186.480948][ T5789] RAX: ffffffffffffffda RBX: 00007f9600715f80 RCX: 00007f9600579e79
[  186.488902][ T5789] RDX: 0000000020000080 RSI: 0000000000008933 RDI: 0000000000000005
[  186.496857][ T5789] RBP: 00007f96012db090 R08: 0000000000000000 R09: 0000000000000000
[  186.504812][ T5789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.512765][ T5789] R13: 0000000000000000 R14: 00007f9600715f80 R15: 00007ffd08328be8
[  186.520731][ T5789]  </TASK>
[  186.526012][ T4949] usb usb3-port1: unable to enumerate USB device
[  186.533017][ T5789] ERROR: Out of memory at tomoyo_realpath_from_path.
[  186.547245][ T5784] f2fs_ckpt-7:3: attempt to access beyond end of device
[  186.547245][ T5784] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  187.849618][ T5804] loop1: detected capacity change from 0 to 1764
[  187.889723][ T5806] loop2: detected capacity change from 0 to 4096
[  187.919223][ T5806] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  187.931271][ T5806] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  187.946211][ T5806] ntfs: (device loop2): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  187.957923][ T5806] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  187.970980][ T5806] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  187.983249][ T5806] ntfs: volume version 3.1.
[  187.989328][ T5806] ntfs: (device loop2): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  188.001255][ T5806] ntfs: (device loop2): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  188.020813][ T5806] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  188.031944][ T5806] ntfs: (device loop2): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  188.043559][ T5806] ntfs: (device loop2): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  188.060448][ T5806] ntfs: (device loop2): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute name is placed after the attribute value.
[  188.073012][ T5806] ntfs: (device loop2): ntfs_read_locked_index_inode(): Failed with error code -5 while reading index inode (mft_no 0x18, name_len 2.
[  188.086795][ T5806] ntfs: (device loop2): load_and_init_quota(): Failed to load $Quota/$Q index.
[  188.096104][ T5806] ntfs: (device loop2): load_system_files(): Failed to load $Quota.  Will not be able to remount read-write.  Run chkdsk.
[  188.111358][ T5808] loop1: detected capacity change from 0 to 512
[  188.124152][ T5806] ntfs: (device loop2): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set cp850.  You might want to try to use the mount option nls=utf8.
[  188.142387][ T5806] ntfs: (device loop2): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  188.190478][ T5808] EXT4-fs error (device loop1): __ext4_fill_super:5399: inode #2: comm syz.1.434: casefold flag without casefold feature
[  188.231437][ T5808] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  188.238025][ T5808] EXT4-fs (loop1): mount failed
[  188.250843][ T5814] loop3: detected capacity change from 0 to 64
[  188.270862][ T5793] loop4: detected capacity change from 0 to 32768
[  188.290715][ T5814] FAULT_INJECTION: forcing a failure.
[  188.290715][ T5814] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.315391][ T5814] CPU: 1 PID: 5814 Comm: syz.3.437 Not tainted 6.1.106-syzkaller #0
[  188.323383][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  188.333416][ T5814] Call Trace:
[  188.336671][ T5814]  <TASK>
[  188.339587][ T5814]  dump_stack_lvl+0x1e3/0x2cb
[  188.344251][ T5814]  ? nf_tcp_handle_invalid+0x642/0x642
[  188.349699][ T5814]  ? panic+0x764/0x764
[  188.353750][ T5814]  ? snprintf+0xd6/0x120
[  188.357969][ T5814]  should_fail_ex+0x3a6/0x4d0
[  188.362629][ T5814]  _copy_to_user+0x2b/0x130
[  188.367106][ T5814]  simple_read_from_buffer+0xc6/0x150
[  188.372457][ T5814]  proc_fail_nth_read+0x1a3/0x210
[  188.377460][ T5814]  ? proc_fault_inject_write+0x390/0x390
[  188.383071][ T5814]  ? fsnotify_perm+0x439/0x590
[  188.387808][ T5814]  ? proc_fault_inject_write+0x390/0x390
[  188.393416][ T5814]  vfs_read+0x2ed/0xbf0
[  188.397547][ T5814]  ? __fdget_pos+0x2ba/0x360
[  188.402114][ T5814]  ? kernel_read+0x1f0/0x1f0
[  188.406701][ T5814]  ? __fget_files+0x28/0x4a0
[  188.411267][ T5814]  ? __fget_files+0x435/0x4a0
[  188.415920][ T5814]  ? __fdget_pos+0x2ba/0x360
[  188.420485][ T5814]  ? ksys_read+0x77/0x2c0
[  188.424791][ T5814]  ksys_read+0x19c/0x2c0
[  188.429005][ T5814]  ? print_irqtrace_events+0x210/0x210
[  188.434443][ T5814]  ? vfs_write+0xbc0/0xbc0
[  188.438835][ T5814]  ? syscall_enter_from_user_mode+0x2e/0x230
[  188.444791][ T5814]  ? lockdep_hardirqs_on+0x94/0x130
[  188.449966][ T5814]  ? syscall_enter_from_user_mode+0x2e/0x230
[  188.455924][ T5814]  do_syscall_64+0x3b/0xb0
[  188.460319][ T5814]  ? clear_bhb_loop+0x45/0xa0
[  188.464974][ T5814]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  188.470842][ T5814] RIP: 0033:0x7fb1775788bc
[  188.475233][ T5814] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  188.494814][ T5814] RSP: 002b:00007fb178357030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  188.503204][ T5814] RAX: ffffffffffffffda RBX: 00007fb177715f80 RCX: 00007fb1775788bc
[  188.511152][ T5814] RDX: 000000000000000f RSI: 00007fb1783570a0 RDI: 0000000000000005
[  188.519098][ T5814] RBP: 00007fb178357090 R08: 0000000000000000 R09: 0000000000000000
[  188.527044][ T5814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.534992][ T5814] R13: 0000000000000000 R14: 00007fb177715f80 R15: 00007fffdd9269b8
[  188.542963][ T5814]  </TASK>
[  188.616797][ T5793] XFS (loop4): Mounting V5 Filesystem
[  188.752440][ T5822] loop0: detected capacity change from 0 to 512
[  188.760787][ T5822] EXT4-fs: Ignoring removed orlov option
[  188.769285][ T5822] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  188.858969][ T5793] XFS (loop4): Ending clean mount
[  188.869309][ T5793] XFS (loop4): Quotacheck needed: Please wait.
[  188.897844][ T3856] XFS (loop4): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 
[  188.917261][ T5822] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.438: casefold flag without casefold feature
[  188.949770][ T5822] EXT4-fs (loop0): Remounting filesystem read-only
[  188.964521][ T5822] EXT4-fs (loop0): 1 truncate cleaned up
[  188.975110][ T3856] XFS (loop4): Unmount and run xfs_repair
[  188.980692][ T5822] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  188.992807][ T3856] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  189.033274][ T3856] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  189.055479][ T3856] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  189.067761][ T3856] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  189.079800][ T3856] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  189.089234][ T3856] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  189.100119][ T4949] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  189.119732][ T3856] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  189.138840][ T3856] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  189.148065][ T3856] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  189.165978][ T3856] XFS (loop4): metadata I/O error in "xfs_alloc_read_agfl+0x250/0x430" at daddr 0x3 len 1 error 74
[  189.194327][ T5793] XFS (loop4): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  189.327336][ T3712] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  189.742871][ T5793] XFS (loop4): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 
[  189.756281][ T3635] EXT4-fs (loop0): unmounting filesystem.
[  189.769990][ T4949] usb 3-1: Using ep0 maxpacket: 8
[  189.810269][ T5793] XFS (loop4): Unmount and run xfs_repair
[  189.820265][ T5793] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  189.830025][ T5793] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  189.838891][ T5793] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  189.844563][ T5835] FAULT_INJECTION: forcing a failure.
[  189.844563][ T5835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.866541][ T5835] CPU: 1 PID: 5835 Comm: syz.0.441 Not tainted 6.1.106-syzkaller #0
[  189.870389][ T5793] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  189.874521][ T5835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  189.883386][ T5793] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  189.893371][ T5835] Call Trace:
[  189.893381][ T5835]  <TASK>
[  189.893389][ T5835]  dump_stack_lvl+0x1e3/0x2cb
[  189.893419][ T5835]  ? nf_tcp_handle_invalid+0x642/0x642
[  189.893439][ T5835]  ? panic+0x764/0x764
[  189.893458][ T5835]  ? __lock_acquire+0x1f80/0x1f80
[  189.893487][ T5835]  should_fail_ex+0x3a6/0x4d0
[  189.893511][ T5835]  _copy_from_user+0x2b/0x170
[  189.893530][ T5835]  copy_msghdr_from_user+0xaa/0x670
[  189.893554][ T5835]  ? _parse_integer_limit+0x1ad/0x1f0
[  189.893576][ T5835]  ? sendmsg_copy_msghdr+0x70/0x70
[  189.893614][ T5835]  __sys_sendmmsg+0x36d/0x730
[  189.893644][ T5835]  ? __ia32_sys_sendmsg+0x90/0x90
[  189.893701][ T5835]  ? ksys_write+0x23a/0x2c0
[  189.893717][ T5835]  ? proc_fail_nth_read+0x210/0x210
[  189.893739][ T5835]  ? __lock_acquire+0x1f80/0x1f80
[  189.893768][ T5835]  ? vfs_write+0x6cf/0xbc0
[  189.893791][ T5835]  ? __mutex_unlock_slowpath+0x218/0x750
[  189.893813][ T5835]  ? file_end_write+0x250/0x250
[  189.893851][ T5835]  ? print_irqtrace_events+0x210/0x210
[  189.893877][ T5835]  ? syscall_enter_from_user_mode+0x2e/0x230
[  189.903061][ T5793] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  189.905964][ T5835]  __x64_sys_sendmmsg+0x9c/0xb0
[  189.908874][ T5793] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  189.913519][ T5835]  do_syscall_64+0x3b/0xb0
[  189.913541][ T5835]  ? clear_bhb_loop+0x45/0xa0
[  189.918972][ T5793] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  189.923010][ T5835]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  189.923032][ T5835] RIP: 0033:0x7f415f379e79
[  189.923048][ T5835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.923062][ T5835] RSP: 002b:00007f41600b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  189.923081][ T5835] RAX: ffffffffffffffda RBX: 00007f415f515f80 RCX: 00007f415f379e79
[  189.923092][ T5835] RDX: 0000000000000001 RSI: 0000000020000b00 RDI: 0000000000000004
[  189.923102][ T5835] RBP: 00007f41600b1090 R08: 0000000000000000 R09: 0000000000000000
[  189.923113][ T5835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.923124][ T5835] R13: 0000000000000000 R14: 00007f415f515f80 R15: 00007ffe531bc298
[  189.923148][ T5835]  </TASK>
[  190.178296][ T5793] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  190.188765][ T5793] XFS (loop4): metadata I/O error in "xfs_alloc_read_agfl+0x250/0x430" at daddr 0x3 len 1 error 74
[  190.192692][ T4949] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.205908][ T5793] XFS (loop4): page discard on page ffffea0001549800, inode 0x244b, pos 0.
[  190.216731][ T4949] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.239303][ T4949] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  190.249512][ T3712] usb 2-1: Using ep0 maxpacket: 8
[  190.255697][ T4949] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  190.265546][ T4949] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  190.280960][ T4949] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  190.325117][ T5793] netlink: 8 bytes leftover after parsing attributes in process `syz.4.429'.
[  190.435717][ T3953] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[  190.450723][ T5259] XFS (loop4): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 
[  190.464605][ T5259] XFS (loop4): Unmount and run xfs_repair
[  190.470396][ T5259] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  190.477766][ T5259] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  190.480084][ T3712] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  190.628998][ T3712] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  190.639024][ T3712] usb 2-1: config 1 has no interface number 1
[  191.290108][ T4949] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  191.305601][ T4949] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.321117][ T5259] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  191.323300][ T4949] usb 3-1: Product: syz
[  191.356411][ T4949] usb 3-1: Manufacturer: syz
[  191.366419][ T4949] usb 3-1: SerialNumber: syz
[  191.403355][ T5259] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  191.417903][ T5259] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  191.427388][ T5259] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  191.436538][ T5259] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  191.440009][ T3712] usb 2-1: string descriptor 0 read error: -71
[  191.445466][ T5259] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  191.456809][ T3712] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  191.471235][ T3712] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.473196][ T5259] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  191.490776][ T3790] XFS (loop4): metadata I/O error in "xfs_alloc_read_agfl+0x250/0x430" at daddr 0x3 len 1 error 74
[  191.523439][ T3790] XFS (loop4): page discard on page ffffea0001549800, inode 0x244b, pos 0.
[  191.542154][ T3712] usb 2-1: can't set config #1, error -71
[  191.548430][ T4545] XFS (loop4): Unmounting Filesystem
[  191.565207][ T3712] usb 2-1: USB disconnect, device number 21
[  191.580359][ T3953] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  191.613319][ T3953] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  191.776882][ T5858] FAULT_INJECTION: forcing a failure.
[  191.776882][ T5858] name failslab, interval 1, probability 0, space 0, times 0
[  191.818290][ T5858] CPU: 1 PID: 5858 Comm: syz.1.449 Not tainted 6.1.106-syzkaller #0
[  191.826315][ T5858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  191.836380][ T5858] Call Trace:
[  191.839664][ T5858]  <TASK>
[  191.842600][ T5858]  dump_stack_lvl+0x1e3/0x2cb
[  191.847298][ T5858]  ? nf_tcp_handle_invalid+0x642/0x642
[  191.852772][ T5858]  ? panic+0x764/0x764
[  191.856854][ T5858]  ? __might_sleep+0xb0/0xb0
[  191.861095][ T5828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  191.861445][ T5858]  should_fail_ex+0x3a6/0x4d0
[  191.874430][ T5858]  should_failslab+0x5/0x20
[  191.878943][ T5858]  slab_pre_alloc_hook+0x59/0x300
[  191.883979][ T5858]  ? is_bpf_text_address+0x22/0x2a0
[  191.889193][ T5858]  kmem_cache_alloc_node+0x52/0x310
[  191.894405][ T5858]  ? __alloc_skb+0xde/0x670
[  191.898916][ T5858]  __alloc_skb+0xde/0x670
[  191.903237][ T5858]  alloc_skb_with_frags+0xa4/0x740
[  191.908333][ T5858]  ? aa_label_sk_perm+0x4f7/0x6e0
[  191.913353][ T5858]  sock_alloc_send_pskb+0x915/0xa50
[  191.918547][ T5858]  ? sock_kzfree_s+0x50/0x50
[  191.923128][ T5858]  ? __lock_acquire+0x1f80/0x1f80
[  191.928161][ T5858]  ? aa_sk_perm+0x92d/0xa60
[  191.932647][ T5858]  hci_sock_sendmsg+0x223/0x1170
[  191.937573][ T5858]  ? aa_file_perm+0x12c/0xf60
[  191.942235][ T5858]  ? hci_sock_getsockopt+0x650/0x650
[  191.947501][ T5858]  ? aa_sock_msg_perm+0x91/0x150
[  191.952428][ T5858]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  191.957712][ T5858]  ? security_socket_sendmsg+0x7d/0xa0
[  191.963156][ T5858]  ? hci_sock_getsockopt+0x650/0x650
[  191.968427][ T5858]  sock_write_iter+0x394/0x4e0
[  191.973182][ T5858]  ? sock_read_iter+0x4b0/0x4b0
[  191.978032][ T5858]  ? common_file_perm+0x17d/0x1d0
[  191.983040][ T5858]  vfs_write+0x857/0xbc0
[  191.987277][ T5858]  ? file_end_write+0x250/0x250
[  191.992124][ T5858]  ? __fget_files+0x28/0x4a0
[  191.996691][ T5858]  ? __fget_files+0x435/0x4a0
[  192.001349][ T5858]  ? __fdget_pos+0x1db/0x360
[  192.005917][ T5858]  ? ksys_write+0x77/0x2c0
[  192.010313][ T5858]  ksys_write+0x19c/0x2c0
[  192.014621][ T5858]  ? print_irqtrace_events+0x210/0x210
[  192.020071][ T5858]  ? __ia32_sys_read+0x80/0x80
[  192.024835][ T5858]  ? syscall_enter_from_user_mode+0x2e/0x230
[  192.030811][ T5858]  ? lockdep_hardirqs_on+0x94/0x130
[  192.035996][ T5858]  ? syscall_enter_from_user_mode+0x2e/0x230
[  192.041975][ T5858]  do_syscall_64+0x3b/0xb0
[  192.046375][ T5858]  ? clear_bhb_loop+0x45/0xa0
[  192.051034][ T5858]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  192.056917][ T5858] RIP: 0033:0x7f9600579e79
[  192.061327][ T5858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.080929][ T5858] RSP: 002b:00007f96012ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  192.089323][ T5858] RAX: ffffffffffffffda RBX: 00007f9600716058 RCX: 00007f9600579e79
[  192.097295][ T5858] RDX: 0000000000000007 RSI: 0000000020000080 RDI: 000000000000000a
[  192.105254][ T5858] RBP: 00007f96012ba090 R08: 0000000000000000 R09: 0000000000000000
[  192.113216][ T5858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.121178][ T5858] R13: 0000000000000000 R14: 00007f9600716058 R15: 00007ffd08328be8
[  192.129152][ T5858]  </TASK>
[  192.136176][ T5828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.170137][ T3953] usb 1-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  192.188523][ T3953] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.215405][ T3953] usb 1-1: Product: syz
[  192.232344][ T3953] usb 1-1: Manufacturer: syz
[  192.250519][ T4949] cdc_ncm 3-1:1.0: bind() failure
[  192.253282][ T3953] usb 1-1: SerialNumber: syz
[  192.289011][ T3953] usb 1-1: config 0 descriptor??
[  192.290022][ T4949] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  192.389650][ T4949] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  192.450275][ T4949] usbtest: probe of 3-1:1.1 failed with error -71
[  192.502905][ T4949] usb 3-1: USB disconnect, device number 18
[  192.592739][ T5868] loop1: detected capacity change from 0 to 128
[  192.645502][ T5868] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  192.784515][ T3953] usb 1-1: USB disconnect, device number 26
[  192.834336][ T5868] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038 (0x7fffffff)
[  193.527338][ T5879] FAULT_INJECTION: forcing a failure.
[  193.527338][ T5879] name failslab, interval 1, probability 0, space 0, times 0
[  193.552845][ T5400] EXT4-fs (loop1): unmounting filesystem.
[  193.566707][ T5879] CPU: 1 PID: 5879 Comm: syz.2.453 Not tainted 6.1.106-syzkaller #0
[  193.574701][ T5879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  193.584741][ T5879] Call Trace:
[  193.588002][ T5879]  <TASK>
[  193.590918][ T5879]  dump_stack_lvl+0x1e3/0x2cb
[  193.595588][ T5879]  ? nf_tcp_handle_invalid+0x642/0x642
[  193.601037][ T5879]  ? panic+0x764/0x764
[  193.605090][ T5879]  ? __might_sleep+0xb0/0xb0
[  193.609660][ T5879]  ? __lock_acquire+0x125b/0x1f80
[  193.614675][ T5879]  should_fail_ex+0x3a6/0x4d0
[  193.619346][ T5879]  should_failslab+0x5/0x20
[  193.623833][ T5879]  slab_pre_alloc_hook+0x59/0x300
[  193.628848][ T5879]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  193.634553][ T5879]  __kmem_cache_alloc_node+0x47/0x260
[  193.639917][ T5879]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  193.645620][ T5879]  __kmalloc+0xa1/0x230
[  193.649759][ T5879]  ? rcu_is_watching+0x11/0xb0
[  193.654508][ T5879]  tomoyo_realpath_from_path+0xcb/0x5d0
[  193.660046][ T5879]  tomoyo_path_number_perm+0x21f/0x7f0
[  193.665488][ T5879]  ? proc_fail_nth_read+0x210/0x210
[  193.670673][ T5879]  ? tomoyo_path_number_perm+0x1f2/0x7f0
[  193.676293][ T5879]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  193.681739][ T5879]  ? file_end_write+0x15b/0x250
[  193.686575][ T5879]  ? vfs_write+0x6cf/0xbc0
[  193.690980][ T5879]  ? file_end_write+0x250/0x250
[  193.695810][ T5879]  ? do_sys_openat2+0x1f9/0x4f0
[  193.700659][ T5879]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  193.706629][ T5879]  ? print_irqtrace_events+0x210/0x210
[  193.712117][ T5879]  ? print_irqtrace_events+0x210/0x210
[  193.717586][ T5879]  security_file_ioctl+0x6d/0xa0
[  193.722520][ T5879]  __se_sys_ioctl+0x47/0x160
[  193.727223][ T5879]  do_syscall_64+0x3b/0xb0
[  193.731632][ T5879]  ? clear_bhb_loop+0x45/0xa0
[  193.736302][ T5879]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  193.742186][ T5879] RIP: 0033:0x7f10c6f79e79
[  193.746590][ T5879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.766183][ T5879] RSP: 002b:00007f10c7db6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  193.774582][ T5879] RAX: ffffffffffffffda RBX: 00007f10c7115f80 RCX: 00007f10c6f79e79
[  193.782536][ T5879] RDX: 0000000020000000 RSI: 000000004040ae79 RDI: 0000000000000004
[  193.790491][ T5879] RBP: 00007f10c7db6090 R08: 0000000000000000 R09: 0000000000000000
[  193.798444][ T5879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.806397][ T5879] R13: 0000000000000000 R14: 00007f10c7115f80 R15: 00007ffcb56c1cd8
[  193.814363][ T5879]  </TASK>
[  193.870040][ T5879] ERROR: Out of memory at tomoyo_realpath_from_path.
[  194.025450][ T5891] Bluetooth: MGMT ver 1.22
[  194.111075][ T1259] ieee802154 phy0 wpan0: encryption failed: -22
[  194.123993][ T1259] ieee802154 phy1 wpan1: encryption failed: -22
[  194.310188][ T4949] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  194.600046][ T4949] usb 2-1: Using ep0 maxpacket: 8
[  194.740219][ T4949] usb 2-1: New USB device found, idVendor=0681, idProduct=0010, bcdDevice=ab.e9
[  194.759483][ T4949] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.806050][ T4949] usb 2-1: config 0 descriptor??
[  194.891801][ T5894] loop4: detected capacity change from 0 to 1764
[  195.001622][ T3758] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  195.047040][ T5894] loop4: detected capacity change from 0 to 512
[  195.530682][ T5894] EXT4-fs error (device loop4): __ext4_fill_super:5399: inode #2: comm syz.4.460: casefold flag without casefold feature
[  195.581098][ T5894] EXT4-fs (loop4): corrupt root inode, run e2fsck
[  195.600034][ T5894] EXT4-fs (loop4): mount failed
[  196.096655][ T5888] loop0: detected capacity change from 0 to 32768
[  196.150047][ T4949] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  196.320141][   T22] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  196.419973][ T4949] usb 5-1: Using ep0 maxpacket: 8
[  196.425333][ T5888] XFS (loop0): Mounting V5 Filesystem
[  196.540282][ T4949] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  196.559287][ T4949] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  196.570137][   T22] usb 4-1: Using ep0 maxpacket: 8
[  196.576061][ T5888] XFS (loop0): Ending clean mount
[  196.593713][ T4949] usb 5-1: config 1 has no interface number 1
[  196.646083][ T5888] XFS (loop0): Quotacheck needed: Please wait.
[  196.690157][   T22] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.712558][   T22] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.724908][   T22] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  196.737577][   T22] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  196.759133][   T22] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  196.770429][ T4949] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  196.780922][ T4949] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.791167][ T4949] usb 5-1: Product: syz
[  196.797592][ T4949] usb 5-1: Manufacturer: syz
[  196.803126][ T4949] usb 5-1: SerialNumber: syz
[  196.818880][   T22] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  196.941506][ T5259] usb 2-1: USB disconnect, device number 22
[  196.969821][ T5888] XFS (loop0): Quotacheck: Done.
[  197.010631][   T22] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  197.019692][   T22] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.045978][   T22] usb 4-1: Product: syz
[  197.050392][   T22] usb 4-1: Manufacturer: syz
[  197.066215][   T22] usb 4-1: SerialNumber: syz
[  197.154660][ T3635] XFS (loop0): Unmounting Filesystem
[  197.218797][ T5929] FAULT_INJECTION: forcing a failure.
[  197.218797][ T5929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.232387][ T4949] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor
[  197.248087][ T5929] CPU: 0 PID: 5929 Comm: syz.2.466 Not tainted 6.1.106-syzkaller #0
[  197.256073][ T5929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  197.266112][ T5929] Call Trace:
[  197.269371][ T5929]  <TASK>
[  197.272284][ T5929]  dump_stack_lvl+0x1e3/0x2cb
[  197.276947][ T5929]  ? nf_tcp_handle_invalid+0x642/0x642
[  197.282390][ T5929]  ? panic+0x764/0x764
[  197.286439][ T5929]  ? __lock_acquire+0x1f80/0x1f80
[  197.291469][ T5929]  should_fail_ex+0x3a6/0x4d0
[  197.296131][ T5929]  _copy_from_user+0x2b/0x170
[  197.300806][ T5929]  copy_msghdr_from_user+0xaa/0x670
[  197.305992][ T5929]  ? sendmsg_copy_msghdr+0x70/0x70
[  197.311111][ T5929]  __sys_sendmsg+0x236/0x390
[  197.315712][ T5929]  ? ____sys_sendmsg+0x8f0/0x8f0
[  197.320644][ T5929]  ? vfs_write+0x6cf/0xbc0
[  197.325073][ T5929]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  197.331055][ T5929]  ? syscall_enter_from_user_mode+0x2e/0x230
[  197.337021][ T5929]  ? lockdep_hardirqs_on+0x94/0x130
[  197.342208][ T5929]  ? syscall_enter_from_user_mode+0x2e/0x230
[  197.348173][ T5929]  do_syscall_64+0x3b/0xb0
[  197.352575][ T5929]  ? clear_bhb_loop+0x45/0xa0
[  197.357237][ T5929]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  197.363117][ T5929] RIP: 0033:0x7f10c6f79e79
[  197.367515][ T5929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.387106][ T5929] RSP: 002b:00007f10c7d74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  197.395505][ T5929] RAX: ffffffffffffffda RBX: 00007f10c7116130 RCX: 00007f10c6f79e79
[  197.403459][ T5929] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000006
[  197.411415][ T5929] RBP: 00007f10c7d74090 R08: 0000000000000000 R09: 0000000000000000
[  197.419370][ T5929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.427323][ T5929] R13: 0000000000000000 R14: 00007f10c7116130 R15: 00007ffcb56c1cd8
[  197.435296][ T5929]  </TASK>
[  197.445624][ T4949] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[  197.453421][ T4949] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  197.459483][ T4949] usb 5-1: 2:1 : invalid channels 0
[  197.573073][ T4949] usb 5-1: USB disconnect, device number 17
[  197.624641][ T5259] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  197.661013][ T5910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.693023][ T5910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.760860][   T22] cdc_ncm 4-1:1.0: bind() failure
[  197.793339][   T22] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  197.841915][   T22] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  197.870426][   T22] usbtest: probe of 4-1:1.1 failed with error -71
[  197.916401][   T22] usb 4-1: USB disconnect, device number 20
[  197.992875][ T5259] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  198.016624][ T5259] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  198.550425][ T5259] usb 2-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  198.618637][ T5259] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.703856][ T5259] usb 2-1: Product: syz
[  198.777249][ T5259] usb 2-1: Manufacturer: syz
[  198.871969][ T5259] usb 2-1: SerialNumber: syz
[  198.967089][ T4949] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  198.990777][ T5259] usb 2-1: config 0 descriptor??
[  199.135013][ T5956] loop3: detected capacity change from 0 to 4096
[  199.161611][ T5956] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[  199.180464][ T4949] usb 3-1: device descriptor read/64, error -71
[  199.187410][ T5960] FAULT_INJECTION: forcing a failure.
[  199.187410][ T5960] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.200762][ T5960] CPU: 1 PID: 5960 Comm: syz.0.477 Not tainted 6.1.106-syzkaller #0
[  199.208749][ T5960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  199.218791][ T5960] Call Trace:
[  199.222055][ T5960]  <TASK>
[  199.224969][ T5960]  dump_stack_lvl+0x1e3/0x2cb
[  199.229639][ T5960]  ? nf_tcp_handle_invalid+0x642/0x642
[  199.235085][ T5960]  ? panic+0x764/0x764
[  199.239139][ T5960]  ? __lock_acquire+0x1f80/0x1f80
[  199.244158][ T5960]  should_fail_ex+0x3a6/0x4d0
[  199.248822][ T5960]  _copy_from_user+0x2b/0x170
[  199.253483][ T5960]  copy_msghdr_from_user+0xaa/0x670
[  199.258676][ T5960]  ? sendmsg_copy_msghdr+0x70/0x70
[  199.263784][ T5960]  __sys_sendmsg+0x236/0x390
[  199.268362][ T5960]  ? ____sys_sendmsg+0x8f0/0x8f0
[  199.273283][ T5960]  ? vfs_write+0x6cf/0xbc0
[  199.277704][ T5960]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  199.283678][ T5960]  ? syscall_enter_from_user_mode+0x2e/0x230
[  199.289641][ T5960]  ? lockdep_hardirqs_on+0x94/0x130
[  199.294821][ T5960]  ? syscall_enter_from_user_mode+0x2e/0x230
[  199.300790][ T5960]  do_syscall_64+0x3b/0xb0
[  199.305191][ T5960]  ? clear_bhb_loop+0x45/0xa0
[  199.309857][ T5960]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  199.315740][ T5960] RIP: 0033:0x7f415f379e79
[  199.320141][ T5960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.339729][ T5960] RSP: 002b:00007f41600b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  199.348127][ T5960] RAX: ffffffffffffffda RBX: 00007f415f515f80 RCX: 00007f415f379e79
[  199.356082][ T5960] RDX: 0000000000040004 RSI: 0000000020000080 RDI: 0000000000000003
[  199.364034][ T5960] RBP: 00007f41600b1090 R08: 0000000000000000 R09: 0000000000000000
[  199.371990][ T5960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.379941][ T5960] R13: 0000000000000000 R14: 00007f415f515f80 R15: 00007ffe531bc298
[  199.387905][ T5960]  </TASK>
[  199.433365][ T5259] usb 2-1: USB disconnect, device number 23
[  199.550696][ T4949] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  199.651218][ T5965] kvm: emulating exchange as write
[  199.920048][ T4949] usb 3-1: device descriptor read/64, error -71
[  200.043358][ T4949] usb usb3-port1: attempt power cycle
[  200.550086][ T4949] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  200.660083][ T4949] usb 3-1: device descriptor read/8, error -71
[  200.788343][ T5979] loop3: detected capacity change from 0 to 1764
[  200.852414][ T3758] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  200.896903][ T5979] loop3: detected capacity change from 0 to 512
[  200.949971][ T4949] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  200.990239][ T5979] EXT4-fs error (device loop3): __ext4_fill_super:5399: inode #2: comm syz.3.481: casefold flag without casefold feature
[  201.010611][ T5979] EXT4-fs (loop3): corrupt root inode, run e2fsck
[  201.023113][ T3712] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[  201.045654][ T5979] EXT4-fs (loop3): mount failed
[  201.070926][ T4949] usb 3-1: device descriptor read/8, error -71
[  201.260185][ T4949] usb usb3-port1: unable to enumerate USB device
[  201.450200][ T3712] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  201.510072][ T3953] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  201.527334][ T3712] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  201.572688][ T5259] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  201.780361][ T3712] usb 2-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  201.784831][ T3953] usb 5-1: Using ep0 maxpacket: 8
[  201.799934][ T3712] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.808093][ T3712] usb 2-1: Product: syz
[  201.812512][ T3712] usb 2-1: Manufacturer: syz
[  201.817092][ T3712] usb 2-1: SerialNumber: syz
[  201.820075][ T5259] usb 4-1: Using ep0 maxpacket: 8
[  201.832783][ T3712] usb 2-1: config 0 descriptor??
[  201.913434][ T3953] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.927184][ T3953] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.941125][ T3953] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  201.951262][ T3953] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  201.961504][ T5259] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  201.973368][ T3953] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  201.983264][ T5259] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  201.992585][ T3953] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  202.002610][ T5259] usb 4-1: config 1 has no interface number 1
[  202.012290][ T4949] usb 1-1: new full-speed USB device number 27 using dummy_hcd
[  202.123159][ T3712] usb 2-1: USB disconnect, device number 24
[  202.160321][ T5259] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  202.169594][ T3953] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  202.184913][ T5259] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.193276][ T3953] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.210149][ T5259] usb 4-1: Product: syz
[  202.214391][ T3953] usb 5-1: Product: syz
[  202.218718][ T5259] usb 4-1: Manufacturer: syz
[  202.229152][ T3953] usb 5-1: Manufacturer: syz
[  202.233975][ T5259] usb 4-1: SerialNumber: syz
[  202.238702][ T3953] usb 5-1: SerialNumber: syz
[  202.410290][ T4949] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  202.421470][ T4949] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  202.570298][ T5259] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor
[  202.578221][ T5259] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[  202.586484][ T5259] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  202.592849][ T5259] usb 4-1: 2:1 : invalid channels 0
[  202.610179][ T4949] usb 1-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  202.624382][ T4949] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.633314][ T4949] usb 1-1: Product: syz
[  202.635815][ T5259] usb 4-1: USB disconnect, device number 21
[  202.640708][ T4949] usb 1-1: Manufacturer: syz
[  202.667371][ T4949] usb 1-1: SerialNumber: syz
[  202.701280][ T4949] usb 1-1: config 0 descriptor??
[  202.712460][ T5986] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  202.811973][ T5986] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  202.860384][ T3953] cdc_ncm 5-1:1.0: bind() failure
[  202.890992][ T3953] cdc_ncm: probe of 5-1:1.1 failed with error -71
[  202.951337][ T6000] FAULT_INJECTION: forcing a failure.
[  202.951337][ T6000] name failslab, interval 1, probability 0, space 0, times 0
[  202.964368][ T6000] CPU: 1 PID: 6000 Comm: syz.1.488 Not tainted 6.1.106-syzkaller #0
[  202.972352][ T6000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  202.982408][ T6000] Call Trace:
[  202.985686][ T6000]  <TASK>
[  202.988616][ T6000]  dump_stack_lvl+0x1e3/0x2cb
[  202.993310][ T6000]  ? nf_tcp_handle_invalid+0x642/0x642
[  202.998789][ T6000]  ? panic+0x764/0x764
[  203.002864][ T6000]  ? __might_sleep+0xb0/0xb0
[  203.007466][ T6000]  should_fail_ex+0x3a6/0x4d0
[  203.012154][ T6000]  should_failslab+0x5/0x20
[  203.016659][ T6000]  slab_pre_alloc_hook+0x59/0x300
[  203.021699][ T6000]  ? newseg+0x25d/0xc10
[  203.025861][ T6000]  __kmem_cache_alloc_node+0x47/0x260
[  203.031246][ T6000]  ? newseg+0x25d/0xc10
[  203.035407][ T6000]  kmalloc_trace+0x26/0xe0
[  203.039834][ T6000]  newseg+0x25d/0xc10
[  203.043823][ T6000]  ? __lock_acquire+0x1f80/0x1f80
[  203.048856][ T6000]  ? ksys_shmget+0x1a0/0x1a0
[  203.053450][ T6000]  ? vfs_write+0x6cf/0xbc0
[  203.057873][ T6000]  ipcget+0x1d8/0xd00
[  203.061860][ T6000]  ? file_end_write+0x250/0x250
[  203.066715][ T6000]  ? __fget_files+0x435/0x4a0
[  203.071397][ T6000]  ? ipc_obtain_object_check+0x1a0/0x1a0
[  203.077041][ T6000]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  203.083030][ T6000]  __x64_sys_shmget+0x185/0x200
[  203.087890][ T6000]  ? shm_more_checks+0x80/0x80
[  203.092656][ T6000]  ? syscall_enter_from_user_mode+0x2e/0x230
[  203.098642][ T6000]  ? lockdep_hardirqs_on+0x94/0x130
[  203.103845][ T6000]  ? syscall_enter_from_user_mode+0x2e/0x230
[  203.109830][ T6000]  do_syscall_64+0x3b/0xb0
[  203.114248][ T6000]  ? clear_bhb_loop+0x45/0xa0
[  203.118933][ T6000]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  203.124832][ T6000] RIP: 0033:0x7f9600579e79
[  203.129248][ T6000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.148853][ T6000] RSP: 002b:00007f9601299038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[  203.157271][ T6000] RAX: ffffffffffffffda RBX: 00007f9600716130 RCX: 00007f9600579e79
[  203.165251][ T6000] RDX: 0000000078000840 RSI: 0000000000002000 RDI: 0000000000000000
[  203.173221][ T6000] RBP: 00007f9601299090 R08: 0000000000000000 R09: 0000000000000000
[  203.181194][ T6000] R10: 0000000020ffb000 R11: 0000000000000246 R12: 0000000000000001
[  203.189165][ T6000] R13: 0000000000000000 R14: 00007f9600716130 R15: 00007ffd08328be8
[  203.197150][ T6000]  </TASK>
[  203.230215][ T3712] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  203.743589][ T3953] cdc_mbim: probe of 5-1:1.1 failed with error -71
[  203.745561][ T3712] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  203.770043][ T3953] usbtest: probe of 5-1:1.1 failed with error -71
[  203.786879][ T3712] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  203.805393][ T3953] usb 5-1: USB disconnect, device number 18
[  203.847684][ T4949] usb 1-1: USB disconnect, device number 27
[  203.970110][ T3712] usb 3-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  203.987333][ T3712] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.010587][ T3712] usb 3-1: Product: syz
[  204.014771][ T3712] usb 3-1: Manufacturer: syz
[  204.019759][ T3712] usb 3-1: SerialNumber: syz
[  204.048348][ T3712] usb 3-1: config 0 descriptor??
[  204.089692][ T4162] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  204.384139][ T6013] FAULT_INJECTION: forcing a failure.
[  204.384139][ T6013] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.397316][ T6013] CPU: 1 PID: 6013 Comm: syz.3.493 Not tainted 6.1.106-syzkaller #0
[  204.405299][ T6013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  204.415353][ T6013] Call Trace:
[  204.418633][ T6013]  <TASK>
[  204.421561][ T6013]  dump_stack_lvl+0x1e3/0x2cb
[  204.426251][ T6013]  ? nf_tcp_handle_invalid+0x642/0x642
[  204.431716][ T6013]  ? panic+0x764/0x764
[  204.435786][ T6013]  ? __lock_acquire+0x1f80/0x1f80
[  204.440818][ T6013]  ? shmctl_stat+0x36/0x5e0
[  204.445327][ T6013]  should_fail_ex+0x3a6/0x4d0
[  204.450009][ T6013]  _copy_to_user+0x2b/0x130
[  204.454513][ T6013]  __se_sys_shmctl+0x29e/0x5f0
[  204.459281][ T6013]  ? __x64_sys_shmctl+0x80/0x80
[  204.464134][ T6013]  ? rcu_is_watching+0x11/0xb0
[  204.468913][ T6013]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  204.474903][ T6013]  ? print_irqtrace_events+0x210/0x210
[  204.480627][ T6013]  ? print_irqtrace_events+0x210/0x210
[  204.486092][ T6013]  ? syscall_enter_from_user_mode+0x2e/0x230
[  204.492071][ T6013]  ? lockdep_hardirqs_on+0x94/0x130
[  204.497273][ T6013]  ? syscall_enter_from_user_mode+0x2e/0x230
[  204.503255][ T6013]  do_syscall_64+0x3b/0xb0
[  204.507676][ T6013]  ? clear_bhb_loop+0x45/0xa0
[  204.512357][ T6013]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  204.518252][ T6013] RIP: 0033:0x7fb177579e79
[  204.522665][ T6013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.542278][ T6013] RSP: 002b:00007fb178315038 EFLAGS: 00000246 ORIG_RAX: 000000000000001f
[  204.550702][ T6013] RAX: ffffffffffffffda RBX: 00007fb177716130 RCX: 00007fb177579e79
[  204.558678][ T6013] RDX: 0000000020000080 RSI: 000000000000000f RDI: 0000000000000000
[  204.566666][ T6013] RBP: 00007fb178315090 R08: 0000000000000000 R09: 0000000000000000
[  204.574646][ T6013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.582628][ T6013] R13: 0000000000000000 R14: 00007fb177716130 R15: 00007fffdd9269b8
[  204.590624][ T6013]  </TASK>
[  204.713037][ T3712] usb 3-1: USB disconnect, device number 23
[  205.094846][ T4162] usb 2-1: config 0 has an invalid interface number: 185 but max is 0
[  205.103599][ T4162] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  205.113735][ T4162] usb 2-1: config 0 has no interface number 0
[  205.119836][ T4162] usb 2-1: config 0 interface 185 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  205.150411][ T6022] FAULT_INJECTION: forcing a failure.
[  205.150411][ T6022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.164300][ T4162] usb 2-1: config 0 interface 185 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 16
[  205.201608][ T6022] CPU: 0 PID: 6022 Comm: syz.3.498 Not tainted 6.1.106-syzkaller #0
[  205.209616][ T6022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  205.219670][ T6022] Call Trace:
[  205.222939][ T6022]  <TASK>
[  205.225856][ T6022]  dump_stack_lvl+0x1e3/0x2cb
[  205.230527][ T6022]  ? nf_tcp_handle_invalid+0x642/0x642
[  205.235975][ T6022]  ? panic+0x764/0x764
[  205.240031][ T6022]  ? __lock_acquire+0x1f80/0x1f80
[  205.245049][ T6022]  should_fail_ex+0x3a6/0x4d0
[  205.249715][ T6022]  _copy_from_user+0x2b/0x170
[  205.254381][ T6022]  __sys_bpf+0x226/0x6c0
[  205.258614][ T6022]  ? __fget_files+0x435/0x4a0
[  205.263279][ T6022]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  205.268649][ T6022]  ? print_irqtrace_events+0x210/0x210
[  205.274095][ T6022]  ? print_irqtrace_events+0x210/0x210
[  205.279548][ T6022]  ? syscall_enter_from_user_mode+0x2e/0x230
[  205.285510][ T6022]  ? lockdep_hardirqs_on+0x94/0x130
[  205.290696][ T6022]  __x64_sys_bpf+0x78/0x90
[  205.295099][ T6022]  do_syscall_64+0x3b/0xb0
[  205.299503][ T6022]  ? clear_bhb_loop+0x45/0xa0
[  205.304167][ T6022]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  205.310049][ T6022] RIP: 0033:0x7fb177579e79
[  205.314448][ T6022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.334035][ T6022] RSP: 002b:00007fb178357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  205.342431][ T6022] RAX: ffffffffffffffda RBX: 00007fb177715f80 RCX: 00007fb177579e79
[  205.350386][ T6022] RDX: 0000000000000048 RSI: 00000000200009c0 RDI: 0000000000000000
[  205.358341][ T6022] RBP: 00007fb178357090 R08: 0000000000000000 R09: 0000000000000000
[  205.366295][ T6022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.374255][ T6022] R13: 0000000000000000 R14: 00007fb177715f80 R15: 00007fffdd9269b8
[  205.382221][ T6022]  </TASK>
[  205.535047][ T4162] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=d2.82
[  205.556028][ T4162] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.576897][ T4162] usb 2-1: Product: syz
[  205.585179][ T4162] usb 2-1: Manufacturer: syz
[  205.589797][ T4162] usb 2-1: SerialNumber: syz
[  205.608356][ T4162] usb 2-1: config 0 descriptor??
[  205.615092][ T6030] FAULT_INJECTION: forcing a failure.
[  205.615092][ T6030] name failslab, interval 1, probability 0, space 0, times 0
[  205.627922][ T6030] CPU: 1 PID: 6030 Comm: syz.3.501 Not tainted 6.1.106-syzkaller #0
[  205.635917][ T6030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  205.645980][ T6030] Call Trace:
[  205.649271][ T6030]  <TASK>
[  205.652207][ T6030]  dump_stack_lvl+0x1e3/0x2cb
[  205.656908][ T6030]  ? nf_tcp_handle_invalid+0x642/0x642
[  205.662386][ T6030]  ? panic+0x764/0x764
[  205.666471][ T6030]  ? __might_sleep+0xb0/0xb0
[  205.671077][ T6030]  should_fail_ex+0x3a6/0x4d0
[  205.675771][ T6030]  should_failslab+0x5/0x20
[  205.680380][ T6030]  slab_pre_alloc_hook+0x59/0x300
[  205.685421][ T6030]  kmem_cache_alloc_node+0x52/0x310
[  205.690627][ T6030]  ? dup_task_struct+0x57/0x6d0
[  205.695498][ T6030]  dup_task_struct+0x57/0x6d0
[  205.700195][ T6030]  ? _raw_spin_unlock_irq+0x1f/0x40
[  205.705458][ T6030]  ? lockdep_hardirqs_on+0x94/0x130
[  205.710672][ T6030]  copy_process+0x637/0x4060
[  205.715276][ T6030]  ? get_pid_task+0x1f/0x1e0
[  205.719890][ T6030]  ? idle_dummy+0x10/0x10
[  205.724232][ T6030]  ? ksys_write+0x23a/0x2c0
[  205.728747][ T6030]  ? proc_fail_nth_read+0x210/0x210
[  205.733955][ T6030]  ? __lock_acquire+0x1f80/0x1f80
[  205.738977][ T6030]  kernel_clone+0x222/0x920
[  205.743480][ T6030]  ? vfs_write+0x6cf/0xbc0
[  205.747889][ T6030]  ? create_io_thread+0x180/0x180
[  205.752908][ T6030]  ? mutex_unlock+0x10/0x10
[  205.757412][ T6030]  __x64_sys_clone+0x231/0x280
[  205.762178][ T6030]  ? __do_sys_vfork+0x110/0x110
[  205.767016][ T6030]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  205.773001][ T6030]  ? syscall_enter_from_user_mode+0x2e/0x230
[  205.778972][ T6030]  ? lockdep_hardirqs_on+0x94/0x130
[  205.784161][ T6030]  ? syscall_enter_from_user_mode+0x2e/0x230
[  205.790132][ T6030]  do_syscall_64+0x3b/0xb0
[  205.794540][ T6030]  ? clear_bhb_loop+0x45/0xa0
[  205.799209][ T6030]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  205.805090][ T6030] RIP: 0033:0x7fb177579e79
[  205.809490][ T6030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.829078][ T6030] RSP: 002b:00007fb178356fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  205.837493][ T6030] RAX: ffffffffffffffda RBX: 00007fb177715f80 RCX: 00007fb177579e79
[  205.845458][ T6030] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  205.853415][ T6030] RBP: 00007fb178357090 R08: 0000000000000000 R09: 0000000000000000
[  205.861380][ T6030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.869338][ T6030] R13: 0000000000000000 R14: 00007fb177715f80 R15: 00007fffdd9269b8
[  205.877310][ T6030]  </TASK>
[  205.881301][ T4162] cdc_ether 2-1:0.185: skipping garbage
[  205.887442][ T3712] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  205.902164][ T4162] usb 2-1: bad CDC descriptors
[  205.907340][ T4162] usb 2-1: unsupported MDLM descriptors
[  206.090613][ T6002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.130863][ T6002] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.200329][ T5259] usb 2-1: USB disconnect, device number 25
[  206.290333][ T3712] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  206.316073][ T3712] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  206.392502][ T3953] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  206.520271][ T3712] usb 3-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  206.529345][ T3712] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.550021][ T3712] usb 3-1: Product: syz
[  206.554215][ T3712] usb 3-1: Manufacturer: syz
[  206.558811][ T3712] usb 3-1: SerialNumber: syz
[  206.584100][ T3712] usb 3-1: config 0 descriptor??
[  206.642524][ T3953] usb 1-1: Using ep0 maxpacket: 8
[  206.670036][ T5259] usb 2-1: new full-speed USB device number 26 using dummy_hcd
[  206.760303][ T3953] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.780003][ T3953] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.790872][ T3953] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  206.801288][ T3953] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  206.811570][ T3953] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  206.822793][ T3953] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  206.843431][ T6051] loop3: detected capacity change from 0 to 32768
[  206.870555][ T6051] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 scanned by syz.3.508 (6051)
[  206.876327][ T3712] usb 3-1: USB disconnect, device number 24
[  206.928784][ T6051] BTRFS info (device loop3): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  206.950355][ T6051] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  206.970176][ T6051] BTRFS info (device loop3): using free space tree
[  206.990292][ T3953] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  207.005956][ T3953] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.020346][ T3953] usb 1-1: Product: syz
[  207.030078][ T3953] usb 1-1: Manufacturer: syz
[  207.040420][ T5259] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10
[  207.060082][ T3953] usb 1-1: SerialNumber: syz
[  207.065215][ T5259] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  207.137529][ T6051] BTRFS info (device loop3): enabling ssd optimizations
[  207.359637][ T5259] usb 2-1: New USB device found, idVendor=19d2, idProduct=ffd0, bcdDevice=e0.c1
[  207.374520][ T5259] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.382826][ T5259] usb 2-1: Product: syz
[  207.387002][ T5259] usb 2-1: Manufacturer: syz
[  207.393969][ T5259] usb 2-1: SerialNumber: syz
[  207.401302][ T5259] usb 2-1: config 0 descriptor??
[  207.414316][ T6051] qnx4: no qnx4 filesystem (no root dir).
[  207.566654][ T3638] BTRFS info (device loop3): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  207.590259][ T6036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.597767][ T6079] FAULT_INJECTION: forcing a failure.
[  207.597767][ T6079] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.605932][ T6077] loop2: detected capacity change from 0 to 1024
[  207.612340][ T6079] CPU: 1 PID: 6079 Comm: syz.4.512 Not tainted 6.1.106-syzkaller #0
[  207.626054][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  207.636114][ T6079] Call Trace:
[  207.639398][ T6079]  <TASK>
[  207.642336][ T6079]  dump_stack_lvl+0x1e3/0x2cb
[  207.647031][ T6079]  ? nf_tcp_handle_invalid+0x642/0x642
[  207.652499][ T6079]  ? panic+0x764/0x764
[  207.656558][ T6079]  ? __mutex_unlock_slowpath+0x218/0x750
[  207.662192][ T6079]  should_fail_ex+0x3a6/0x4d0
[  207.666890][ T6079]  strncpy_from_user+0x32/0x360
[  207.671730][ T6079]  __se_sys_request_key+0x9f/0x3b0
[  207.676839][ T6079]  ? print_irqtrace_events+0x210/0x210
[  207.682291][ T6079]  ? __x64_sys_request_key+0xa0/0xa0
[  207.687563][ T6079]  ? syscall_enter_from_user_mode+0x2e/0x230
[  207.693527][ T6079]  ? lockdep_hardirqs_on+0x94/0x130
[  207.698715][ T6079]  ? syscall_enter_from_user_mode+0x2e/0x230
[  207.704684][ T6079]  do_syscall_64+0x3b/0xb0
[  207.709091][ T6079]  ? clear_bhb_loop+0x45/0xa0
[  207.713760][ T6079]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  207.719642][ T6079] RIP: 0033:0x7f6767579e79
[  207.724044][ T6079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.743651][ T6079] RSP: 002b:00007f6768416038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  207.752058][ T6079] RAX: ffffffffffffffda RBX: 00007f6767715f80 RCX: 00007f6767579e79
[  207.760022][ T6079] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000020000340
[  207.767984][ T6079] RBP: 00007f6768416090 R08: 0000000000000000 R09: 0000000000000000
[  207.775945][ T6079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.783906][ T6079] R13: 0000000000000000 R14: 00007f6767715f80 R15: 00007ffc02599b98
[  207.791880][ T6079]  </TASK>
[  207.799488][ T6036] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.817826][ T6077] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  208.092669][ T3953] cdc_ncm 1-1:1.0: bind() failure
[  208.100820][ T5259] usb 2-1: USB disconnect, device number 26
[  208.120765][ T3953] cdc_ncm: probe of 1-1:1.1 failed with error -71
[  208.160331][ T3953] cdc_mbim: probe of 1-1:1.1 failed with error -71
[  208.220337][ T3953] usbtest: probe of 1-1:1.1 failed with error -71
[  208.410109][ T3953] usb 1-1: USB disconnect, device number 28
[  208.475540][ T6082] loop3: detected capacity change from 0 to 2048
[  208.544369][ T6082] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  208.683213][ T6088] loop0: detected capacity change from 0 to 512
[  208.761152][ T6088] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  208.801287][ T6088] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038 (0x7fffffff)
[  208.849034][ T6097] loop4: detected capacity change from 0 to 512
[  208.891013][ T5259] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  208.961906][ T6097] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  208.978380][ T6097] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038 (0x7fffffff)
[  209.041062][ T3953] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[  209.143889][ T5259] usb 4-1: Using ep0 maxpacket: 16
[  209.757326][ T4545] EXT4-fs (loop4): unmounting filesystem.
[  209.775519][ T5259] usb 4-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  209.790060][ T5259] usb 4-1: config 1 interface 0 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  209.802615][ T5259] usb 4-1: config 1 interface 0 altsetting 255 bulk endpoint 0x3 has invalid maxpacket 1023
[  209.813141][ T5259] usb 4-1: config 1 interface 0 altsetting 255 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  209.814544][ T6106] netlink: 4 bytes leftover after parsing attributes in process `syz.2.520'.
[  209.826918][ T5259] usb 4-1: config 1 interface 0 has no altsetting 0
[  209.876260][ T6108] FAULT_INJECTION: forcing a failure.
[  209.876260][ T6108] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.893924][ T6108] CPU: 0 PID: 6108 Comm: syz.2.520 Not tainted 6.1.106-syzkaller #0
[  209.901911][ T6108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  209.911948][ T6108] Call Trace:
[  209.915209][ T6108]  <TASK>
[  209.918119][ T6108]  dump_stack_lvl+0x1e3/0x2cb
[  209.922784][ T6108]  ? nf_tcp_handle_invalid+0x642/0x642
[  209.928226][ T6108]  ? panic+0x764/0x764
[  209.932277][ T6108]  ? __lock_acquire+0x1f80/0x1f80
[  209.937285][ T6108]  should_fail_ex+0x3a6/0x4d0
[  209.941949][ T6108]  _copy_from_user+0x2b/0x170
[  209.946604][ T6108]  copy_msghdr_from_user+0xaa/0x670
[  209.951791][ T6108]  ? sendmsg_copy_msghdr+0x70/0x70
[  209.956899][ T6108]  __sys_sendmsg+0x236/0x390
[  209.961476][ T6108]  ? ____sys_sendmsg+0x8f0/0x8f0
[  209.966396][ T6108]  ? vfs_write+0x6cf/0xbc0
[  209.970823][ T6108]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  209.976814][ T6108]  ? syscall_enter_from_user_mode+0x2e/0x230
[  209.980292][ T5259] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  209.982770][ T6108]  ? lockdep_hardirqs_on+0x94/0x130
[  209.982795][ T6108]  ? syscall_enter_from_user_mode+0x2e/0x230
[  209.982816][ T6108]  do_syscall_64+0x3b/0xb0
[  210.007325][ T6108]  ? clear_bhb_loop+0x45/0xa0
[  210.011986][ T6108]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  210.017862][ T6108] RIP: 0033:0x7f10c6f79e79
[  210.022266][ T6108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.041869][ T6108] RSP: 002b:00007f10c7d74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.050272][ T6108] RAX: ffffffffffffffda RBX: 00007f10c7116130 RCX: 00007f10c6f79e79
[  210.058247][ T6108] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000007
[  210.066210][ T6108] RBP: 00007f10c7d74090 R08: 0000000000000000 R09: 0000000000000000
[  210.074161][ T6108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.082112][ T6108] R13: 0000000000000000 R14: 00007f10c7116130 R15: 00007ffcb56c1cd8
[  210.090072][ T6108]  </TASK>
[  210.116508][ T5259] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  210.128686][ T5259] usb 4-1: SerialNumber: syz
[  210.150534][ T6082] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  210.154854][ T3635] EXT4-fs (loop0): unmounting filesystem.
[  210.338147][ T3953] usb 2-1: New USB device found, idVendor=055d, idProduct=9002, bcdDevice=23.5e
[  210.347601][ T3953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.362597][ T3953] usb 2-1: Product: syz
[  210.367080][ T3953] usb 2-1: Manufacturer: syz
[  210.371905][ T3953] usb 2-1: SerialNumber: syz
[  210.377746][ T3953] usb 2-1: config 0 descriptor??
[  210.400485][   T14] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  210.409394][ T6082] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh
[  210.443461][ T6083] ==================================================================
[  210.451534][ T6083] BUG: KASAN: slab-out-of-bounds in udf_write_aext+0x5e9/0x7a0
[  210.459085][ T6083] Write of size 4 at addr ffff88807cec13f0 by task syz.3.513/6083
[  210.466882][ T6083] 
[  210.469201][ T6083] CPU: 0 PID: 6083 Comm: syz.3.513 Not tainted 6.1.106-syzkaller #0
[  210.477180][ T6083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  210.487234][ T6083] Call Trace:
[  210.490509][ T6083]  <TASK>
[  210.493441][ T6083]  dump_stack_lvl+0x1e3/0x2cb
[  210.498132][ T6083]  ? nf_tcp_handle_invalid+0x642/0x642
[  210.503597][ T6083]  ? panic+0x764/0x764
[  210.507665][ T6083]  ? _printk+0xd1/0x111
[  210.511820][ T6083]  ? __virt_addr_valid+0x17f/0x530
[  210.516933][ T6083]  ? __virt_addr_valid+0x17f/0x530
[  210.522049][ T6083]  print_report+0x15f/0x4f0
[  210.526552][ T6083]  ? __virt_addr_valid+0x17f/0x530
[  210.531666][ T6083]  ? __virt_addr_valid+0x17f/0x530
[  210.536780][ T6083]  ? __virt_addr_valid+0x45b/0x530
[  210.541910][ T6083]  ? __phys_addr+0xb6/0x170
[  210.546421][ T6083]  ? udf_write_aext+0x5e9/0x7a0
[  210.551279][ T6083]  kasan_report+0x136/0x160
[  210.555790][ T6083]  ? udf_write_aext+0x5e9/0x7a0
[  210.560656][ T6083]  udf_write_aext+0x5e9/0x7a0
[  210.565339][ T6083]  udf_add_entry+0x17b7/0x3350
[  210.570113][ T6083]  ? rcu_is_watching+0x11/0xb0
[  210.574883][ T6083]  ? udf_add_nondir+0x5d0/0x5d0
[  210.579737][ T6083]  ? udf_new_inode+0xaf9/0xf10
[  210.584510][ T6083]  ? aa_get_newest_label+0xfb/0x6e0
[  210.589712][ T6083]  ? lockdep_softirqs_off+0x420/0x420
[  210.595088][ T6083]  udf_mkdir+0x1a8/0xaa0
[  210.599335][ T6083]  ? make_kgid+0x6f0/0x6f0
[  210.603756][ T6083]  ? apparmor_capable+0x12e/0x190
[  210.608780][ T6083]  ? bpf_lsm_capable+0x5/0x10
[  210.613464][ T6083]  ? udf_symlink+0x1690/0x1690
[  210.618231][ T6083]  ? privileged_wrt_inode_uidgid+0x210/0x260
[  210.624217][ T6083]  ? inode_permission+0xf7/0x450
[  210.629153][ T6083]  ? bpf_lsm_inode_mkdir+0x5/0x10
[  210.634174][ T6083]  ? security_inode_mkdir+0xb4/0x100
[  210.639457][ T6083]  vfs_mkdir+0x3b6/0x590
[  210.643703][ T6083]  do_mkdirat+0x225/0x360
[  210.648035][ T6083]  ? vfs_mkdir+0x590/0x590
[  210.652453][ T6083]  ? getname_flags+0x1f9/0x4f0
[  210.657219][ T6083]  __x64_sys_mkdirat+0x85/0x90
[  210.661982][ T6083]  do_syscall_64+0x3b/0xb0
[  210.666402][ T6083]  ? clear_bhb_loop+0x45/0xa0
[  210.671082][ T6083]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  210.676987][ T6083] RIP: 0033:0x7fb177579e79
[  210.681415][ T6083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.701030][ T6083] RSP: 002b:00007fb178336038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  210.709448][ T6083] RAX: ffffffffffffffda RBX: 00007fb177716058 RCX: 00007fb177579e79
[  210.717417][ T6083] RDX: 0000000000000000 RSI: 0000000020001dc0 RDI: ffffffffffffff9c
[  210.725386][ T6083] RBP: 00007fb1775e793e R08: 0000000000000000 R09: 0000000000000000
[  210.733353][ T6083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.741338][ T6083] R13: 0000000000000000 R14: 00007fb177716058 R15: 00007fffdd9269b8
[  210.742840][ T3953] pwc: Samsung SNC-35E (v3.0) USB webcam detected.
[  210.749312][ T6083]  </TASK>
[  210.749322][ T6083] 
[  210.749325][ T6083] Allocated by task 46:
[  210.749334][ T6083]  kasan_set_track+0x4b/0x70
[  210.769845][ T6083]  __kasan_kmalloc+0x97/0xb0
[  210.774418][ T6083]  __kmalloc_node_track_caller+0xb1/0x220
[  210.780121][ T6083]  __alloc_skb+0x135/0x670
[  210.784523][ T6083]  ndisc_alloc_skb+0xee/0x2c0
[  210.789184][ T6083]  ndisc_send_rs+0x269/0x6a0
[  210.793766][ T6083]  addrconf_rs_timer+0x357/0x610
[  210.798679][ T6083]  call_timer_fn+0x1ad/0x6b0
[  210.803255][ T6083]  __run_timers+0x67c/0x890
[  210.807735][ T6083]  run_timer_softirq+0x63/0xf0
[  210.812477][ T6083]  handle_softirqs+0x2ee/0xa40
[  210.817222][ T6083]  __irq_exit_rcu+0x157/0x240
[  210.821880][ T6083]  irq_exit_rcu+0x5/0x20
[  210.826103][ T6083]  sysvec_apic_timer_interrupt+0x91/0xb0
[  210.831716][ T6083]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  210.837703][ T6083] 
[  210.840010][ T6083] Last potentially related work creation:
[  210.845707][ T6083]  kasan_save_stack+0x3b/0x60
[  210.850365][ T6083]  __kasan_record_aux_stack+0xb0/0xc0
[  210.855737][ T6083]  call_rcu+0x163/0xa10
[  210.859875][ T6083]  __ip6_del_rt+0xef/0x140
[  210.864282][ T6083]  ip6_del_rt+0xdd/0x130
[  210.868501][ T6083]  __ipv6_ifa_notify+0xa08/0x11d0
[  210.873502][ T6083]  addrconf_ifdown+0xee1/0x1b90
[  210.878342][ T6083]  addrconf_notify+0x3ec/0xf60
[  210.883098][ T6083]  raw_notifier_call_chain+0xd0/0x170
[  210.888448][ T6083]  dev_close_many+0x37c/0x530
[  210.893103][ T6083]  unregister_netdevice_many+0x4f7/0x17a0
[  210.898803][ T6083]  default_device_exit_batch+0x956/0x9d0
[  210.904415][ T6083]  cleanup_net+0x763/0xb60
[  210.908814][ T6083]  process_one_work+0x8a9/0x11d0
[  210.913733][ T6083]  worker_thread+0xa47/0x1200
[  210.918387][ T6083]  kthread+0x28d/0x320
[  210.922432][ T6083]  ret_from_fork+0x1f/0x30
[  210.926826][ T6083] 
[  210.929137][ T6083] The buggy address belongs to the object at ffff88807cec1000
[  210.929137][ T6083]  which belongs to the cache kmalloc-512 of size 512
[  210.943178][ T6083] The buggy address is located 496 bytes to the right of
[  210.943178][ T6083]  512-byte region [ffff88807cec1000, ffff88807cec1200)
[  210.956949][ T6083] 
[  210.959252][ T6083] The buggy address belongs to the physical page:
[  210.965647][ T6083] page:ffffea0001f3b000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7cec0
[  210.975774][ T6083] head:ffffea0001f3b000 order:2 compound_mapcount:0 compound_pincount:0
[  210.984082][ T6083] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  210.992063][ T6083] raw: 00fff00000010200 ffffea0001cc6c00 dead000000000002 ffff888012841c80
[  211.000639][ T6083] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  211.009203][ T6083] page dumped because: kasan: bad access detected
[  211.015595][ T6083] page_owner tracks the page as allocated
[  211.021283][ T6083] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 11, tgid 11 (kworker/u4:1), ts 57759553159, free_ts 54311232007
[  211.040183][ T6083]  post_alloc_hook+0x18d/0x1b0
[  211.044928][ T6083]  get_page_from_freelist+0x322e/0x33b0
[  211.050452][ T6083]  __alloc_pages+0x28d/0x770
[  211.055020][ T6083]  alloc_slab_page+0x6a/0x150
[  211.059674][ T6083]  new_slab+0x84/0x2d0
[  211.063721][ T6083]  ___slab_alloc+0xc20/0x1270
[  211.068386][ T6083]  __kmem_cache_alloc_node+0x19f/0x260
[  211.073835][ T6083]  __kmalloc+0xa1/0x230
[  211.077970][ T6083]  fib6_info_alloc+0x2c/0xd0
[  211.082549][ T6083]  ip6_route_info_create+0x446/0x12c0
[  211.087916][ T6083]  ip6_route_add+0x22/0x120
[  211.092403][ T6083]  addrconf_add_linklocal+0x625/0xae0
[  211.097756][ T6083]  addrconf_addr_gen+0x856/0xbe0
[  211.102671][ T6083]  addrconf_init_auto_addrs+0x945/0xe60
[  211.108191][ T6083]  addrconf_notify+0xade/0xf60
[  211.112932][ T6083]  raw_notifier_call_chain+0xd0/0x170
[  211.118299][ T6083] page last free stack trace:
[  211.122947][ T6083]  free_unref_page_prepare+0xf63/0x1120
[  211.128469][ T6083]  free_unref_page+0x33/0x3e0
[  211.133123][ T6083]  __unfreeze_partials+0x1b7/0x210
[  211.138214][ T6083]  put_cpu_partial+0x17b/0x250
[  211.142959][ T6083]  qlist_free_all+0x76/0xe0
[  211.147441][ T6083]  kasan_quarantine_reduce+0x156/0x170
[  211.152876][ T6083]  __kasan_slab_alloc+0x1f/0x70
[  211.157789][ T6083]  slab_post_alloc_hook+0x52/0x3a0
[  211.162881][ T6083]  kmem_cache_alloc_node+0x136/0x310
[  211.168151][ T6083]  __alloc_skb+0xde/0x670
[  211.172472][ T6083]  netlink_ack+0x392/0x1290
[  211.176973][ T6083]  netlink_rcv_skb+0x24a/0x410
[  211.181719][ T6083]  netlink_unicast+0x7d8/0x970
[  211.186468][ T6083]  netlink_sendmsg+0xa26/0xd60
[  211.191222][ T6083]  __sys_sendto+0x480/0x600
[  211.195744][ T6083]  __x64_sys_sendto+0xda/0xf0
[  211.200403][ T6083] 
[  211.202708][ T6083] Memory state around the buggy address:
[  211.208313][ T6083]  ffff88807cec1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  211.216348][ T6083]  ffff88807cec1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  211.224393][ T6083] >ffff88807cec1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  211.232440][ T6083]                                                              ^
[  211.240154][ T6083]  ffff88807cec1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  211.248188][ T6083]  ffff88807cec1480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  211.256223][ T6083] ==================================================================
[  211.285407][ T6083] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  211.292623][ T6083] CPU: 0 PID: 6083 Comm: syz.3.513 Not tainted 6.1.106-syzkaller #0
[  211.300605][ T6083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  211.310658][ T6083] Call Trace:
[  211.313932][ T6083]  <TASK>
[  211.316859][ T6083]  dump_stack_lvl+0x1e3/0x2cb
[  211.321541][ T6083]  ? nf_tcp_handle_invalid+0x642/0x642
[  211.326999][ T6083]  ? panic+0x764/0x764
[  211.331066][ T6083]  ? preempt_schedule_common+0xa6/0xd0
[  211.336527][ T6083]  ? vscnprintf+0x59/0x80
[  211.340855][ T6083]  panic+0x318/0x764
[  211.344748][ T6083]  ? check_panic_on_warn+0x1d/0xa0
[  211.349853][ T6083]  ? memcpy_page_flushcache+0xfc/0xfc
[  211.355224][ T6083]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  211.361207][ T6083]  ? _raw_spin_unlock+0x40/0x40
[  211.366054][ T6083]  ? print_report+0x4a3/0x4f0
[  211.370731][ T6083]  check_panic_on_warn+0x7e/0xa0
[  211.375664][ T6083]  ? udf_write_aext+0x5e9/0x7a0
[  211.380632][ T6083]  end_report+0x66/0x110
[  211.384877][ T6083]  kasan_report+0x143/0x160
[  211.389377][ T6083]  ? udf_write_aext+0x5e9/0x7a0
[  211.394211][ T6083]  udf_write_aext+0x5e9/0x7a0
[  211.398871][ T6083]  udf_add_entry+0x17b7/0x3350
[  211.403631][ T6083]  ? rcu_is_watching+0x11/0xb0
[  211.408393][ T6083]  ? udf_add_nondir+0x5d0/0x5d0
[  211.413242][ T6083]  ? udf_new_inode+0xaf9/0xf10
[  211.418011][ T6083]  ? aa_get_newest_label+0xfb/0x6e0
[  211.423208][ T6083]  ? lockdep_softirqs_off+0x420/0x420
[  211.428584][ T6083]  udf_mkdir+0x1a8/0xaa0
[  211.432839][ T6083]  ? make_kgid+0x6f0/0x6f0
[  211.437258][ T6083]  ? apparmor_capable+0x12e/0x190
[  211.442286][ T6083]  ? bpf_lsm_capable+0x5/0x10
[  211.446968][ T6083]  ? udf_symlink+0x1690/0x1690
[  211.451738][ T6083]  ? privileged_wrt_inode_uidgid+0x210/0x260
[  211.457725][ T6083]  ? inode_permission+0xf7/0x450
[  211.458387][ T6098] loop1: detected capacity change from 0 to 8192
[  211.468969][ T6083]  ? bpf_lsm_inode_mkdir+0x5/0x10
[  211.473996][ T6083]  ? security_inode_mkdir+0xb4/0x100
[  211.479288][ T6083]  vfs_mkdir+0x3b6/0x590
[  211.481324][ T6098] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  211.481342][ T6098] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  211.481412][ T6098] REISERFS (device loop1): using ordered data mode
[  211.481419][ T6098] reiserfs: using flush barriers
[  211.482446][ T6098] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  211.482774][ T6098] REISERFS (device loop1): checking transaction log (loop1)
[  211.484174][ T6098] REISERFS (device loop1): Using r5 hash to sort names
[  211.492774][ T6098] reiserfs: enabling write barrier flush mode
[  211.507162][ T6098] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  211.562052][ T6083]  do_mkdirat+0x225/0x360
[  211.566394][ T6083]  ? vfs_mkdir+0x590/0x590
[  211.570820][ T6083]  ? getname_flags+0x1f9/0x4f0
[  211.575597][ T6083]  __x64_sys_mkdirat+0x85/0x90
[  211.580369][ T6083]  do_syscall_64+0x3b/0xb0
[  211.584791][ T6083]  ? clear_bhb_loop+0x45/0xa0
[  211.589466][ T6083]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.595349][ T6083] RIP: 0033:0x7fb177579e79
[  211.599739][ T6083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.619325][ T6083] RSP: 002b:00007fb178336038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  211.627714][ T6083] RAX: ffffffffffffffda RBX: 00007fb177716058 RCX: 00007fb177579e79
[  211.635667][ T6083] RDX: 0000000000000000 RSI: 0000000020001dc0 RDI: ffffffffffffff9c
[  211.643618][ T6083] RBP: 00007fb1775e793e R08: 0000000000000000 R09: 0000000000000000
[  211.651571][ T6083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  211.659523][ T6083] R13: 0000000000000000 R14: 00007fb177716058 R15: 00007fffdd9269b8
[  211.667475][ T6083]  </TASK>
[  211.670705][ T6083] Kernel Offset: disabled
[  211.675011][ T6083] Rebooting in 86400 seconds..