last executing test programs:

1m12.159123638s ago: executing program 2 (id=124):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, 0x0, &(0x7f0000000080))
r1 = syz_open_dev$video4linux(&(0x7f0000000100), 0x0, 0x40000)
ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205647, &(0x7f0000000000)={0xf000000, 0x0, 0x6, 0xffffffffffffffff, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r2 = dup(0xffffffffffffffff)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0))
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000140)={0x8080000, 0x6000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000080)={0xeeee0000, 0x109000, 0x1})

1m11.246072776s ago: executing program 2 (id=128):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f00000001c0)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x1, 0x443, &(0x7f0000001040)="$eJzs28tvG8UfAPDvrpP019cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrsAZVapQLi2cjNbebRzXdpNg1yH+fKRNZnbHmfl6duzZnWwAA2ss+5FE7IqIXyNitJ5dXWCs/uvm8uWZv5YvzyRRrb7xZ1Ird2P58kxRtHjdziIzFJF+ksSBFvUuXLx0drpSmbuQ5ycWz707sXDx0jNnzk2fnjs9d37qxIljRyefOz71bFfizOK6sf+D+YP7Xnnr6mszJ6++/ePXSRF/UxxdMtbp4OPVaper66/dDelkqI8NYV1K9WEaw7XxPxqlWOm80Xj54742DuiparVava/94aUqsIUl0e8WAP1RfNFn17/FdpemHpvC9RfqF0BZ3DfzrX5kKNK8zHDT9W03jUXEyaW/v8i2aL4Psb1HlQIAA+3bbP7zdKv5XxqN94X+n6+hlCPinojYExHHI2JvRNwbUSt7f0Q8sM76mxdJbp9/ptc2FNgaZfO/5/O1rdXzv2L2F+VSnttdi384OXWmMnckf08Ox/C2LD/ZoY7vXvrls3bHGud/2ZbVX8wF83ZcG9q2+jWz04vT/ybmRtc/itg/1Cr+5NZKQBIR+yJi/wbrOPPkVwfbHWsT/8ia/nAX1pmqX0Y8Ue//pWiKv5B0Xp+c+F9U5o5MFGfF7X76+crr7eq/c//3Vtb/O1qe/0X8v5eTxvXahfXXceW3T9teU270/B9J3ly17/3pxcULkxEjyau1fLlx/1RTuamV8ln8hw+1Hv97YuWdOBAR2Un8YEQ8FBEP521/JCIejYhDHeL/4cXH3tl4/L2VxT/bsf+jqf9XEiPRvKd1onT2+29WVVpeT/xZ/x+rpQ7ne9by+beWdm3sbAYAAID/njQidkWSjt9Kp+n4eP1/+PfGjrQyv7D41Kn5987P1p8RKMdwWtzpGm24HzqZX9YX+amm/NH8vvHnpe21/PjMfGW238HDgNvZZvxn/ij1u3VAz3leCwaX8Q+Dy/iHwWX8w+BqMf49egYDotX3/4d9aAdw9zWN/47LfiYGsLW4/ofBZfzD4DL+YSAtbI87PyS/NRJpRGyCZmyVRKSbohkSPUr0+5MJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//5025W8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0xf4b, 0x1, 0x9, 0x7, 0xb, 0xd})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newtfilter={0x48, 0x2c, 0xd27, 0x30bd2b, 0x2ddfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}, {}, {0x6}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_IPV6_DST={0x14, 0x10, @empty}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4088004)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002300)=@newtaction={0x78, 0x1c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x64, 0x1, [@m_gact={0x60, 0x1e, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x3ff, 0x4, 0x8, 0x6, 0xffffffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x72dc, 0x0, 0x1, 0x0, 0xffffffff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
write$P9_RSTATu(r6, &(0x7f0000000180)=ANY=[@ANYBLOB="930200007d00000005f0000000000000000000000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b6376666f7892ffffff8102000000000031ffcebc920000003800704a86cec602007dfa673effeb09b5351f5bde05f7"], 0x232)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f00000001c0)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x1, 0x443, &(0x7f0000001040)="$eJzs28tvG8UfAPDvrpP019cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrsAZVapQLi2cjNbebRzXdpNg1yH+fKRNZnbHmfl6duzZnWwAA2ss+5FE7IqIXyNitJ5dXWCs/uvm8uWZv5YvzyRRrb7xZ1Ird2P58kxRtHjdziIzFJF+ksSBFvUuXLx0drpSmbuQ5ycWz707sXDx0jNnzk2fnjs9d37qxIljRyefOz71bFfizOK6sf+D+YP7Xnnr6mszJ6++/ePXSRF/UxxdMtbp4OPVaper66/dDelkqI8NYV1K9WEaw7XxPxqlWOm80Xj54742DuiparVava/94aUqsIUl0e8WAP1RfNFn17/FdpemHpvC9RfqF0BZ3DfzrX5kKNK8zHDT9W03jUXEyaW/v8i2aL4Psb1HlQIAA+3bbP7zdKv5XxqN94X+n6+hlCPinojYExHHI2JvRNwbUSt7f0Q8sM76mxdJbp9/ptc2FNgaZfO/5/O1rdXzv2L2F+VSnttdi384OXWmMnckf08Ox/C2LD/ZoY7vXvrls3bHGud/2ZbVX8wF83ZcG9q2+jWz04vT/ybmRtc/itg/1Cr+5NZKQBIR+yJi/wbrOPPkVwfbHWsT/8ia/nAX1pmqX0Y8Ue//pWiKv5B0Xp+c+F9U5o5MFGfF7X76+crr7eq/c//3Vtb/O1qe/0X8v5eTxvXahfXXceW3T9teU270/B9J3ly17/3pxcULkxEjyau1fLlx/1RTuamV8ln8hw+1Hv97YuWdOBAR2Un8YEQ8FBEP521/JCIejYhDHeL/4cXH3tl4/L2VxT/bsf+jqf9XEiPRvKd1onT2+29WVVpeT/xZ/x+rpQ7ne9by+beWdm3sbAYAAID/njQidkWSjt9Kp+n4eP1/+PfGjrQyv7D41Kn5987P1p8RKMdwWtzpGm24HzqZX9YX+amm/NH8vvHnpe21/PjMfGW238HDgNvZZvxn/ij1u3VAz3leCwaX8Q+Dy/iHwWX8w+BqMf49egYDotX3/4d9aAdw9zWN/47LfiYGsLW4/ofBZfzD4DL+YSAtbI87PyS/NRJpRGyCZmyVRKSbohkSPUr0+5MJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//5025W8=") (async)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) (async)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0xf4b, 0x1, 0x9, 0x7, 0xb, 0xd}) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
socket(0x400000000010, 0x3, 0x0) (async)
socket$unix(0x1, 0x1, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newtfilter={0x48, 0x2c, 0xd27, 0x30bd2b, 0x2ddfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}, {}, {0x6}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_IPV6_DST={0x14, 0x10, @empty}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4088004) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002300)=@newtaction={0x78, 0x1c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x64, 0x1, [@m_gact={0x60, 0x1e, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x3ff, 0x4, 0x8, 0x6, 0xffffffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x72dc, 0x0, 0x1, 0x0, 0xffffffff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x4}, 0x0) (async)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0) (async)
write$P9_RSTATu(r6, &(0x7f0000000180)=ANY=[@ANYBLOB="930200007d00000005f0000000000000000000000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b6376666f7892ffffff8102000000000031ffcebc920000003800704a86cec602007dfa673effeb09b5351f5bde05f7"], 0x232) (async)

1m9.839802926s ago: executing program 2 (id=132):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f00000000c0)=0x700, &(0x7f0000000100)}, 0x20)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x269, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x50, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x8, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x20001, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f00000002c0)=@userptr={0x9, 0x3, 0x4, 0x4000, 0x0, {0x77359400}, {0x2, 0xc, 0x7, 0x2, 0x3, 0x9, "610e0c0a"}, 0x11fe, 0x2, {&(0x7f00000001c0)}, 0xfffffff8})
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f0000000180)=ANY=[], 0x1, 0xc4d, &(0x7f0000001b40)="$eJzs3V1sXGdaB/DnnWMndsqyU9qmXbpIsxSxaZoE56OtUVrkbIy1K0VtVMcLNyCP40kY1R67trNKK1gFCbgBQVCRVsAFuUHigovcIKEVQhE3iwRIEajSIpAItI1WQoBXsLBiJYzOzDv22BvXbr6cNL/fbvKfc+Y9M++Z9jlzpprnTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEV/46RNDh9NOzwIAuJ9eG39j6Kj3fwB4pJzx+R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK2lKOKtSPHe2HKabC93DJxqti5cnBgdu/VmgylSVKJojy//DBw+cvTYiy+9PNzNj97+bvtMvD5+5kTt5Nzs/EJjcbExXZtoNc/OTTe2/Qh3uv1G+9svQG32zQvT584t1o4cOrru7ovVm7sf21s9Pvzsgee7YydGx8bGe8b09d/2s3+fdPceik+QXVHEFyPFNw5+K9UjohJ3XgtbHDvutcHoK+uvvRMTo2PtHZlp1ltL5Z2pkkf1RVR7Nhrp1sh9qMU7MhJxqfznVE54f7l74/P1hfrUTKN2ur6w1FxqzrVSpTPbcn+qUYnhFDEfEcvFTk+eB01/FPFqpLj5veU0FRFFtw5eeG38jaGjm2/Ydx8nucnTV4uI6/EQ1Cw8oHZHEb8dKd6dHIqzua7aZfNBxOfLfCXirTKvpbicl1N5gBiO+Lb3E3io9UURfxMp5tJymu7Wfvu88tSXa19qnZvrGds9r3zoPx/cT85NeIANRBFT7TP+5XT7/7ELAAAAAAAAAAAAALg/ivh6pLg6uy/NR29PabN1vnamPjXT+VZw97v/tbzVysrKSjV1spZzKOdIztM5J3PO57yU83LOKzmv5ryW83rOGzmXc0YlP3/OWs6hnCM5T+eczDmf81LOyzmvdLLb0bhyLa+/nvNGzuWcoe8JAAAAAAAAAAAAAAAAAACAu2wwiviNSPHvv/+V9u9KR/t36T99fPjkqU/1/mb8M1s8Tjn2UER8Pbb3m7y78m+Np0r5v7u/X8DWBqKIr+bf//vlnZ4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQKhEEb8SKb72neUUKSJGIiajkzeKnZ4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDanYp4NVL87O+OrK7ri4jU/n/HvvKvYzFS5HyizFdi5HA7KyMnyhyIOLQD8wdu3+Lb77xZn5lpLLjhhhturN7Y6SMTAAAAAAAAAAAAAAAAADzCUhF/Hyl+8veWUzUiLlZv7n5sb/X48LMHni+iaF8EIPWOf338zInaybnZ+YXG4mJjujbRap6dm25s9+kGTjVbFy5OjI7dk53Z0uA9nv/gwMm5+bcXmud/YemW9+8ZODG1uLRQP3vru2Mw+iKGetfsb094YnSsPemZZr3V3jRVNplgX0RtuzvDI29PKuJ/I8V7B78Zj+d1+fof/Z2lter/w19cW/rhvvW5+q9j+/jx6ePDJ/c8t53babsT3d8uvLIQxsZ7VvflWf5Qz7pqnte2HxseUWX9vxApfv6PitStoVz/P9BZKlbH/s9X12rq+IZctUP1/0TPuuP5qNXfFzGwNDvf/3TEwOLb7xxsztbPN843WseOvPzS8LGXXzz2Uv+uiIFzzZnG0Nqtbb92AAAAAAAAAAAAAAAAAHCv9KcivhApfunv/nK1bzz3/32qs7TW/9fb/7tvw+P0Xjdgs9u37PXboq+vV/mcKRXxVKR49s+eac83xR4973Cb9qQivlvW0/QX0+fyulz/ubP/1vV/aUOu2qH+38d71l3Kx4n/iBSP/8Ez8bme48TG7t5y3F9Eiqkf+WweF7vKcd3H6/REdxqDy7FfiRTvn14/tts3/cTa2MPb3S3YSWX9z0aKf/itv40fzevWX//j1vW/Z0Ou2qH6f7J3nyJi8e133qzPzDQWFrf9UsAjp6z/X48Uf/0n34zn8rqPuv5P9zo/+55bn4PdQTtU/0/1rKvmef3Yx3wtAAAAAAAAAAAA4GGxJxXxT5Hiz//0QDqY123n+7/TG3LVDn3/7+meddPrvv97725s+0UGAIAHRH8q4icixR9Pf5C6vbGb9v++stb/M7rxxL19Tv+D7T7/j3Wu/zH6/8vnTKmI/8t9vUNb9PX+eKT4tZ86kMelveW4ke50238PvDbXOnhiZmbubH2pPjXTqI3P1882ym33R4p//bfP5m0r7T7fbn90pzd4rSf4dyLFz33YHdvpCe72Uj65NvZwOfZgpPju++vHdvuunlobe6Qc+5uRYuy/bz1279rYo+XYf4wU//lurTt2Tzm2+3nu6bWxh87OzXzfRzYAAAAAAAAAAAAAAAAAAAB2Xn8qIkWKaz9zZbU3fv31v7rXAVh//a+N7tXv/1fvzm4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEMhRRH/FSneG1tON4pyuWPgVLN14eLE6NitNxtMkaISRXt8+Wfg8JGjx1586eXhbn709nfbZ+L18TMnaifnZucXGouLjenaRKt5dm66se1HuL3ti03v2d9+AWqzb16YPndusXbk0NF1d1+s3tz92N7q8eFnDzzfHTsxOjY23jOmr3/bs99SunsPxSfIrijiryLFNw5+K/1zEVGJ266FVVscO+61wegr66+9ExOjY+0dmWnWW0vlnamSR/VFVHs2GunWyH2oxTsyEnEpIirlhPeXuzc+X1+oT800aqfrC0vNpeZcK1U6sy33pxqVGE4R8xGxvPnRikdUfxRxLVLc/N5y+pei84bWroMXXht/Y+jo5hv23cdJbvL01SLiejwENQsPqN1RxJOR4t3JoXi/6NRVu2w+iPh8ma9EvFXmtRSX83IqDxDDEd/2fgIPtb4o4nSkmEvL6YMi1377vPLUl2tfap2b6xnbPa986D8f3E/OTXiADUQRH7bP+JfTh97PAQAAAAAAAAAAAOABV8SrkeLq7L7U7g9d7Sltts7XztSnZjpf6+9+97+Wt1pZWVmppk7Wcg7lHMl5Oudkzvmcl3Jeznkl59Wc13Jez3mjnbvbjYnlclTy8+es5RzKOZLzdM7JnPM5L+W8nPNKzqs5r+W8nvNGzuWcH9H1DwAAAAAAAAAAAAAAAAAAd6QSRfxqpPjad5bTStH5fdnJ6OSN9X2uu3ZqjsC98f8BAAD//3zgG/w=")
r3 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
fcntl$setstatus(r3, 0x4, 0x6100)
write$cgroup_type(r3, &(0x7f0000000200), 0x175d9003)
close(r2)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r6 = dup(r5)
write$P9_RLERRORu(r6, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r6, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
acct(&(0x7f0000000180)='./file0\x00')
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x7, {[@main=@item_4={0x3, 0x0, 0xa, "3ccdbaa9"}, @global=@item_012={0x1, 0x1, 0x9, "df"}]}}, 0x0}, 0x0)
r7 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="ef23f92acf32d7", @ANYRES8=r1, @ANYRES8=0x0], 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000400), 0x3c, 0x2)
ioctl$DRM_IOCTL_GET_MAGIC(r8, 0x80046402, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r8, 0x40046411, &(0x7f0000000000)=0x8)
syz_usb_control_io$hid(r7, 0x0, 0x0)

1m6.011546289s ago: executing program 2 (id=144):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c71756965742c6e6f646f74732c666c7573682c756d61736b3d30303030303030303030303030303030303030303030302c646f74732c646f74732c756d61736b3d30303030303030303030303030303030303037373737372c6e66732c646f74732c747a3d5554432c646f74732c646f74732c6e6f636173652c7379735f696d6d757461626c652c646f74732c00f8a7354494367fe599abb0e9fee8f6cdbd4415cc7bc52b6352f54afc78e51de6b37ae8efbdfe1689a174697f9528b4217d017a472c4c8e00a5cdd06438f130234c66db3e61a4ea6b90f67ddc19c74c6ac93054e1668cf0ff55fdebea678f16269706271797abeebc6b043e549356dfa4c7e8b4e091a7a6cfc601e4e66e509afea6dcc9d274ab27afd6f183050075b86a3ffc8dfcd249c141fd90a5331224d62867d9b87a8e7d0cf56567584e7adde32f223d2a9bd69b39c51152b3a827f49a0f7e23d51ac4128630c7668a0b38090b5c86636aee6face102356400fbbd"], 0xfd, 0x1bf, &(0x7f0000000480)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f0000000280)='.\x00', &(0x7f00000002c0)='./file0\x00')
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001800)={0x1c, 0x3c, 0xb, 0x2, 0x4, {0x3}, [@nested={0x4}, @nested={0x4, 0x1}]}, 0x1c}}, 0x4008004)
r2 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x2, 0x2de}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0xa0}})
io_uring_enter(r2, 0x2def, 0xb80c, 0xe, 0x0, 0x0)
write$P9_RSTATu(r0, &(0x7f0000000e40)=ANY=[@ANYBLOB="510200007d0000000510010000000000080200000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b6376666f7825ffffff8102000000000031ffcebc920000003500704a86cec602007dfa673effeb09b535225bde054000000000187b8200b5005fcb14034354b9fd9ef196a51cd5157adc8106b494e12b00cfc213f600000000000000010000000077fd834d5d87a0702f16000014273aefc26812b700c24ced20bc005e00f8f669fb716dcf315ecaf385409ac65b9408679d2c3b9e1d52c3d6da9bf699fa88dace6cde7ba4a400b4b0b4dbf6c69a69d017cec45906f174a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20f9c1cbe36f4fd1a2c016f6465762d6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff000000000000000000000000000000000044526e2a72c1f676a0e49e9cf6b82c4a4dabe237aa35ba2b9af3e206a17edab7db138601eb38b0b894394c0541d05d3c918e597e12f2a108cc63117606b2e5cf6eb74b9db7d1dd660e209a3e306c7079b59d29c0e9d8aa1c1e781d29795bac3ddaf6632fedfee608dd40606ab8229b87ced200fc87", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x251)

1m4.231680875s ago: executing program 2 (id=148):
socket$can_raw(0x1d, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
socket$isdn(0x22, 0x2, 0x25)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x61}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x8001}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x8, 0x28011, r1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r5, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r0], 0x4}}, 0x0)
sendfile(r4, r1, 0x0, 0x100000000)

1m3.678024077s ago: executing program 2 (id=150):
syz_clone(0x80040000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0204}]})
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)

1m0.654413232s ago: executing program 32 (id=150):
syz_clone(0x80040000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0204}]})
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)

8.285108458s ago: executing program 0 (id=285):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, 0x0, 0x0) (async)
r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0xc1205531, &(0x7f0000002680)=""/4104)
pread64(r2, 0x0, 0x0, 0x1c) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x200, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r1) (async)
ioctl$SNDCTL_DSP_GETIPTR(r0, 0x800c5011, &(0x7f0000000080))

7.525896322s ago: executing program 5 (id=288):
r0 = socket$inet(0x2, 0x80001, 0x84)
r1 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r1, 0x43)
bind$inet(r0, &(0x7f0000000180)={0x2, 0xc620, @local}, 0x10)
listen(r0, 0x3)
r2 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0x50009404, 0x0)
bind$inet(r3, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10)
listen(r2, 0x3)

6.947996998s ago: executing program 0 (id=290):
capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x0, 0x3})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0xfffffffffffffece)

6.014127745s ago: executing program 0 (id=293):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x111, 0x0, 0x0, 0x0, 0x20, 0x56a, 0x37a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x9, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x7, 0x84, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x3, 0x0, 0x5}}}}}]}}]}}, 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f700004e2000e2ffca1b1f0000000004c00e72f740805ed08a56231dbf9ed7815e3802000000033a0093b837dc6cc01e32efaec8c7a6ec08200800030006010000bdad446b9bbc7a", 0x5b}], 0x1}, 0x10000000)
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, r2, {0x7, 0x1f, 0x3000}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
ioctl$sock_inet_SIOCSARP(r3, 0x40806685, &(0x7f00000002c0)={{0x2, 0x4e21, @multicast2}, {0x0, @remote}, 0x8, {0x2, 0x0, @multicast2}, 'veth1_virt_wifi\x00'})
syz_usb_control_io$hid(r0, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000380)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}, 0x4, 0x4}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r4, 0x80487436, 0xfffffffffffffffe)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@main=@item_012={0x0, 0x0, 0xa}, @local=@item_012={0x2, 0x2, 0x2, "b847"}, @global=@item_012={0x2, 0x1, 0x2, 'zg'}]}}, 0x0}, 0x0)

5.571253689s ago: executing program 5 (id=295):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6(0xa, 0x1, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000002c0)=ANY=[@ANYRES8=0x0, @ANYRESDEC, @ANYRES8=0x0, @ANYRESOCT], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
socket$nl_netfilter(0x10, 0x3, 0xc)
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000004c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000000))

5.456648113s ago: executing program 3 (id=296):
bpf$MAP_CREATE(0x0, 0x0, 0x0)

5.116327169s ago: executing program 1 (id=297):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x18, 0xffffffffffffffff, &(0x7f0000000040))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
write$tun(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00006000002f9078ac1e0001e00000010000655800189078040000000000000086ddffff000000009b"], 0xfdef)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000900)={0x348f68a8, 0x0, 0x4, r6, 0x1})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000080)={0x5, 0x0, 0x0, r6})
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, 0x0, 0x0)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_DEL(r7, 0x2, r1)
unshare(0x28000200)

5.007374078s ago: executing program 4 (id=298):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="bc01000019000100000000000000000020010003000000000000000200000000fc0200"/56, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000004010500"], 0x1bc}}, 0x0)

4.772486146s ago: executing program 3 (id=299):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x4000000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)

4.382391685s ago: executing program 5 (id=300):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x2, 0x44880)
open_tree(r0, &(0x7f0000000040)='./file0\x00', 0x100)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=@bridge_newvlan={0x24, 0x76, 0x1, 0x0, 0x0, {0x7, 0x2}, [@BRIDGE_VLANDB_ENTRY={0x8, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8}}]}, 0x24}, 0x1, 0x5502000000000000}, 0x0)
flistxattr(0xffffffffffffffff, 0x0, 0x0)

4.164992109s ago: executing program 4 (id=301):
setrlimit(0x40000000000008, &(0x7f0000000000)={0x4848, 0xfffffffffffff005})
capset(&(0x7f0000a31000)={0x20080522}, 0x0)
mlock(&(0x7f0000007000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffe000/0x2000)=nil)
mlock(&(0x7f0000007000/0x2000)=nil, 0x2000)

3.948157951s ago: executing program 3 (id=302):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000101a81, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045017, 0x0)

3.715583928s ago: executing program 1 (id=303):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
io_setup(0x3ff, &(0x7f0000000200)=<r1=>0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f00000001c0)={0x1, &(0x7f0000000680)=[{0x6}]}, 0x10)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x32, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001900)={0x11, 0x3, &(0x7f0000001700)=@framed, &(0x7f0000001740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e40)=@bpf_tracing={0x1a, 0x1, &(0x7f0000000900)=@raw=[@exit], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x0, r0, 0x0}])
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={<r4=>r0})
getsockopt$inet_sctp_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xe)

3.542213299s ago: executing program 5 (id=304):
syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
syz_open_dev$loop(&(0x7f0000001580), 0x7, 0x80100)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x5d031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sched_yield()
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff)
accept(r3, 0x0, &(0x7f0000000040))
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r7 = socket(0x200000100000011, 0x2, 0x800)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="40df2114aa6bd84d00a13ce8e4000100", @ANYRES16=r5, @ANYBLOB="01002bbd7000fedbdf250600000006001d0006000000050006007700000008000c00040000000c001600100000000000000006000e0009000000"], 0x40}, 0x1, 0x0, 0x0, 0x8080}, 0xc000)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000000000003800000008000300", @ANYRES32, @ANYBLOB="f2ff570000000000000000000c0058000c000000000000000c0058005e00000000000000"], 0x40}}, 0x240008d0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r8, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xd0383b66f5e5dfea}, 0xc, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00%', @ANYRES16, @ANYBLOB="37082abd7000ffdbdf25380000000c0058006a000000000000000c0058005600000000000000", @ANYBLOB="90529b72e0bc55a3d1d13e33ee02e82db2be610810a1f9dfa32dba6b62157cd4fbe3196a96144f4fc61fd6c378aef8e18f41b2b55163f8425d7ecca250aecc367b0820b7f273c9dfb3896a003990d62899c2ae77c20740b3881b72da8511545fa14a724cbe6f123a07ab58ba3fdd8af2f282f3383c68a4be9a581669e78dc89910234ee47ae4a3e1cbfc55d098a270ef2220b50c2012091199c1066d842f7362a72b59cba005", @ANYRES16=r8], 0x2c}, 0x1, 0x0, 0x0, 0x20000080}, 0x240448c0)
dup3(r4, r2, 0x80000)

3.452168127s ago: executing program 4 (id=305):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r3, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_INIT(r3, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_fscache}]}})
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)

3.235788412s ago: executing program 3 (id=306):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000600000000000000008500000007000000c5000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000800efffffff000200000008000300", @ANYRES32=r2, @ANYBLOB="08009f000700000008009f000a00000008"], 0x34}}, 0x80)

2.893496223s ago: executing program 1 (id=307):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r3, &(0x7f0000000980), 0xfdef)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

2.87123013s ago: executing program 4 (id=308):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x22002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f00000aa000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x1)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001280)=ANY=[@ANYBLOB='D'], 0x4c}}, 0x0)
write$binfmt_misc(r3, &(0x7f0000001280), 0x6)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.488099495s ago: executing program 3 (id=309):
r0 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x123f41, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
write(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000008500000050000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r0, &(0x7f0000000340)=""/200, 0xc8, 0x0, 0x0)

2.427088075s ago: executing program 5 (id=310):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6(0xa, 0x1, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000002c0)=ANY=[@ANYRES8=0x0, @ANYRESDEC, @ANYRES8=0x0, @ANYRESOCT], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
socket$nl_netfilter(0x10, 0x3, 0xc)
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000004c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000000))

2.248016669s ago: executing program 1 (id=311):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="bc01000019000100000000000000000020010003000000000000000200000000fc0200"/56, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000004010500"], 0x1bc}}, 0x0)

2.13014757s ago: executing program 0 (id=312):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x4000000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000c80)={0x0, 0x0, 0x0}, 0x0)

1.909051355s ago: executing program 3 (id=313):
ioperm(0x3, 0x1, 0xa)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x83}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x818080, &(0x7f0000000280)=ANY=[@ANYBLOB="6a6f75726e616c5f7472616e73616374696f6e5f6e616d65732c62747265655f6e6f64655f0dcbcc28b5ef6f8b2c6a6f75726e616c5f666c7573685f64697361626c65642c6673636b2c6a6f75726e616c5f666c7573685f64697361626c65642c726174656c696d69745f6572726f72732c7265636f766572795f706173735f6c6173743d7365745f6d61795f676f5f72772c7265636f6e7374727563745f616c6c6f632c6e6f5f646174615f696f2c00"], 0x1, 0x591f, &(0x7f0000009d00)="$eJzs3W2QXFXdIPBzu3synZm8TAJIBJkMgSiCmglvhS+l0fWtAKlYWErYKAxkgtEkpJIgEFCCCy4UYKGlpagf0EJq0WhRBatESuRlE1ZRitWltpBa3UU/+BTykBLIQ1k+zlMzfU9Pz52+c3t6ekICv18lc/uevv0/5557+vb9n+6ZDgAAALwm7L1+2/5zjvrAr744/NI1H/7ZpmtDb3msvBo36EuXV7xSLeRA6q4sGVtmx8WbrvrBnwcuft8v7+75/st71h27/vfvP+zi+z9z5u7bvv3Qi/Pv/eczRXHjeDpxfD15Lgmh+vN9X//SnseOHC1LQgjlpG9nCIuSxQ8tSjIhBv8eQliXrizJ3HnPS6esH11ee1P3hPKFme2M99e2ajrOduy//KTwh/euue43S3/8o65dz+4c3ySpNoynEBZc2Pj4rhDC3PT/qDja4niMg3Z1CKGn4XFnFLTruBbbvyJn/eh0OSdd9hbEifcvy6yXMttl16OuzLKnoL6ZymtHu9sVmZdZz56MZiqvnbF8Ubr8abo8cZrxy/F/EkpJqNSbvzEZHyOh4bglIRk7ltX6eql+bEO6/5n1JLNeyqyXuzL7NVZvOtDKSTKxPG6XKY+n40pafmzjubqJc3PKX58uq+kT9eW4HrI3anon3ajv15jYrn1TtOVAKDWcg5qV1w98ejB607LeZPGkx4w0Ee/bs+bm5eW1D+/ty2lHcneSxk/air/j14vmfeqHN16WfV2vx7+wlMYvtRX/j2c9/vz5N37vW7nxb43xy23FP/mBnufOeuT6Zbn9sy/2T6Wt+EPPPHrL0sMv2pXb/ttj/Gpb8Vftfrx7/v4HHsxt/2Dsn7ltxX/6nR/8011P3vdsbvwQ4/e0FX/t7i1f7u7ff0Ju/Adj//S2N35e2HX6U/39fxnIi/9EjD+/rfh37rztHXcsvOnM3OO7OvZPX1vxzz7+/uvm7b/vmLxzZ3J7p145AV6bDkuvsW5I19vNM2eqIV/45kClds03L/0/v5MVZS4+R+tZ0Mn4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBCOOKk//mh///xvucq6Xp3euPpUm0Zy+eEkMwNIWzbPrR1+4bNlwx85tLLtm4e2jgwtH1gePP2rVcOnPqWga3DWzYOXTl67+BbT6k9bnFIasvkmEl1d4+MjJT6JpbF+v7T8bv+sPyMf/lrCINH/K6/ktv+FbdtuuPwJj8zklUj79l02Tm/O+276X71pe3qa9KukZGRkZDTrn897x93fHXfn08IYfB1U7Xr0aff/YsJDRorGI+TKnWHWoO6k56m7ai3Om1P7K/K+g0bhwen7t/Rx5dz9uM/X/Xs39df8ZV/1Pq3mrsfLfbv3FUjG0vfWHP2v3/j6lpBUbteqeNe1N9xL2L7Yv9V0/5ekO7Xgpz9quTs1/W/efDJnx9144s7w2DlhaWT6y7ar650AHQlr2+p3lhDT7JoQnk13T4e8fi4Fds3bVmx7codb92waeiS4UuGN7995akrTx887fTTVozt+YoO73+s/40t7v+BGU8LP7fzp/Fna+OpqF1F/THaruL+aGxR3vOv59wvfe3ttz1yTq2gaJzHrevnk3TZM3qcV4aG8Ta5r5rtV1E/hBAGmvXD8y+eGY78PxuuKzoPNR6Zxp8ZyaqRx5b97btnfGfJu2oFB+Q839igNs/z9VaPt2esv6rp8Rg5SPu3O5TT/ept2q6Vjz3SdfPev36+3r45c8IVQ9u3b11Z+zkvbem85Oim7cqWxv1aOvazHNJuCfVh2mS8juoKtfZlz59x82yv9qb39SaLm+5XVrxvz5qbl5fXPrw3r6eTu2s1zg3za8vkDTlbbsw8sFxvcLP6D9bnX9H46P/Qd+79+L0/OXXS+Di59rNov5Kc/frxk3d+7ftf+a8/6dx+fejdj/f97f9+enmt4FA5r9RbnbYnaTyvnBxC0fNvaWi+H7nPv1Lz/Sl6/mXrGd++ebyBzHpvKLf1fD35gZ7nznrk+mW5z9d9rT5fr56wVi54vh4s4yf7/EoqE9sxe8+vCQMlWTXyyxsO2/nQNauPqhUUjev61s3G9Skt5B85+/WL85/qv3Tgv/zvzp03fvCWey74/dCqL9QK2j/usS2dOe7VtH+rOf1bb3XMOxv7920XX7pxXa384L3+TZcF+U88lWy7csdnhzZuHN66rbX9avX1NNaT7eV2X0/j2W1xwX6VJu3X7N1opb9afb7F9q9ru78mPt96Q9LW68KOXy+a96kf3nhZ36RHpRVdWErjl9qK/8ezHn/+/Bu/963c+LfG+JW24g898+gtSw+/aFdu/NuTNH61rfirdj/ePX//Aw/mxh+M7Z/bVvyn3/nBP9315H3P5sYPMX5ve/3/wq7Tn+rv/0tu/CeStJ7Ra6QQ7nnplPW19SR0pc+32I6uCe0K2fUks17KrJcb10u1udZ6BeUkmVget0vLj21oSzOfyCmPV2HVJbXly3E9ZG9MXX6wKTWc+5uVF12nAgC82qXv/9enB+L7/8PphVL+TAOMm2ketiQnbszDxudz5ky4f0kaP338yMJ0nqH/bWFwdHntQO1Cf7rvI8ScLDvPGdt5wnETY7Q7z1k0/74ssx7bVZsvrzTkoanJeU0ltDD/PrmeqeffM7tfPD8+cMOkZg00zFstGW/PQK3+nqbtDZPbWxmNkDc+svNi8fMc/QvC6rH6Whwf2c/RxOOQ/RxNrOeozImz3c/RzHR8xGZPMT7Gmlz8/sbk4xem6N/x49c8Wvb4TeN4V0e3n+33Zzswb9j0lHbg5g1n5f2wrrAv9o95yabx0yfYwT5vGMvjflRanE/8eE55p+YT4+kitmvfFG05EMwnAq9W8fP/8TViNP8fvQD/t8x2Rdeh2avGGC/3c0Ll5u0pyjsmf06vp63X8bW7t3y5u3//CbnXgQ+2+rmfLRPWego+91PUj8sz64X9mDNBU5TvZesp6vfs5zJ6w/y2+v3Onbe9446FN52Z2++ray+kxf3+tQlr8wv6/RDIF5rHP7Tzhfrn5+QLOfE79DmGovmzVywfST/4NFv5yMdyyqebj/RMulHfrzGHXD7SdWDbBQAcOmL+X3//LM3//1/cIL2OKMpbT8ysx3i5eWvO9Ule3vqRdHlFZvve9DcqpnvdfPbx9183b/99x+TmLbe3mof+twlrfYV56Mzy5tw8YnVnPi+em0fU86yZ5Ym57a/niTPL03Pj1/P0meXRuf1Tz6NnNg+QG78+D3Co57kF83WZyuJqq/N1r9o8Ov312dnKo8/NKZ9uHt076UZ9v8bIowEAXlkx/4+XcTH/fySz3UzfZ8/NCzp03Z79eyD1+E8cqLxytvO+2c5bZzuvn+15iUM9L57teaHZnSd7zefFaaXyYgAADmYx/5+brufn/zPLT5rlb10T8hP5edP48vODJD8/1Oe/5P/eFy8m/wcAeHWL+X/8tcf49//+R7qe/bv18vSc+PJ0efpU46flPL3z82zB5wBe2XmAuePbmwcAAOCV0DWWKU3+PftPpsvs79nn/V7++Tnbt6qSXh5ftH3r8PAFl21ZN7R9+ILNl64b3nbB5Vs3bN8+vLm23Uzzxty8Jc0bu0Il7Y/m22XztoXp30NYmPP3ELLbx7BHj92Y/PcQstXOLfg7AuPHr7X25h2/0hTbNxsfecc7L/4ncraP6sf/4k+ffMH6bRds2Lxh+4ahjRt2DE/cbjRr7ZnG92bGbpnW96VmfkxSmv73d3amHaVJ7ehK+yPv+9mTTDsWpS1ZlPf9Bznt/tX/+urnjh/5x10hDB5RfsOM+i9ZNfLfzxv+yPa9v9sy2v7SlO2vb5m2q+j7SrPbx/2pbLx02/aT1l962ebsN0q2J85nlOrrszSfkT79yy3OT6zNKZ/u5xTKk24cnFqenwAAYIL4/n+8no3vH34lvYCK5a3n6TN7/zg3Tx9sLU/Pfi9ZUZ6e3T7ub6t5enWGeXq2/qI8vdn2zfL0vLw7L/7HcrafrtbHycw+55E7Ti5sbZxkv8+gaJxkt5/uOElmOE6y9ReNk2bbNxsnecc9L/5Hc7bP0/p4mNnncnLHw62tjYc3Z9aLxkN2++mOh9IMx0O2/qLx0Gz7ZuMh7/jmxT8nZ/tWTRwfowNjbFwMX3D5pVs/27DdbH//xczbN7vf/9Gu1ts/u5/7mv32z+7nyma//TP7XFlu+5+Y2UxY6+2f3e93adcBm69NP2xW9PmzonncNTnl053HnTPpxsHJPC68cmL+H9/uifn/Temy028DHfrfk+Z7zJrG79D3mBVdx3g9n6Kyg4DXcwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDWdFeWjC33Xr9t/zlHfeBXXxx+6ZoP/2zTtW+66gd/Hrj4fb+8u+f7L+9Zd+z637//sIvv/8yZu2/79kMvzr/3n88UBu4b+1k5MV2thpA8l4RQ/fm+r39pz2NHjpYlIYRy0rczhEXJ4ocWJZkIg38PIayrt3Pinfe8dMr60eW1N3VPKF+YCZLdr9Bbju1pbGcIVxTuEYegajrOduy//KTwh/euue43S3/8o65dz+4c3ySpNoynEBZc2Pj4rhDC3PT/qDjalsQHp8vVIYSehsedUdCu41ps/4qc9aPT5Zx02VsQJ96/LLNeymyXXY+6MsuegvpmKq8d7W5XZF5mPXsymqm8dsbyRenyp+nyxGnGL8f/SSgloVJv/sZkfIyEhuOWhGTsWFbr66X6sQ3p/mfWk8x6KbNe7srs11i96UArJ8nE8rhdpjyejitp+bGN5+omzs0pf326rKZP1JfjesjeqOmddKO+X2Niu/ZN0ZYDodRwDmpWXj/w6cHoTct6k8WTHjPSRLxvz5qbl5fXPry3L6cdyd1JGj9pK/6OXy+a96kf3njZkrz4F5bS+KW24v/xrMefP//G730rN/6tMX65rfgnP9Dz3FmPXL8st3/2xf6ptBV/6JlHb1l6+EW7ctt/e4xfbSv+qt2Pd8/f/8CDue0fjP0zt634T7/zg3+668n7ns2NH2L8nrbir9295cvd/ftPyI3/YOyf3vbGzwu7Tn+qv/8vA3nxn4jx57cV/86dt73jjoU3nZl7fFfH/ulrK/7Zx99/3bz99x2Td+5Mbu/UKyfAa9Nh6TXWDel6u3nmTDXkC98cqNSu+eal/+d3sqKM0XoWzGJ8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABenX579amfPO89H11TSUJIcrYZaSLeV56zatVAG/UOPfPoLUsPv2hXY9mSNuIAAAAAxWIeXqqXVMOScHkyNxzddPs4R3B0XEsmlmfnEGKc7BxBu3FKHYpT7lCcSofidHUozpwOxenuUJxqQZxqaC3O3CniVEZHRYvt6ZmyPa3H6e1QnHkdijO/Q3EWdCjOwg7F6cuPU53OOFw0ZXtaj7O4Q3EO61CcwzsU54gOxXldh+Ic2aE42Tnl6Y7D+emWR+XFGbtRLoxTScr1O5rNpx+Z1nPMDOvpLahnftHrcYv1zG2xnuMyjytNs55qi/W8cYb1JC3W8+YZ1lMqqCeO2yuy7Yv1xLUWx/+VHYqzo0NxrupQnKs7FOfzHYrzhQ7FuWaGcQBaFfP/8XyvL3RX3hV60jNOdhYg5rtLx35Ofr3LOyHFeG/IlM8pipdN1DPxlk63fdkJhEy8ZZnyrgnxKvV8ZIp41cZ4yzN3Fu5vdkIh074Tw8SKu4viZScWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAW/fbqUz953ns+uiYkYfRfUyNNxPvKc1atGmij3j1rbl5eXvvw3say7kobgQAAAIBCMQ/vqpdUQ3dlZehO5kzYrprOA1TT9XJfbdm/IKweXSYDpbH1nmTRlI+rpI9bsX3TlhXbrtzx1g2bhi4ZvmR489tXnrry9MHTTj9txfoNG4cHaz9D6C6IF0IYm37YduWOzw5t3Di8dVutMNv+JenjlqTrSfq4/reFwdHltWn7FxfUV5pU3+zdKD56AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/wa7dhch51X8AP8/M7Mx02/yzf/o2Dc1myEuJWjSJW0m1dB8QLLRJyFKQ2epagk2wuGlCm5RYxzZgWxMUoSUQIrkwEoutxZu+2CL2hUCkRgNuDNIW7YVeKK1W0pILSRnJ7pzZmdmZzDqWpo2fz8U8M+f8zvk9Zy4Wvs8OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfLCmqiMTldGx8cEkhKRLTa2DOJfNp2m5j75ffn779wvDp1c2jxVyfWwEAAAA9BRz+EBjpBgKuWzIhqumPy0NTRNhNvcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/e6aqIxOV0bHxi5MQki41tQ7iXDafpuU++r7xzpOfeXV4+K/NY6U+9gEAAAB6izk80xgphlJYFgaSq1rq4rOBRW3r2+viPovnWdf+7KBb3bJ51l0zz7qP9ajbUL/uCgAAAPDRF/N/rjEyFAq5BV3zf69cH+uWtNVl69d+fisAAAAA/Hdi/i80RkqhkCs18vp88/7Strq4vtf/7eP6FV3W9/p//vr61f/pAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCjY6o6MlEZHRvPJiEkXWpqHcS5bD5Ny330XfPC4N9vOfLQ0uaxQq6PjQAAAICeYg6fjd7FUMgNhoFw8XTuH77p4NNffPrZkRDCTMzP58OuTTt23L1m5jXWrT52ZOB7R9/61py61TOv5+2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA+2aqOjJRGR0bvygJIelSU+sgzmXzaVruo+/rn/vCnx8/+dybzWOlPvYBAAAAeos5fDb7F0Mp5EM+XDH9qTnrn5VpW9/tmQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw4bjnG/d9fdPk5Oa7vfHGG28ab873XyYAAOD9tiQkofYfunLj+b5rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgw2CqOjJRGR0bLyYhJF1qah3EuWw+Tct99E2fP15YcPqFl5rHSn3sAwAAAPQWc/hs9i+GUhgIA+Hy6U+dnglM5/+hD/AmAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA+VqerIRGV0bHxBEkLSpabWQZzL5tO03Effx3Yf+Ozhhd+9uXmskOtjIwAAAKCnmMPzjZFiKOQ+Hgrh6vrnydYFSbZ+7fxcYHbd9pZlg/NeV21Zl533uj1tJ8vVTzOzrhj3G5q5NtaV564rN60rhUb7csu6sK9l1YIe9xkAAADgPIr5v9AYGQqFXKEp5/6kpX5IzgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAupiqjkxURsfGkySEpEtNrYM4l82nabmPvvf95v8v+cpP9+5sHiv1sQ8AAADQW8zhs9m/GEphcfi/sHg694eh1vpY94/KmcOP/vMvK0NYdcWJ4Vz7tj+Mb371+o0vtr+EkGmtzoSwsN4v6dLv17979N7ltTOPh7Dq8uzVc/qFc/dr3TKtPVPZvH7H0RPbe3w5AAAAcIGI+X+gMTIUCrm7uub/mLx75P+G6QC+8N7dP7+s/lpP5G0rMkP1fpku/T6//Mk/rVj7t7fO5v9z9fvUga2HL2tpODPSJklro1t3bjhx3aFMPPVM/2xb//i9fOmbb/5ry65Hzsz0L4ZifXxRrlP/ua8zCrHsorQ2mdk/vu69/dXW/rku53/oty+d/OWive+e7f/OksFG/2vOcf65/UNT/8FbH953/YEjG1r7hxDKnfq//e7N4co/3Plg+/kH2zZu/uabX9skae3Y0lOH1h4s3dDaP2nrH7//n518bN+PH/nOs7F//K3IymXz7Z9p6//Knkt3v/zAxkWt/TNdzv/iba8Obyt/+/ft57+jZddc17uYe/4nrn3q9tc2pfe3TwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxYpqojE5XRsfFMEkLSpabWQZzL5tO03EffN245/vZte3/0g+axUh/7AAAAAL3FHD6b/YuhFPIhHwanc/8zlc3rdxw9sT0Mzcwm9Wtucts9Oz6xZdvOu+44T3cOAAAAzFfM/7nGyFAo5JaHgXr+H926c8OJ6w5lYv7PxPy/5c7JzatCo+6VPZfufvmBjYsazwlCmP5ZQPFs3adn62668fjQqT9+bUXHujWzdceWnjq09mDphlgXmutWh8bziSeufer21zal9zfur7nuk1/dNll/PBH3Hbz14X3XHziyoXGO+nWwvm+sm8zsH1/33v5qrMvWr8X6uQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAuaaqIxOV0bHxkA0h6VJT6yDOZfNpWu6j77rlv3jwktPPLW4eK+T62AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYX9+gmNo+zjAP48u8mbbTZpk/YFo2KaVkWpB4uCiF5UVKQVKXiqFKm29iAKgohSD6bSiqUqXgSrlyIqqFEKCjYWS6uk4r/ixYMKCtWDUIoB7VI8qGT3me1muuPqpArq5wPDk+eZme/8Zp5nZ7MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8oA31jzfbwjvsbt5xzw0eP3nXikZveuXfbRQ+/+t3Epus+3Dv40smZzSu2fHn9sk37714zvfv5Qz8Nv/XL0Z7BD7WaValbCyEejyHU3p195rGZj8+aG4shhGocmQxhNC49NBpzCat/DiFsbtc5f+ebJy7fMtdu2zUwb3xJLiR/X6FezeppGZlfL/8utbTOtjYevCR8fe367Z8uf+P1/qljk6cOibWO9RTC4o2d5/eHEBalbU622sayk1O7LoQw2HHelT3qOv8P1n9pQf/c1P4vtfUeOdn+lbl+JXdcvp/pz7WDPa63UEV1lD2ul6FcP/8yWqiiOrPx0dS+ndpVfzK/mm0xVGLoa5d/Tzy1RkLHvMUQm3NZa/cr7bkN6f5z/ZjrV3L9an/uvprXTQutGuP88ey43Hj2Ou5L4ys639Vd3FowfnZqa+mDejLrh/wfLfXT/mjfV1NW1+zv1PJ3qHS8g7qNtyc+TUY9jdXj0tPO+bWLbN/M+icurG547/BIQR1xb0z5sVT+1k9Gh25/becDY0X5Gyspv1Iq/5u1R364becLzxXmP53lV0vlX3Zg8Pja93esLHw+s9nz6SuVf8fRD55c/v87p7rNdTN/T5ZfK5V/zfSRgeHGgYOF9a/Ons+iUvlfXX3jt698vu9YYX7I8gdL5W+Yvu+pgfHGxYX5B1sfhXpzhZZYPz9OXfHF+Pj3E0X5n2XPf7hLfuyZ//Lk7qteXLJrTeH6XJc9n5FS9d98wf7tQ4195xW9O+OeM/XNCfDftCz9j/V46pf9nblQHb8Xnp3oa30DDaVt+ExeKGfuOov/wnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmMHDkgAAAAABP1/3Y5AAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeCgAA///BDyh5")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='hybla\x00', 0x6)
sendto$inet6(r0, 0x0, 0x218, 0x0, 0x0, 0xfffffe74)
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000080)={0xfffffffffffffffc, 0xfffffffffffffffd, 0x81, 0x0, 0x7, 0x0, 0xfffffffffffffffd, 0x4, 0x10400405})

1.631304943s ago: executing program 1 (id=314):
r0 = socket$inet6(0xa, 0x3, 0x2f)
bind$inet6(r0, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {0x200, 0x0, 0x0, 0xfffd}, 0x0, [0x0, 0x3, 0x403, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, 0x0, 0x40, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, 0x10000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x80000000, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x1000], [0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351e, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8], [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x6, 0x5, 0x0, 0x0, 0x10002, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r1 = openat$apparmor_thread_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
write$apparmor_exec(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='ex\x00'], 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5f, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r5 = dup(r4)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000040)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40})
r6 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ip6_mr_vif\x00')
lseek(r6, 0xfc, 0x0)
preadv(r6, &(0x7f0000003600)=[{&(0x7f00000011c0)=""/163, 0xa3}], 0x1, 0x8000, 0x6)
ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000003c0)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@local, 0x0, 0x0, 0x1000, 0x0, 0x2, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x80, 0x20000000000, 0x7e3e}, {0x0, 0xffffffffffffffff, 0xfffffffffffffffe}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010101, 0x4d2, 0x6c}, 0x2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x66}}, 0xe8)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
sendmsg$nl_xfrm(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="000000001700000129bd7000fedbdf25fe8000000000000000000000000000bb000004d43c000000fe800000000000000000000000000020ff010000000000000000000000000001000000000000000000000000000000004e2300094e20078f000080201d000000", @ANYRES32=r9, @ANYRES32=0x0, @ANYBLOB="64010100000000000000000000000000ff0100000000000000000000000000014e247ad64e210000020060202b000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="070000000000000013000000000000000200000000000000040000000000000053000000000000000180000000000000031f0000000000000000000000000000270400000000000009000000000000000100000000000000fffeffffffffffff050000000000000000000101000000000600000040000000fbffffff29bd700000001e0000000100"], 0xfffffffffffffd45}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, 0x0, 0x0)

1.507458613s ago: executing program 4 (id=315):
setrlimit(0x40000000000008, &(0x7f0000000000)={0x4848, 0xfffffffffffff005})
capset(&(0x7f0000a31000)={0x20080522}, 0x0)
mlock(&(0x7f0000007000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffe000/0x2000)=nil)
mlock(&(0x7f0000007000/0x2000)=nil, 0x2000)

1.259689557s ago: executing program 0 (id=316):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="1c00000014000100000080000000000007000080080002"], 0x1c}], 0x1}, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x60, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [], 0x0, [0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4, 0xc}]}}]}, 0x90}}, 0x0)
setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000040)={r2, 0x1, 0x6, @remote}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
open(&(0x7f0000000080)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r5 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
preadv(r5, &(0x7f0000000180)=[{&(0x7f0000001240)=""/1, 0x1}], 0x1, 0x20, 0x0)

1.182668288s ago: executing program 5 (id=317):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000e400)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xa68d7c519e801be0, 0x0, 0x0, 0x1d45}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x20, 0x0, 0x53d, {0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1, 0x0)
write$RDMA_USER_CM_CMD_BIND_IP(r2, 0x0, 0x0)

415.077569ms ago: executing program 4 (id=318):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r2, 0x100000000)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r3, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_INIT(r3, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_fscache}]}})
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)

136.054268ms ago: executing program 1 (id=319):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000600000000000000008500000007000000c5000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000800efffffff000200000008000300", @ANYRES32=r2, @ANYBLOB="08009f000700000008009f000a00000008002600"], 0x34}}, 0x80)

0s ago: executing program 0 (id=320):
syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
syz_open_dev$loop(&(0x7f0000001580), 0x7, 0x80100)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x5d031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sched_yield()
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r7 = socket(0x200000100000011, 0x2, 0x800)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="40df2114aa6bd84d00a13ce8e4000100", @ANYRES16=r5, @ANYBLOB="01002bbd7000fedbdf250600000006001d0006000000050006007700000008000c00040000000c001600100000000000000006000e0009000000"], 0x40}, 0x1, 0x0, 0x0, 0x8080}, 0xc000)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000000000003800000008000300", @ANYRES32, @ANYBLOB="f2ff570000000000000000000c0058000c000000000000000c0058005e00000000000000"], 0x40}}, 0x240008d0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r8, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xd0383b66f5e5dfea}, 0xc, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00%', @ANYRES16, @ANYBLOB="37082abd7000ffdbdf25380000000c0058006a000000000000000c0058005600000000000000", @ANYBLOB="90529b72e0bc55a3d1d13e33ee02e82db2be610810a1f9dfa32dba6b62157cd4fbe3196a96144f4fc61fd6c378aef8e18f41b2b55163f8425d7ecca250aecc367b0820b7f273c9dfb3896a003990d62899c2ae77c20740b3881b72da8511545fa14a724cbe6f123a07ab58ba3fdd8af2f282f3383c68a4be9a581669e78dc89910234ee47ae4a3e1cbfc55d098a270ef2220b50c2012091199c1066d842f7362a72b59cba005", @ANYRES16=r8], 0x2c}, 0x1, 0x0, 0x0, 0x20000080}, 0x240448c0)
dup3(r4, r2, 0x80000)

kernel console output (not intermixed with test programs):

: command tx timeout
[  226.622763][ T5086] Bluetooth: hci0: command tx timeout
[  226.628444][ T5086] Bluetooth: hci2: command tx timeout
[  226.634277][ T5791] Bluetooth: hci1: command tx timeout
[  227.022800][ T5801] Bluetooth: hci4: command tx timeout
[  227.181601][ T5794] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  227.279207][ T5794] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  227.299308][ T5794] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  227.390404][ T5794] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  227.639475][ T5789] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  227.717087][ T5789] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  227.739807][ T5789] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  227.780767][ T5789] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  227.952710][ T5788] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  228.033385][ T5788] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  228.100032][ T5787] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  228.140742][ T5788] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  228.208423][ T5787] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  228.233757][ T5788] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  228.280812][ T5787] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  228.322297][ T5804] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  228.378840][ T5804] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  228.410167][ T5787] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  228.461051][ T5804] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  228.532544][ T5804] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  228.652719][ T5801] Bluetooth: hci3: command tx timeout
[  228.702985][ T5801] Bluetooth: hci2: command tx timeout
[  228.708692][ T5801] Bluetooth: hci1: command tx timeout
[  228.716808][ T5801] Bluetooth: hci0: command tx timeout
[  228.971349][ T5794] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.103366][ T5086] Bluetooth: hci4: command tx timeout
[  229.166824][ T5794] 8021q: adding VLAN 0 to HW filter on device team0
[  229.271325][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.288494][ T3819] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.296392][ T3819] bridge0: port 1(bridge_slave_0) entered forwarding state
[  229.392287][ T3819] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.400077][ T3819] bridge0: port 2(bridge_slave_1) entered forwarding state
[  229.539999][ T5789] 8021q: adding VLAN 0 to HW filter on device team0
[  229.597735][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.654663][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.662479][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  229.771424][ T5788] 8021q: adding VLAN 0 to HW filter on device team0
[  229.811066][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.818798][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state
[  229.857532][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.043032][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.051767][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.147930][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.179262][ T5787] 8021q: adding VLAN 0 to HW filter on device team0
[  230.194159][ T4525] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.201830][ T4525] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.357885][ T5804] 8021q: adding VLAN 0 to HW filter on device team0
[  230.372613][ T3819] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.380295][ T3819] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.444218][ T5789] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  230.492861][ T3819] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.500539][ T3819] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.740732][ T3819] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.748512][ T3819] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.772166][ T3819] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.780134][ T3819] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.890703][ T5787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  231.057697][ T5804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  232.201269][ T5794] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.506653][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.695517][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.725137][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.872979][ T5794] veth0_vlan: entered promiscuous mode
[  232.994250][ T5794] veth1_vlan: entered promiscuous mode
[  233.046642][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0
[  233.166287][ T5789] veth0_vlan: entered promiscuous mode
[  233.260353][ T5789] veth1_vlan: entered promiscuous mode
[  233.321238][ T5788] veth0_vlan: entered promiscuous mode
[  233.376240][ T5794] veth0_macvtap: entered promiscuous mode
[  233.483524][ T5788] veth1_vlan: entered promiscuous mode
[  233.506548][ T5794] veth1_macvtap: entered promiscuous mode
[  233.621267][ T5789] veth0_macvtap: entered promiscuous mode
[  233.699274][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_0
[  233.722298][ T5789] veth1_macvtap: entered promiscuous mode
[  233.809509][ T5804] veth0_vlan: entered promiscuous mode
[  233.825157][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_1
[  233.920188][ T5794] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.929496][ T5794] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.938917][ T5794] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  233.948057][ T5794] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  233.970834][ T5804] veth1_vlan: entered promiscuous mode
[  233.995445][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.007433][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.022691][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.051038][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.062074][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.077110][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1
[  234.094501][ T5788] veth0_macvtap: entered promiscuous mode
[  234.188848][ T5788] veth1_macvtap: entered promiscuous mode
[  234.201346][ T5789] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.212060][ T5789] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.222614][ T5789] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.231625][ T5789] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.435853][ T5804] veth0_macvtap: entered promiscuous mode
[  234.460829][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.474325][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.485763][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.496556][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.511120][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.547968][ T5804] veth1_macvtap: entered promiscuous mode
[  234.618927][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.633182][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.644304][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.655081][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.665231][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.675991][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.690534][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.720079][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.730967][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.741204][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.751983][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.766744][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1
[  234.954864][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.965649][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.975945][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.986735][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.996881][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.007873][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.022782][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.044899][ T5788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.054299][ T5788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.063542][ T5788] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.072702][ T5788] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.325322][ T5804] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.335646][ T5804] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.347307][ T5804] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.356641][ T5804] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.559754][ T5787] veth0_vlan: entered promiscuous mode
[  235.674373][ T5787] veth1_vlan: entered promiscuous mode
[  236.066727][ T5787] veth0_macvtap: entered promiscuous mode
[  236.158465][ T5787] veth1_macvtap: entered promiscuous mode
[  236.345951][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.358038][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.369646][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.380499][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.390745][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.401574][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.411801][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.422600][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.437365][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.730662][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.741559][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.753395][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.764696][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.774844][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.785721][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.795922][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.806712][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.821328][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1
[  237.099365][ T5787] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  237.110359][ T5787] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  237.120113][ T5787] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  237.129249][ T5787] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.573703][ T3819] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.581690][ T3819] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.872073][ T4066] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.880515][ T4066] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.989591][ T3674] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.998648][ T3674] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.141734][ T4066] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.150251][ T4066] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.808512][ T5794] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  241.940527][ T3819] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.948881][ T3819] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.091950][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.100202][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.206695][ T2971] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.216181][ T2971] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.398276][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.406715][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  243.613678][ T5985] loop3: detected capacity change from 0 to 256
[  243.840111][ T5988] loop0: detected capacity change from 0 to 256
[  243.875537][ T5988] =======================================================
[  243.875537][ T5988] WARNING: The mand mount option has been deprecated and
[  243.875537][ T5988]          and is ignored by this kernel. Remove the mand
[  243.875537][ T5988]          option from the mount to silence this warning.
[  243.875537][ T5988] =======================================================
[  244.143463][ T5996] Zero length message leads to an empty skb
[  244.435269][ T3819] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  244.443635][ T3819] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  244.650169][ T5988] FAT-fs (loop0): Directory bread(block 64) failed
[  244.657518][ T5988] FAT-fs (loop0): Directory bread(block 65) failed
[  244.664647][ T5988] FAT-fs (loop0): Directory bread(block 66) failed
[  244.671434][ T5988] FAT-fs (loop0): Directory bread(block 67) failed
[  244.678532][ T5988] FAT-fs (loop0): Directory bread(block 68) failed
[  244.689159][ T5988] FAT-fs (loop0): Directory bread(block 69) failed
[  244.697481][ T5988] FAT-fs (loop0): Directory bread(block 70) failed
[  244.704485][ T5988] FAT-fs (loop0): Directory bread(block 71) failed
[  244.711405][ T5988] FAT-fs (loop0): Directory bread(block 72) failed
[  244.718427][ T5988] FAT-fs (loop0): Directory bread(block 73) failed
[  244.909967][ T4525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  244.918350][ T4525] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.176656][ T5988] fuse: Bad value for 'user_id'
[  245.181891][ T5988] fuse: Bad value for 'user_id'
[  245.404394][ T6010] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  245.418560][ T6013] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  247.112188][ T6026] loop0: detected capacity change from 0 to 8
[  247.205669][ T6031] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  247.224298][ T6026] SQUASHFS error: zlib decompression failed, data probably corrupt
[  247.233545][ T6026] SQUASHFS error: Failed to read block 0x9b: -5
[  247.239995][ T6026] SQUASHFS error: Unable to read metadata cache entry [99]
[  247.251178][ T6026] SQUASHFS error: Unable to read inode 0x127
[  247.326034][ T6032] loop4: detected capacity change from 0 to 256
[  247.376034][ T6032] exfat: Bad value for 'uid'
[  247.381076][ T6032] exfat: Bad value for 'uid'
[  247.446314][ T6026] capability: warning: `syz.0.18' uses deprecated v2 capabilities in a way that may be insecure
[  248.252788][   T25] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  248.316559][ T6039] process 'syz.3.22' launched '/dev/fd/5' with NULL argv: empty string added
[  248.325724][ T6032] loop4: detected capacity change from 0 to 32768
[  248.389183][ T6032] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  248.399659][ T6032] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  248.452592][   T25] usb 2-1: Using ep0 maxpacket: 8
[  248.500449][   T25] usb 2-1: unable to get BOS descriptor or descriptor too short
[  248.580771][   T25] usb 2-1: config 4 has an invalid interface number: 209 but max is 0
[  248.590469][   T25] usb 2-1: config 4 has no interface number 0
[  248.597292][   T25] usb 2-1: config 4 interface 209 altsetting 64 has a duplicate endpoint with address 0x2, skipping
[  248.608502][   T25] usb 2-1: config 4 interface 209 altsetting 64 has a duplicate endpoint with address 0x2, skipping
[  248.619717][   T25] usb 2-1: config 4 interface 209 altsetting 64 has a duplicate endpoint with address 0x82, skipping
[  248.631040][   T25] usb 2-1: config 4 interface 209 altsetting 64 has a duplicate endpoint with address 0x9, skipping
[  248.642240][   T25] usb 2-1: config 4 interface 209 has no altsetting 0
[  248.856239][ T6032] XFS (loop4): Ending clean mount
[  248.916056][   T25] usb 2-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=93.2c
[  248.925722][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.934298][   T25] usb 2-1: Product: syz
[  248.938687][   T25] usb 2-1: Manufacturer: syz
[  248.943669][   T25] usb 2-1: SerialNumber: syz
[  249.139246][ T6036] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  249.420093][ T6036] loop1: detected capacity change from 0 to 256
[  249.553043][ T5787] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  249.974060][ T6036] syz.1.21: attempt to access beyond end of device
[  249.974060][ T6036] loop1: rw=2049, sector=256, nr_sectors = 12 limit=256
[  250.461551][   T25] ums_eneub6250 2-1:4.209: USB Mass Storage device detected
[  250.713233][   T25] usb 2-1: USB disconnect, device number 2
[  250.754193][ T6016] udevd[6016]: setting mode of /dev/bus/usb/002/002 to 020664 failed: No such file or directory
[  250.817398][ T1732] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  250.829286][ T6016] udevd[6016]: setting owner of /dev/bus/usb/002/002 to uid=0, gid=0 failed: No such file or directory
[  251.053513][ T1732] usb 4-1: Using ep0 maxpacket: 16
[  251.098004][ T6061] loop4: detected capacity change from 0 to 256
[  251.114574][ T1732] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  251.124230][ T1732] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.132590][ T1732] usb 4-1: Product: syz
[  251.139909][ T1732] usb 4-1: Manufacturer: syz
[  251.146049][ T1732] usb 4-1: SerialNumber: syz
[  251.214468][ T6061] FAULT_INJECTION: forcing a failure.
[  251.214468][ T6061] name failslab, interval 1, probability 0, space 0, times 1
[  251.227828][ T6061] CPU: 0 UID: 0 PID: 6061 Comm: syz.4.26 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  251.227957][ T6061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  251.228040][ T6061] Call Trace:
[  251.228091][ T6061]  <TASK>
[  251.228138][ T6061]  dump_stack_lvl+0x216/0x2d0
[  251.228296][ T6061]  dump_stack+0x1e/0x24
[  251.228407][ T6061]  should_fail_ex+0x767/0x830
[  251.228587][ T6061]  should_failslab+0x17f/0x210
[  251.228758][ T6061]  __kmalloc_noprof+0x176/0x1230
[  251.228895][ T6061]  ? kfree+0x20/0xdb0
[  251.229012][ T6061]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  251.229177][ T6061]  ? tomoyo_realpath_from_path+0x104/0xaa0
[  251.229362][ T6061]  ? tomoyo_path_perm+0x10a/0x940
[  251.229514][ T6061]  ? kmsan_get_metadata+0x13e/0x1c0
[  251.229691][ T6061]  tomoyo_realpath_from_path+0x104/0xaa0
[  251.229891][ T6061]  ? __srcu_read_lock+0x76/0xd0
[  251.230030][ T6061]  tomoyo_path_perm+0x235/0x940
[  251.230204][ T6061]  ? stack_depot_save_flags+0x2c/0x750
[  251.230393][ T6061]  tomoyo_path_rmdir+0x99/0xf0
[  251.230529][ T6061]  security_path_rmdir+0x1ed/0x5d0
[  251.230672][ T6061]  do_rmdir+0x46f/0x8b0
[  251.230830][ T6061]  __x64_sys_rmdir+0x76/0xa0
[  251.230979][ T6061]  x64_sys_call+0x2ffc/0x3c30
[  251.231124][ T6061]  do_syscall_64+0xcd/0x1e0
[  251.231276][ T6061]  ? clear_bhb_loop+0x25/0x80
[  251.231437][ T6061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.231610][ T6061] RIP: 0033:0x7f503998d169
[  251.231721][ T6061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.231832][ T6061] RSP: 002b:00007f50377f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  251.232040][ T6061] RAX: ffffffffffffffda RBX: 00007f5039ba5fa0 RCX: 00007f503998d169
[  251.232134][ T6061] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000100
[  251.232215][ T6061] RBP: 00007f50377f6090 R08: 0000000000000000 R09: 0000000000000000
[  251.232295][ T6061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.232368][ T6061] R13: 0000000000000000 R14: 00007f5039ba5fa0 R15: 00007ffc9f2fb5d8
[  251.232466][ T6061]  </TASK>
[  251.454049][ T6061] ERROR: Out of memory at tomoyo_realpath_from_path.
[  251.692821][ T1732] r8152-cfgselector 4-1: Unknown version 0x0000
[  251.699363][ T1732] r8152-cfgselector 4-1: config 0 descriptor??
[  251.938196][ T1732] r8152-cfgselector 4-1: Unknown version 0x0000
[  251.946156][ T1732] r8152-cfgselector 4-1: bad CDC descriptors
[  252.737223][ T6057] loop3: detected capacity change from 0 to 32768
[  252.748744][ T1732] r8152-cfgselector 4-1: USB disconnect, device number 2
[  252.769696][ T6057] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section journal_v2: journal bucket 9 before first bucket 12056
[  252.769696][ T6057] journal_v2 (size 40):
[  252.769696][ T6057] Buckets:  9-16 24-25
[  252.769696][ T6057] 
[  252.771045][ T6067] loop1: detected capacity change from 0 to 256
[  252.798856][ T6057] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal
[  253.358975][ T6067] exfat: Bad value for 'uid'
[  253.364193][ T6067] exfat: Bad value for 'uid'
[  253.677758][ T6069] loop0: detected capacity change from 0 to 32768
[  253.944283][ T6069] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.30 (6069)
[  254.346338][ T6067] loop1: detected capacity change from 0 to 32768
[  254.365173][ T6069] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  254.376018][ T6069] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  254.385863][ T6069] BTRFS info (device loop0): using free-space-tree
[  254.468434][ T6079] loop2: detected capacity change from 0 to 512
[  254.469476][ T6067] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  254.485013][ T6067] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  254.496147][ T6079] EXT4-fs (loop2): invalid journal inode
[  254.836380][ T6090] loop4: detected capacity change from 0 to 1024
[  254.886187][ T6090] EXT4-fs: inline encryption not supported
[  255.315785][ T6079] loop2: detected capacity change from 0 to 32768
[  255.416876][ T6090] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.431782][ T6086] loop3: detected capacity change from 0 to 8192
[  255.451137][ T6079] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  255.523702][ T2971] BTRFS warning (device loop0): checksum verify failed on logical 5267456 mirror 1 wanted 0x22fa3277 found 0x242fe431 level 0
[  255.542909][ T6069] BTRFS warning (device loop0): failed to read fs tree: -5
[  255.688771][ T6069] BTRFS error (device loop0): open_ctree failed: -5
[  255.837604][ T6114] syz.3.34: attempt to access beyond end of device
[  255.837604][ T6114] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  256.020223][ T6114] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  256.029245][ T6114] FAT-fs (loop3): Filesystem has been set read-only
[  256.233295][ T6114] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  256.290152][ T6114] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  256.298551][ T6067] XFS (loop1): Ending clean mount
[  256.324634][ T5787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.380195][ T5789] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  256.517832][ T6079] XFS (loop2): Ending clean mount
[  256.553296][ T6079] XFS (loop2): Quotacheck needed: Please wait.
[  256.626234][ T6079] XFS (loop2): Quotacheck: Done.
[  257.441350][ T6128] loop4: detected capacity change from 0 to 512
[  257.801025][ T6128] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  257.817460][ T6125] loop3: detected capacity change from 0 to 2048
[  257.845266][ T5804] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  257.879938][ T6130] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  257.914303][ T6128] EXT4-fs (loop4): invalid journal inode
[  257.920857][ T6128] EXT4-fs (loop4): can't get journal size
[  257.959998][ T6128] EXT4-fs (loop4): 1 truncate cleaned up
[  257.968152][ T6128] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.974930][ T6125] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.166999][ T6125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.193419][ T6128] EXT4-fs warning (device loop4): verify_group_input:137: Cannot add at group 1869 (only 1 groups)
[  258.969160][ T5787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.525497][ T6137] loop2: detected capacity change from 0 to 40427
[  259.550167][ T6137] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  259.558504][ T6137] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  259.631810][ T6137] F2FS-fs (loop2): invalid crc value
[  259.674237][ T6137] F2FS-fs (loop2): Found nat_bits in checkpoint
[  259.745204][ T6141] netlink: 24 bytes leftover after parsing attributes in process `syz.0.43'.
[  260.011508][ T6137] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  260.019141][ T6137] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  260.433601][ T4008] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  260.553268][ T4008] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  260.744866][ T6139] FAULT_INJECTION: forcing a failure.
[  260.744866][ T6139] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  260.758829][ T6139] CPU: 0 UID: 0 PID: 6139 Comm: syz.1.42 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  260.758957][ T6139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  260.759031][ T6139] Call Trace:
[  260.759077][ T6139]  <TASK>
[  260.759124][ T6139]  dump_stack_lvl+0x216/0x2d0
[  260.759263][ T6139]  dump_stack+0x1e/0x24
[  260.759374][ T6139]  should_fail_ex+0x767/0x830
[  260.759551][ T6139]  should_fail+0x2a/0x40
[  260.759715][ T6139]  should_fail_usercopy+0x2e/0x40
[  260.759889][ T6139]  _copy_to_user+0x34/0x120
[  260.760056][ T6139]  simple_read_from_buffer+0x199/0x340
[  260.760222][ T6139]  proc_fail_nth_read+0x1e5/0x2c0
[  260.760358][ T6139]  vfs_read+0x29f/0xf70
[  260.760489][ T6139]  ? stack_depot_save_flags+0x2c/0x750
[  260.760650][ T6139]  ? kmsan_get_metadata+0x13e/0x1c0
[  260.760820][ T6139]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  260.760977][ T6139]  ? kmsan_get_metadata+0x13e/0x1c0
[  260.761137][ T6139]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  260.761309][ T6139]  ksys_read+0x240/0x4b0
[  260.761441][ T6139]  ? kmsan_get_metadata+0x13e/0x1c0
[  260.761611][ T6139]  __x64_sys_read+0x93/0xe0
[  260.761761][ T6139]  x64_sys_call+0x314c/0x3c30
[  260.761900][ T6139]  do_syscall_64+0xcd/0x1e0
[  260.762050][ T6139]  ? clear_bhb_loop+0x25/0x80
[  260.762210][ T6139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.762372][ T6139] RIP: 0033:0x7fa8a898bb7c
[  260.762461][ T6139] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  260.762565][ T6139] RSP: 002b:00007fa8a9779030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  260.762689][ T6139] RAX: ffffffffffffffda RBX: 00007fa8a8ba5fa0 RCX: 00007fa8a898bb7c
[  260.762782][ T6139] RDX: 000000000000000f RSI: 00007fa8a97790a0 RDI: 0000000000000003
[  260.762861][ T6139] RBP: 00007fa8a9779090 R08: 0000000000000000 R09: 0000000000000000
[  260.762940][ T6139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.763014][ T6139] R13: 0000000000000000 R14: 00007fa8a8ba5fa0 R15: 00007ffece1bd228
[  260.763116][ T6139]  </TASK>
[  261.104631][ T6156] loop0: detected capacity change from 0 to 256
[  261.113460][ T6156] exfat: Deprecated parameter 'utf8'
[  261.119103][ T6156] exfat: Deprecated parameter 'utf8'
[  261.350235][ T6156] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  261.470944][ T6162] netlink: 36 bytes leftover after parsing attributes in process `syz.4.49'.
[  261.484082][ T6162] netlink: 16 bytes leftover after parsing attributes in process `syz.4.49'.
[  261.494710][ T6162] netlink: 36 bytes leftover after parsing attributes in process `syz.4.49'.
[  261.506814][ T6162] netlink: 36 bytes leftover after parsing attributes in process `syz.4.49'.
[  262.421655][ T6169] loop3: detected capacity change from 0 to 2048
[  262.668378][ T6177] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  262.881534][ T6179] fuse: Bad value for 'fd'
[  262.989191][ T6181] loop4: detected capacity change from 0 to 256
[  263.019546][ T6181] exfat: Bad value for 'uid'
[  263.025111][ T6181] exfat: Bad value for 'uid'
[  263.054184][ T6179] loop1: detected capacity change from 0 to 512
[  263.102938][ T6179] EXT4-fs: Ignoring removed nomblk_io_submit option
[  263.153064][ T6179] EXT4-fs: journaled quota format not specified
[  263.494423][ T6187] netlink: 12 bytes leftover after parsing attributes in process `syz.0.57'.
[  263.519124][ T6187] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  263.534753][ T6187] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  263.545813][ T6187] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  263.554954][ T6187] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  263.564193][ T6187] vxlan0: entered promiscuous mode
[  263.930239][ T6181] loop4: detected capacity change from 0 to 32768
[  264.809960][ T6179] loop1: detected capacity change from 0 to 32768
[  264.868961][ T6181] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  264.894747][ T6181] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  265.186818][ T6190] netlink: 36 bytes leftover after parsing attributes in process `syz.2.59'.
[  265.296383][ T6203] loop0: detected capacity change from 0 to 8
[  265.430084][ T6181] XFS (loop4): Ending clean mount
[  265.521648][ T6203] SQUASHFS error: lzo decompression failed, data probably corrupt
[  265.530357][ T6203] SQUASHFS error: Failed to read block 0x28d: -5
[  265.537121][ T6203] SQUASHFS error: Unable to read metadata cache entry [28b]
[  265.544835][ T6203] SQUASHFS error: Unable to read inode 0x11f
[  265.694726][ T5787] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  265.796172][ T6205] FAULT_INJECTION: forcing a failure.
[  265.796172][ T6205] name failslab, interval 1, probability 0, space 0, times 0
[  265.809309][ T6205] CPU: 1 UID: 0 PID: 6205 Comm: syz.3.62 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  265.809439][ T6205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  265.809514][ T6205] Call Trace:
[  265.809562][ T6205]  <TASK>
[  265.809607][ T6205]  dump_stack_lvl+0x216/0x2d0
[  265.809746][ T6205]  dump_stack+0x1e/0x24
[  265.809859][ T6205]  should_fail_ex+0x767/0x830
[  265.810076][ T6205]  should_failslab+0x17f/0x210
[  265.810244][ T6205]  __kmalloc_noprof+0x176/0x1230
[  265.810382][ T6205]  ? kfree+0x20/0xdb0
[  265.810498][ T6205]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  265.810664][ T6205]  ? tomoyo_realpath_from_path+0x104/0xaa0
[  265.810852][ T6205]  ? kmsan_get_metadata+0x13e/0x1c0
[  265.811028][ T6205]  tomoyo_realpath_from_path+0x104/0xaa0
[  265.811230][ T6205]  ? __srcu_read_lock+0x76/0xd0
[  265.811369][ T6205]  tomoyo_path_number_perm+0x1cf/0x7d0
[  265.811533][ T6205]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  265.811697][ T6205]  ? kmsan_get_metadata+0x13e/0x1c0
[  265.811858][ T6205]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  265.812060][ T6205]  tomoyo_file_ioctl+0x3f/0x50
[  265.812196][ T6205]  security_file_ioctl+0x145/0x590
[  265.812355][ T6205]  __se_sys_ioctl+0xd0/0x440
[  265.812496][ T6205]  __x64_sys_ioctl+0x96/0xe0
[  265.812628][ T6205]  x64_sys_call+0x19f0/0x3c30
[  265.812762][ T6205]  do_syscall_64+0xcd/0x1e0
[  265.812907][ T6205]  ? clear_bhb_loop+0x25/0x80
[  265.813097][ T6205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.813252][ T6205] RIP: 0033:0x7ff9b6d8d169
[  265.813344][ T6205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.813447][ T6205] RSP: 002b:00007ff9b6bf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  265.813566][ T6205] RAX: ffffffffffffffda RBX: 00007ff9b6fa5fa0 RCX: 00007ff9b6d8d169
[  265.813658][ T6205] RDX: 0000400000000000 RSI: 000000000000541c RDI: 0000000000000003
[  265.813738][ T6205] RBP: 00007ff9b6bf9090 R08: 0000000000000000 R09: 0000000000000000
[  265.813816][ T6205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.813890][ T6205] R13: 0000000000000000 R14: 00007ff9b6fa5fa0 R15: 00007ffedf7a1938
[  265.813998][ T6205]  </TASK>
[  266.046783][ T6205] ERROR: Out of memory at tomoyo_realpath_from_path.
[  266.485580][ T6210] loop0: detected capacity change from 0 to 64
[  267.892792][ T6223] netlink: 36 bytes leftover after parsing attributes in process `syz.0.69'.
[  268.275918][ T6232] FAULT_INJECTION: forcing a failure.
[  268.275918][ T6232] name failslab, interval 1, probability 0, space 0, times 0
[  268.289501][ T6232] CPU: 1 UID: 0 PID: 6232 Comm: syz.1.71 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  268.289607][ T6232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  268.289669][ T6232] Call Trace:
[  268.289714][ T6232]  <TASK>
[  268.289751][ T6232]  dump_stack_lvl+0x216/0x2d0
[  268.289867][ T6232]  dump_stack+0x1e/0x24
[  268.289958][ T6232]  should_fail_ex+0x767/0x830
[  268.290104][ T6232]  should_failslab+0x17f/0x210
[  268.290242][ T6232]  __kmalloc_node_noprof+0x183/0x1250
[  268.290359][ T6232]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  268.290495][ T6232]  ? kmsan_get_metadata+0x13e/0x1c0
[  268.290622][ T6232]  ? crypto_create_tfm_node+0xb9/0x690
[  268.290746][ T6232]  ? crypto_alg_extsize+0x47/0x90
[  268.290884][ T6232]  crypto_create_tfm_node+0xb9/0x690
[  268.291004][ T6232]  crypto_init_lskcipher_ops_sg+0xa9/0x1f0
[  268.291122][ T6232]  crypto_skcipher_init_tfm+0x1d9/0x380
[  268.291255][ T6232]  ? __pfx_crypto_skcipher_init_tfm+0x10/0x10
[  268.291384][ T6232]  crypto_create_tfm_node+0x216/0x690
[  268.291504][ T6232]  crypto_alloc_tfm_node+0x205/0x620
[  268.291629][ T6232]  crypto_alloc_skcipher+0x4b/0x60
[  268.291753][ T6232]  init_skcipher_req+0x40/0x480
[  268.291865][ T6232]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  268.292008][ T6232]  encrypted_read+0x436/0x1990
[  268.292121][ T6232]  ? kmsan_get_metadata+0x13e/0x1c0
[  268.292263][ T6232]  ? kmsan_get_metadata+0x13e/0x1c0
[  268.292409][ T6232]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  268.292567][ T6232]  ? kmsan_get_metadata+0x13e/0x1c0
[  268.292733][ T6232]  ? __pfx_encrypted_read+0x10/0x10
[  268.292865][ T6232]  ? __pfx_encrypted_read+0x10/0x10
[  268.292996][ T6232]  keyctl_read_key+0x74a/0xc20
[  268.293161][ T6232]  __se_sys_keyctl+0x458/0x1510
[  268.293311][ T6232]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  268.293462][ T6232]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  268.293611][ T6232]  ? fput+0x359/0x400
[  268.293729][ T6232]  ? kmsan_get_metadata+0x13e/0x1c0
[  268.293881][ T6232]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  268.294046][ T6232]  __x64_sys_keyctl+0xe4/0x150
[  268.294207][ T6232]  x64_sys_call+0x1997/0x3c30
[  268.294339][ T6232]  do_syscall_64+0xcd/0x1e0
[  268.294483][ T6232]  ? clear_bhb_loop+0x25/0x80
[  268.294636][ T6232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.294796][ T6232] RIP: 0033:0x7fa8a898d169
[  268.294886][ T6232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.294991][ T6232] RSP: 002b:00007fa8a9779038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  268.295107][ T6232] RAX: ffffffffffffffda RBX: 00007fa8a8ba5fa0 RCX: 00007fa8a898d169
[  268.295195][ T6232] RDX: 0000400000000240 RSI: 0000000037a9dc13 RDI: 000000000000000b
[  268.295273][ T6232] RBP: 00007fa8a9779090 R08: 0000000000000000 R09: 0000000000000000
[  268.295348][ T6232] R10: 00000000349b7f55 R11: 0000000000000246 R12: 0000000000000001
[  268.295422][ T6232] R13: 0000000000000000 R14: 00007fa8a8ba5fa0 R15: 00007ffece1bd228
[  268.295520][ T6232]  </TASK>
[  268.600130][ T6232] trusted_key: encrypted_key: failed to load cbc(aes) transform (-12)
[  269.009262][ T6235] loop0: detected capacity change from 0 to 256
[  269.084641][ T6235] exfat: Bad value for 'uid'
[  269.089529][ T6235] exfat: Bad value for 'uid'
[  269.461472][ T6245] loop4: detected capacity change from 0 to 256
[  269.531032][ T6246] loop1: detected capacity change from 0 to 512
[  269.575570][ T6245] exfat: Deprecated parameter 'utf8'
[  269.641154][ T6246] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  269.654846][ T6246] EXT4-fs (loop1): blocks per group (95) and clusters per group (32768) inconsistent
[  269.834322][ T6245] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  269.949902][ T6235] loop0: detected capacity change from 0 to 32768
[  270.033046][ T6235] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  270.054710][ T6235] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  270.112818][ T6245] netlink: 28 bytes leftover after parsing attributes in process `syz.4.76'.
[  270.408485][ T6235] XFS (loop0): Ending clean mount
[  270.808915][ T5794] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  271.128085][ T6270] FAULT_INJECTION: forcing a failure.
[  271.128085][ T6270] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.142731][ T6270] CPU: 1 UID: 0 PID: 6270 Comm: syz.1.82 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  271.142860][ T6270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  271.142934][ T6270] Call Trace:
[  271.142980][ T6270]  <TASK>
[  271.143025][ T6270]  dump_stack_lvl+0x216/0x2d0
[  271.143162][ T6270]  dump_stack+0x1e/0x24
[  271.143275][ T6270]  should_fail_ex+0x767/0x830
[  271.143458][ T6270]  should_fail+0x2a/0x40
[  271.143639][ T6270]  should_fail_usercopy+0x2e/0x40
[  271.143816][ T6270]  _copy_to_user+0x34/0x120
[  271.143982][ T6270]  simple_read_from_buffer+0x199/0x340
[  271.144145][ T6270]  proc_fail_nth_read+0x1e5/0x2c0
[  271.144282][ T6270]  vfs_read+0x29f/0xf70
[  271.144436][ T6270]  ? stack_depot_save_flags+0x2c/0x750
[  271.144590][ T6270]  ? kmsan_get_metadata+0x13e/0x1c0
[  271.144746][ T6270]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  271.144900][ T6270]  ? kmsan_get_metadata+0x13e/0x1c0
[  271.145056][ T6270]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  271.145221][ T6270]  ksys_read+0x240/0x4b0
[  271.145352][ T6270]  ? kmsan_get_metadata+0x13e/0x1c0
[  271.145522][ T6270]  __x64_sys_read+0x93/0xe0
[  271.145662][ T6270]  x64_sys_call+0x314c/0x3c30
[  271.145796][ T6270]  do_syscall_64+0xcd/0x1e0
[  271.145943][ T6270]  ? clear_bhb_loop+0x25/0x80
[  271.146104][ T6270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.146263][ T6270] RIP: 0033:0x7fa8a898bb7c
[  271.146365][ T6270] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  271.146482][ T6270] RSP: 002b:00007fa8a9779030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  271.146599][ T6270] RAX: ffffffffffffffda RBX: 00007fa8a8ba5fa0 RCX: 00007fa8a898bb7c
[  271.146689][ T6270] RDX: 000000000000000f RSI: 00007fa8a97790a0 RDI: 0000000000000004
[  271.146767][ T6270] RBP: 00007fa8a9779090 R08: 0000000000000000 R09: 0000000000000000
[  271.146846][ T6270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.146919][ T6270] R13: 0000000000000000 R14: 00007fa8a8ba5fa0 R15: 00007ffece1bd228
[  271.147021][ T6270]  </TASK>
[  271.226055][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  271.795221][ T6274] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  271.854337][   T10] usb 3-1: device descriptor read/64, error -71
[  272.123296][   T10] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  272.312875][   T10] usb 3-1: device descriptor read/64, error -71
[  272.381013][ T6276] pim6reg: entered allmulticast mode
[  272.390608][ T6281] netlink: 36 bytes leftover after parsing attributes in process `syz.0.83'.
[  272.431751][   T10] usb usb3-port1: attempt power cycle
[  272.462817][ T1732] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  272.625881][ T1732] usb 2-1: device descriptor read/64, error -71
[  272.772743][ T5846] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  272.872772][ T1732] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  272.873318][   T10] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  272.915632][   T10] usb 3-1: device descriptor read/8, error -71
[  272.979837][ T5846] usb 5-1: config 0 has an invalid interface number: 17 but max is 0
[  272.988647][ T5846] usb 5-1: config 0 has no interface number 0
[  272.995439][ T5846] usb 5-1: config 0 interface 17 has no altsetting 0
[  273.002617][ T5846] usb 5-1: New USB device found, idVendor=0bb4, idProduct=0a21, bcdDevice=e2.be
[  273.011925][ T5846] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.029341][ T5846] usb 5-1: config 0 descriptor??
[  273.054092][ T1732] usb 2-1: device descriptor read/64, error -71
[  273.167547][ T1732] usb usb2-port1: attempt power cycle
[  273.183935][   T10] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  273.224647][   T10] usb 3-1: device descriptor read/8, error -71
[  273.261003][ T5846] usb 5-1: USB disconnect, device number 2
[  273.268756][ T6294] loop0: detected capacity change from 0 to 512
[  273.320134][ T6294] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.90: casefold flag without casefold feature
[  273.344312][ T6294] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.90: couldn't read orphan inode 15 (err -117)
[  273.348151][   T10] usb usb3-port1: unable to enumerate USB device
[  273.377507][ T6294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.522771][ T1732] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  273.548144][ T1732] usb 2-1: device descriptor read/8, error -71
[  273.792943][ T1732] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  273.854274][ T1732] usb 2-1: device descriptor read/8, error -71
[  273.927805][ T6298] syz_tun: entered allmulticast mode
[  273.940557][ T6298] netlink: 'syz.2.91': attribute type 39 has an invalid length.
[  273.987309][ T1732] usb usb2-port1: unable to enumerate USB device
[  273.998050][ T6298] syz_tun (unregistering): left allmulticast mode
[  274.244278][ T5794] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.365456][ T6301] loop3: detected capacity change from 0 to 2048
[  274.419978][ T6301] EXT4-fs: Ignoring removed mblk_io_submit option
[  274.472013][ T6303] loop4: detected capacity change from 0 to 256
[  274.522725][ T6303] exfat: Bad value for 'uid'
[  274.527644][ T6303] exfat: Bad value for 'uid'
[  274.604421][ T6301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.414172][ T6303] loop4: detected capacity change from 0 to 32768
[  275.476513][ T6303] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  275.487968][ T6303] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  275.726960][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.917203][ T6303] XFS (loop4): Ending clean mount
[  276.283996][ T5787] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  276.594795][ T6327] netlink: 36 bytes leftover after parsing attributes in process `syz.1.98'.
[  276.947607][ T6337] loop2: detected capacity change from 0 to 512
[  276.956504][ T6337] EXT4-fs: Ignoring removed orlov option
[  276.991298][ T6337] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  277.087483][ T6337] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.101: bg 0: block 248: padding at end of block bitmap is not set
[  277.123243][ T6337] Quota error (device loop2): write_blk: dquota write failed
[  277.131330][ T6337] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  277.155190][ T6337] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.101: Failed to acquire dquot type 1
[  277.243104][ T6337] EXT4-fs (loop2): 1 truncate cleaned up
[  277.378389][ T6337] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  277.391689][ T6337] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  277.406627][ T6337] EXT4-fs: Ignoring removed orlov option
[  277.413078][ T6337] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  277.432026][ T6337] EXT4-fs error (device loop2): __ext4_remount:6738: comm syz.2.101: Abort forced by user
[  277.462140][ T6337] EXT4-fs (loop2): Remounting filesystem read-only
[  277.469182][ T6337] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  277.542212][ T6337] syz.2.101 (6337) used greatest stack depth: 3824 bytes left
[  277.594005][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.608913][ T6345] loop0: detected capacity change from 0 to 64
[  277.643613][ T6345] hfs: Bad value for 'umask'
[  278.121587][ T6344] loop1: detected capacity change from 0 to 4096
[  278.207206][   T29] audit: type=1326 audit(1741337033.138:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6348 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503998d169 code=0x7ffc0000
[  278.234567][ T6344] ntfs3: Invalid value for umask.
[  278.245028][ T6349] evm: overlay not supported
[  278.366358][   T29] audit: type=1326 audit(1741337033.178:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6348 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f503998d169 code=0x7ffc0000
[  278.392053][   T29] audit: type=1326 audit(1741337033.188:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6348 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503998d169 code=0x7ffc0000
[  278.415617][   T29] audit: type=1326 audit(1741337033.188:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6348 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f503998d169 code=0x7ffc0000
[  278.439449][   T29] audit: type=1326 audit(1741337033.188:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6348 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503998d169 code=0x7ffc0000
[  278.462124][   T29] audit: type=1326 audit(1741337033.238:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6348 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f503998d169 code=0x7ffc0000
[  278.487715][   T29] audit: type=1326 audit(1741337033.238:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6348 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503998d169 code=0x7ffc0000
[  278.511384][   T29] audit: type=1326 audit(1741337033.238:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6348 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f503998d169 code=0x7ffc0000
[  278.635144][ T6349] netlink: 8 bytes leftover after parsing attributes in process `syz.4.100'.
[  278.644873][ T6349] netlink: 16 bytes leftover after parsing attributes in process `syz.4.100'.
[  278.688568][ T6355] loop2: detected capacity change from 0 to 16
[  278.714356][ T6350] lo: entered promiscuous mode
[  278.719392][ T6350] lo: entered allmulticast mode
[  278.723572][ T6355] erofs: Unknown parameter '���`hj}�*�I���?gi~k��oLXR�'
[  278.734917][ T6350] tunl0: entered promiscuous mode
[  278.740189][ T6350] tunl0: entered allmulticast mode
[  278.752527][ T6350] gre0: entered promiscuous mode
[  278.757741][ T6350] gre0: entered allmulticast mode
[  278.876612][ T6350] gretap0: entered promiscuous mode
[  278.882269][ T6350] gretap0: entered allmulticast mode
[  279.046521][ T6350] erspan0: entered promiscuous mode
[  279.052225][ T6350] erspan0: entered allmulticast mode
[  279.067384][ T6350] ip_vti0: entered promiscuous mode
[  279.073065][ T6350] ip_vti0: entered allmulticast mode
[  279.085206][ T6350] ip6_vti0: entered promiscuous mode
[  279.096074][ T6350] ip6_vti0: entered allmulticast mode
[  279.110753][ T6350] sit0: entered promiscuous mode
[  279.116173][ T6350] sit0: entered allmulticast mode
[  279.135513][ T6350] ip6tnl0: entered promiscuous mode
[  279.141004][ T6350] ip6tnl0: entered allmulticast mode
[  279.155527][ T6350] ip6gre0: entered promiscuous mode
[  279.160981][ T6350] ip6gre0: entered allmulticast mode
[  279.309503][ T6350] syz_tun: entered promiscuous mode
[  279.315353][ T6350] syz_tun: entered allmulticast mode
[  279.426381][ T6350] ip6gretap0: entered promiscuous mode
[  279.432197][ T6350] ip6gretap0: entered allmulticast mode
[  279.447790][ T6350] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.457521][ T6350] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.468231][ T6350] bridge0: entered promiscuous mode
[  279.473786][ T6350] bridge0: entered allmulticast mode
[  279.488872][ T6350] vcan0: entered promiscuous mode
[  279.494437][ T6350] vcan0: entered allmulticast mode
[  279.507991][ T6350] bond0: entered promiscuous mode
[  279.513451][ T6350] bond_slave_0: entered promiscuous mode
[  279.520312][ T6350] bond_slave_1: entered promiscuous mode
[  279.527191][ T6350] bond0: entered allmulticast mode
[  279.532690][ T6350] bond_slave_0: entered allmulticast mode
[  279.538627][ T6350] bond_slave_1: entered allmulticast mode
[  279.553988][ T6350] team0: entered promiscuous mode
[  279.559264][ T6350] team_slave_0: entered promiscuous mode
[  279.566171][ T6350] team_slave_1: entered promiscuous mode
[  279.572980][ T6350] team0: entered allmulticast mode
[  279.578327][ T6350] team_slave_0: entered allmulticast mode
[  279.584515][ T6350] team_slave_1: entered allmulticast mode
[  279.599330][ T6350] dummy0: entered promiscuous mode
[  279.609559][ T6350] dummy0: entered allmulticast mode
[  280.045161][ T6350] nlmon0: entered promiscuous mode
[  280.050547][ T6350] nlmon0: entered allmulticast mode
[  280.061970][ T6350] caif0: entered promiscuous mode
[  280.068463][ T6350] caif0: entered allmulticast mode
[  280.075035][ T6350] batadv0: entered promiscuous mode
[  280.080485][ T6350] batadv0: entered allmulticast mode
[  280.095629][ T6350] vxcan0: entered promiscuous mode
[  280.101025][ T6350] vxcan0: entered allmulticast mode
[  280.109548][ T6350] vxcan1: entered promiscuous mode
[  280.122744][ T6350] vxcan1: entered allmulticast mode
[  280.131132][ T6350] veth0: entered promiscuous mode
[  280.136590][ T6350] veth0: entered allmulticast mode
[  280.150939][ T6350] veth1: entered promiscuous mode
[  280.156425][ T6350] veth1: entered allmulticast mode
[  280.170458][ T6350] veth0_to_bridge: entered promiscuous mode
[  280.176836][ T6350] veth0_to_bridge: entered allmulticast mode
[  280.198601][ T6350] veth1_to_bridge: entered promiscuous mode
[  280.205302][ T6350] veth1_to_bridge: entered allmulticast mode
[  280.233991][ T6350] veth0_to_bond: entered promiscuous mode
[  280.240004][ T6350] veth0_to_bond: entered allmulticast mode
[  280.256919][ T6350] veth1_to_bond: entered promiscuous mode
[  280.263082][ T6350] veth1_to_bond: entered allmulticast mode
[  280.281812][ T6350] veth0_to_team: entered promiscuous mode
[  280.287993][ T6350] veth0_to_team: entered allmulticast mode
[  280.309196][ T6350] veth1_to_team: entered promiscuous mode
[  280.315328][ T6350] veth1_to_team: entered allmulticast mode
[  280.343877][ T6350] veth0_to_batadv: entered promiscuous mode
[  280.350054][ T6350] veth0_to_batadv: entered allmulticast mode
[  280.367081][ T6350] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.375025][ T6350] batadv_slave_0: entered promiscuous mode
[  280.381049][ T6350] batadv_slave_0: entered allmulticast mode
[  280.396986][ T6350] veth1_to_batadv: entered promiscuous mode
[  280.403273][ T6350] veth1_to_batadv: entered allmulticast mode
[  280.418826][ T6350] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.434317][ T6350] batadv_slave_1: entered promiscuous mode
[  280.440385][ T6350] batadv_slave_1: entered allmulticast mode
[  280.455749][ T6350] xfrm0: entered promiscuous mode
[  280.461053][ T6350] xfrm0: entered allmulticast mode
[  280.473956][ T6350] veth0_to_hsr: entered promiscuous mode
[  280.479854][ T6350] veth0_to_hsr: entered allmulticast mode
[  280.493339][ T6350] hsr_slave_0: entered allmulticast mode
[  280.504619][ T6350] veth1_to_hsr: entered promiscuous mode
[  280.510588][ T6350] veth1_to_hsr: entered allmulticast mode
[  280.531458][ T6350] hsr_slave_1: entered allmulticast mode
[  280.544811][ T6350] hsr0: entered promiscuous mode
[  280.549974][ T6350] hsr0: entered allmulticast mode
[  280.562803][ T6350] veth1_virt_wifi: entered promiscuous mode
[  280.568950][ T6350] veth1_virt_wifi: entered allmulticast mode
[  280.583676][ T6350] veth0_virt_wifi: entered promiscuous mode
[  280.589833][ T6350] veth0_virt_wifi: entered allmulticast mode
[  280.604866][ T6350] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  280.612551][ T6350] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  280.621263][ T6350] veth1_vlan: entered allmulticast mode
[  280.643407][ T6350] veth0_vlan: entered allmulticast mode
[  280.676455][ T6350] vlan0: entered promiscuous mode
[  280.681765][ T6350] vlan0: entered allmulticast mode
[  280.688156][ T6350] vlan1: entered promiscuous mode
[  280.693569][ T6350] vlan1: entered allmulticast mode
[  280.700933][ T6350] macvlan0: entered promiscuous mode
[  280.706898][ T6350] macvlan0: entered allmulticast mode
[  280.757751][ T6350] macvlan1: entered promiscuous mode
[  280.763676][ T6350] macvlan1: entered allmulticast mode
[  280.782870][ T6350] ipvlan0: entered promiscuous mode
[  280.788337][ T6350] ipvlan0: entered allmulticast mode
[  280.794802][ T6350] ipvlan1: entered promiscuous mode
[  280.800226][ T6350] ipvlan1: entered allmulticast mode
[  280.807217][ T6350] veth1_macvtap: entered allmulticast mode
[  280.822570][ T6350] veth0_macvtap: entered allmulticast mode
[  280.903047][ T6350] macvtap0: entered promiscuous mode
[  280.908788][ T6350] macvtap0: entered allmulticast mode
[  280.923715][ T6350] macsec0: entered promiscuous mode
[  280.929179][ T6350] macsec0: entered allmulticast mode
[  280.959887][ T6350] geneve0: entered promiscuous mode
[  280.968049][ T6350] geneve0: entered allmulticast mode
[  280.985277][ T6350] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  280.995000][ T6350] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.005305][ T6350] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.014665][ T6350] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.027669][ T6350] geneve1: entered promiscuous mode
[  281.033326][ T6350] geneve1: entered allmulticast mode
[  281.057142][ T6350] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  281.065294][ T6350] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  281.122806][ T6350] netdevsim netdevsim4 netdevsim1: entered promiscuous mode
[  281.130621][ T6350] netdevsim netdevsim4 netdevsim1: entered allmulticast mode
[  281.172084][ T6350] netdevsim netdevsim4 netdevsim2: entered promiscuous mode
[  281.180216][ T6350] netdevsim netdevsim4 netdevsim2: entered allmulticast mode
[  281.258313][ T6350] netdevsim netdevsim4 netdevsim3: entered promiscuous mode
[  281.266877][ T6350] netdevsim netdevsim4 netdevsim3: entered allmulticast mode
[  281.318783][ T6350] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[  281.326921][ T6350] mac80211_hwsim hwsim10 wlan0: entered allmulticast mode
[  281.399697][ T6367] loop3: detected capacity change from 0 to 4096
[  281.403745][ T6350] mac80211_hwsim hwsim11 wlan1: entered promiscuous mode
[  281.413910][ T6350] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  281.427139][ T6350] pim6reg: entered promiscuous mode
[  281.531545][ T6369] loop0: detected capacity change from 0 to 256
[  281.575434][ T6369] exfat: Bad value for 'uid'
[  281.580398][ T6369] exfat: Bad value for 'uid'
[  282.446706][ T6369] loop0: detected capacity change from 0 to 32768
[  282.502004][ T6369] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  282.514722][ T6369] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  282.869885][ T6369] XFS (loop0): Ending clean mount
[  283.041180][ T5794] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  283.387572][ T6386] netlink: 36 bytes leftover after parsing attributes in process `syz.4.113'.
[  283.839825][ T6397] FAULT_INJECTION: forcing a failure.
[  283.839825][ T6397] name failslab, interval 1, probability 0, space 0, times 0
[  283.853087][ T6397] CPU: 0 UID: 0 PID: 6397 Comm: syz.1.116 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  283.853211][ T6397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  283.853285][ T6397] Call Trace:
[  283.853331][ T6397]  <TASK>
[  283.853376][ T6397]  dump_stack_lvl+0x216/0x2d0
[  283.853526][ T6397]  dump_stack+0x1e/0x24
[  283.853637][ T6397]  should_fail_ex+0x767/0x830
[  283.853817][ T6397]  should_failslab+0x17f/0x210
[  283.853987][ T6397]  kmem_cache_alloc_noprof+0xee/0xe10
[  283.854130][ T6397]  ? skb_clone+0x303/0x550
[  283.854263][ T6397]  ? kmsan_get_metadata+0x13e/0x1c0
[  283.854437][ T6397]  skb_clone+0x303/0x550
[  283.854570][ T6397]  __netlink_deliver_tap+0x64e/0xdb0
[  283.854736][ T6397]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  283.854893][ T6397]  ? kmsan_get_metadata+0x13e/0x1c0
[  283.855053][ T6397]  netlink_sendskb+0x23f/0x270
[  283.855201][ T6397]  netlink_unicast+0x70c/0x1260
[  283.855360][ T6397]  netlink_ack+0xbc7/0xec0
[  283.855535][ T6397]  netlink_rcv_skb+0x510/0x650
[  283.855699][ T6397]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  283.855875][ T6397]  xfrm_netlink_rcv+0x76/0xb0
[  283.856027][ T6397]  ? __pfx_xfrm_netlink_rcv+0x10/0x10
[  283.856181][ T6397]  netlink_unicast+0xf52/0x1260
[  283.856342][ T6397]  netlink_sendmsg+0x10da/0x11e0
[  283.856523][ T6397]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.856679][ T6397]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.856838][ T6397]  __sock_sendmsg+0x30f/0x380
[  283.856988][ T6397]  ____sys_sendmsg+0x890/0xda0
[  283.857134][ T6397]  ___sys_sendmsg+0x28d/0x3c0
[  283.857269][ T6397]  ? __rcu_read_unlock+0x7b/0xe0
[  283.857447][ T6397]  ? __fget_files+0x42b/0x500
[  283.857613][ T6397]  ? kmsan_get_metadata+0x13e/0x1c0
[  283.857765][ T6397]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  283.857930][ T6397]  __x64_sys_sendmsg+0x212/0x3c0
[  283.858065][ T6397]  ? kmsan_get_metadata+0x13e/0x1c0
[  283.858225][ T6397]  x64_sys_call+0x2ed6/0x3c30
[  283.858356][ T6397]  do_syscall_64+0xcd/0x1e0
[  283.858500][ T6397]  ? clear_bhb_loop+0x25/0x80
[  283.858655][ T6397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.858809][ T6397] RIP: 0033:0x7fa8a898d169
[  283.858900][ T6397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.859006][ T6397] RSP: 002b:00007fa8a9779038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.859121][ T6397] RAX: ffffffffffffffda RBX: 00007fa8a8ba5fa0 RCX: 00007fa8a898d169
[  283.859209][ T6397] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000003
[  283.859284][ T6397] RBP: 00007fa8a9779090 R08: 0000000000000000 R09: 0000000000000000
[  283.859360][ T6397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.859436][ T6397] R13: 0000000000000000 R14: 00007fa8a8ba5fa0 R15: 00007ffece1bd228
[  283.859534][ T6397]  </TASK>
[  284.524636][ T6395] loop0: detected capacity change from 0 to 1024
[  284.588953][ T6395] ext4: Unknown parameter 'dont_appraise'
[  285.111620][ T6403] loop1: detected capacity change from 0 to 512
[  285.157091][ T6403] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13
[  285.169061][ T6403] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279945729 > max in inode 13
[  285.180235][ T6403] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279945730 > max in inode 13
[  285.193111][ T6403] EXT4-fs (loop1): 1 truncate cleaned up
[  285.200620][ T6403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.375271][ T6413] netlink: 16 bytes leftover after parsing attributes in process `syz.3.121'.
[  285.425739][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.826408][ T6415] netlink: 260 bytes leftover after parsing attributes in process `syz.1.123'.
[  285.839398][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  285.846714][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  286.032753][ T6417] loop3: detected capacity change from 0 to 256
[  286.105497][ T6417] exfat: Bad value for 'uid'
[  286.110479][ T6417] exfat: Bad value for 'uid'
[  286.941589][ T6417] loop3: detected capacity change from 0 to 32768
[  287.006256][ T6417] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  287.025251][ T6427] loop2: detected capacity change from 0 to 512
[  287.033013][ T6417] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  287.093707][ T6427] EXT4-fs: Ignoring removed i_version option
[  287.134371][ T6427] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  287.231423][ T6417] XFS (loop3): Ending clean mount
[  287.297782][ T6427] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  287.304955][ T6437] netlink: 36 bytes leftover after parsing attributes in process `syz.0.129'.
[  287.397467][ T6427] EXT4-fs (loop2): 1 truncate cleaned up
[  287.405155][ T6427] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.427898][ T6427] EXT4-fs warning (device loop2): ext4_group_add:1736: No reserved GDT blocks, can't resize
[  287.636902][ T5788] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  288.057324][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.725640][   T10] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  288.923119][   T10] usb 3-1: Using ep0 maxpacket: 32
[  288.968192][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  288.979536][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  288.989771][   T10] usb 3-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  288.999256][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.117096][   T10] usb 3-1: config 0 descriptor??
[  289.456395][ T6458] loop4: detected capacity change from 0 to 2048
[  289.530019][ T6454] loop2: detected capacity change from 0 to 2048
[  289.619533][ T6458] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  289.622728][ T6459] loop0: detected capacity change from 0 to 4096
[  289.737345][ T6454] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  289.749861][ T6454] UDF-fs: Scanning with blocksize 512 failed
[  289.779155][ T6459] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  289.794766][ T6461] loop3: detected capacity change from 0 to 64
[  289.852028][ T6454] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  289.890161][ T6461] No control pipe specified
[  290.710259][   T10] magicmouse 0003:05AC:0269.0001: unbalanced collection at end of report description
[  290.809853][   T10] magicmouse 0003:05AC:0269.0001: magicmouse hid parse failed
[  290.818397][   T10] magicmouse 0003:05AC:0269.0001: probe with driver magicmouse failed with error -22
[  290.876067][ T6454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.886268][ T6454] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.049204][ T1732] usb 3-1: USB disconnect, device number 6
[  291.578777][ T6480] random: crng reseeded on system resumption
[  291.670391][ T6479] loop0: detected capacity change from 0 to 256
[  291.752043][ T6479] exfat: Bad value for 'uid'
[  291.757234][ T6479] exfat: Bad value for 'uid'
[  291.808692][ T6480] netlink: 64 bytes leftover after parsing attributes in process `syz.4.142'.
[  292.077029][ T6475] netlink: 36 bytes leftover after parsing attributes in process `syz.3.141'.
[  292.609931][ T6479] loop0: detected capacity change from 0 to 32768
[  292.668446][ T6479] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  292.687009][ T6479] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  292.741007][ T6487] loop2: detected capacity change from 0 to 256
[  292.859929][ T6487] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  293.046874][ T6479] XFS (loop0): Ending clean mount
[  293.140105][ T6497] loop4: detected capacity change from 0 to 256
[  293.166447][ T6499] capability: warning: `syz.3.146' uses 32-bit capabilities (legacy support in use)
[  293.187673][ T6497] exfat: Bad value for 'uid'
[  293.187819][ T6499] FAULT_INJECTION: forcing a failure.
[  293.187819][ T6499] name failslab, interval 1, probability 0, space 0, times 0
[  293.192821][ T6497] exfat: Bad value for 'uid'
[  293.212236][ T6499] CPU: 1 UID: 0 PID: 6499 Comm: syz.3.146 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  293.212375][ T6499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  293.212446][ T6499] Call Trace:
[  293.212491][ T6499]  <TASK>
[  293.212536][ T6499]  dump_stack_lvl+0x216/0x2d0
[  293.212669][ T6499]  dump_stack+0x1e/0x24
[  293.212774][ T6499]  should_fail_ex+0x767/0x830
[  293.212947][ T6499]  should_failslab+0x17f/0x210
[  293.213114][ T6499]  kmem_cache_alloc_node_noprof+0xf4/0xe00
[  293.213258][ T6499]  ? __alloc_skb+0x1e9/0x7b0
[  293.213435][ T6499]  ? kmsan_get_metadata+0x13e/0x1c0
[  293.213605][ T6499]  __alloc_skb+0x1e9/0x7b0
[  293.213779][ T6499]  sock_omalloc+0x10d/0x250
[  293.213915][ T6499]  msg_zerocopy_realloc+0xd8/0x990
[  293.214048][ T6499]  ? kmsan_get_metadata+0x13e/0x1c0
[  293.214207][ T6499]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  293.214378][ T6499]  __ip6_append_data+0x1608/0x6cb0
[  293.214547][ T6499]  ? filter_irq_stacks+0x164/0x1a0
[  293.214705][ T6499]  ? stack_depot_save_flags+0x2c/0x750
[  293.214861][ T6499]  ? kmsan_get_metadata+0x13e/0x1c0
[  293.215021][ T6499]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  293.215231][ T6499]  ? kmsan_get_metadata+0x13e/0x1c0
[  293.215407][ T6499]  ip6_append_data+0x3a1/0x530
[  293.215566][ T6499]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  293.215749][ T6499]  udpv6_sendmsg+0xf90/0x4050
[  293.215879][ T6499]  ? udp_lib_get_port+0x27b7/0x2aa0
[  293.216047][ T6499]  ? kmsan_get_metadata+0x13e/0x1c0
[  293.216209][ T6499]  ? __rcu_read_unlock+0x7b/0xe0
[  293.216380][ T6499]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  293.216578][ T6499]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  293.216704][ T6499]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  293.216832][ T6499]  inet6_sendmsg+0x1fc/0x280
[  293.216966][ T6499]  ? __pfx_inet6_sendmsg+0x10/0x10
[  293.217098][ T6499]  __sock_sendmsg+0x143/0x380
[  293.217251][ T6499]  __sys_sendto+0x594/0x750
[  293.217421][ T6499]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  293.217575][ T6499]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  293.217743][ T6499]  __x64_sys_sendto+0x125/0x1d0
[  293.217921][ T6499]  x64_sys_call+0x346a/0x3c30
[  293.218054][ T6499]  do_syscall_64+0xcd/0x1e0
[  293.218196][ T6499]  ? clear_bhb_loop+0x25/0x80
[  293.218358][ T6499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.218516][ T6499] RIP: 0033:0x7ff9b6d8d169
[  293.218607][ T6499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.218712][ T6499] RSP: 002b:00007ff9b6bf9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  293.218827][ T6499] RAX: ffffffffffffffda RBX: 00007ff9b6fa5fa0 RCX: 00007ff9b6d8d169
[  293.218916][ T6499] RDX: 00000000000005c4 RSI: 0000000000000000 RDI: 0000000000000003
[  293.218988][ T6499] RBP: 00007ff9b6bf9090 R08: 0000400000000540 R09: 000000000000001c
[  293.219068][ T6499] R10: 000000000404c844 R11: 0000000000000246 R12: 0000000000000001
[  293.219142][ T6499] R13: 0000000000000000 R14: 00007ff9b6fa5fa0 R15: 00007ffedf7a1938
[  293.219240][ T6499]  </TASK>
[  293.229047][ T5794] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  294.183536][ T6500] loop4: detected capacity change from 0 to 32768
[  294.273756][ T4066] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.295179][ T6500] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  294.308723][ T6500] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  294.514527][ T4066] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.522184][ T6500] XFS (loop4): Ending clean mount
[  294.641154][ T4066] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.846687][ T4066] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.178895][ T4066] bridge_slave_1: left allmulticast mode
[  295.185161][ T4066] bridge_slave_1: left promiscuous mode
[  295.191826][ T4066] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.282304][ T4066] bridge_slave_0: left allmulticast mode
[  295.289209][ T4066] bridge_slave_0: left promiscuous mode
[  295.296088][ T4066] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.348768][ T5787] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  296.069169][ T4066] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  296.119988][ T4066] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  296.169322][ T4066] bond0 (unregistering): Released all slaves
[  296.924872][ T4066] hsr_slave_0: left promiscuous mode
[  296.933091][ T4066] hsr_slave_1: left promiscuous mode
[  296.940871][ T4066] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  296.951346][ T4066] batman_adv: batadv0: Removing interface: batadv_slave_0
[  296.995573][ T4066] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.003409][ T4066] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.067050][ T4066] veth1_macvtap: left promiscuous mode
[  297.073267][ T4066] veth0_macvtap: left promiscuous mode
[  297.079261][ T4066] veth1_vlan: left promiscuous mode
[  297.085151][ T4066] veth0_vlan: left promiscuous mode
[  297.770761][ T6527] netlink: 24 bytes leftover after parsing attributes in process `syz.0.153'.
[  297.926280][ T4066] team0 (unregistering): Port device team_slave_1 removed
[  298.138916][ T4066] team0 (unregistering): Port device team_slave_0 removed
[  298.167887][    C1] hrtimer: interrupt took 349635 ns
[  298.654160][ T6535] netlink: 36 bytes leftover after parsing attributes in process `syz.4.156'.
[  298.731972][ T5801] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  298.743463][ T5801] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  298.756568][ T5801] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  298.770920][ T5801] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  298.783550][ T5801] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  298.793495][ T5801] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  299.419718][ T6546] loop3: detected capacity change from 0 to 256
[  299.511012][ T6546] exfat: Bad value for 'uid'
[  299.516092][ T6546] exfat: Bad value for 'uid'
[  300.464968][ T6546] loop3: detected capacity change from 0 to 32768
[  300.619250][ T6546] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  300.629987][ T6546] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  300.873302][ T5801] Bluetooth: hci4: command tx timeout
[  301.160389][ T6538] chnl_net:caif_netlink_parms(): no params data found
[  301.236845][ T6546] XFS (loop3): Ending clean mount
[  301.486450][ T5788] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  301.504789][ T6573] loop1: detected capacity change from 0 to 1024
[  301.542939][ T6573] ext4: Unknown parameter 'dont_appraise'
[  302.449126][ T6580] netlink: 24 bytes leftover after parsing attributes in process `syz.1.166'.
[  302.958925][ T5801] Bluetooth: hci4: command tx timeout
[  302.993727][ T6538] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.001538][ T6538] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.009743][ T6538] bridge_slave_0: entered allmulticast mode
[  303.019027][ T6538] bridge_slave_0: entered promiscuous mode
[  303.156629][ T6538] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.164473][ T6538] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.172236][ T6538] bridge_slave_1: entered allmulticast mode
[  303.181550][ T6538] bridge_slave_1: entered promiscuous mode
[  303.466511][ T6538] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.502176][ T6538] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.759747][ T6538] team0: Port device team_slave_0 added
[  303.818885][ T6538] team0: Port device team_slave_1 added
[  304.124001][ T6538] batman_adv: batadv0: Adding interface: batadv_slave_0
[  304.131293][ T6538] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.158480][ T6538] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  304.418454][ T6538] batman_adv: batadv0: Adding interface: batadv_slave_1
[  304.426028][ T6538] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.452584][ T6538] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  304.732693][   T10] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  304.922817][   T10] usb 2-1: Using ep0 maxpacket: 32
[  304.937267][ T6538] hsr_slave_0: entered promiscuous mode
[  304.947268][ T6538] hsr_slave_1: entered promiscuous mode
[  304.955959][ T6538] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  304.964337][ T6538] Cannot create hsr debugfs directory
[  305.003003][   T10] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  305.014506][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.033072][ T5801] Bluetooth: hci4: command tx timeout
[  305.049945][ T6603] netlink: 36 bytes leftover after parsing attributes in process `syz.4.169'.
[  305.088313][   T10] usb 2-1: config 0 descriptor??
[  305.121813][   T10] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  305.929461][   T10] gspca_vc032x: reg_w err -71
[  305.935663][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.941289][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.947025][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.952704][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.958179][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.964155][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.969721][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.975350][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.980807][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.986451][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.991913][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  305.997589][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  306.003233][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  306.008719][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  306.014350][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  306.024606][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  306.031530][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  306.037150][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  306.042707][   T10] gspca_vc032x: Unknown sensor...
[  306.048166][   T10] vc032x 2-1:0.0: probe with driver vc032x failed with error -22
[  306.343606][   T10] usb 2-1: USB disconnect, device number 7
[  306.409730][ T6617] netlink: 24 bytes leftover after parsing attributes in process `syz.4.176'.
[  306.426275][ T6538] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  306.443828][ T6618] loop0: detected capacity change from 0 to 256
[  306.476438][ T6618] exfat: Bad value for 'uid'
[  306.481300][ T6618] exfat: Bad value for 'uid'
[  306.601003][ T6538] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  306.659424][ T6621] loop3: detected capacity change from 0 to 512
[  307.104629][ T5801] Bluetooth: hci4: command tx timeout
[  307.395733][ T6618] loop0: detected capacity change from 0 to 32768
[  307.415496][ T6538] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  307.516257][ T6618] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  307.528479][ T6618] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  307.628690][ T6538] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  307.664830][ T6621] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.678181][ T6621] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.887585][ T6627] loop1: detected capacity change from 0 to 32768
[  307.896892][ T6627] btrfs: Deprecated parameter 'usebackuproot'
[  307.903415][ T6627] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  307.920194][ T6627] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.177 (6627)
[  307.924003][ T6618] XFS (loop0): Ending clean mount
[  307.960496][ T6627] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  307.973242][ T6627] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm
[  307.984314][ T6627] BTRFS error (device loop1): superblock checksum mismatch
[  307.994855][ T6627] BTRFS error (device loop1): open_ctree failed: -22
[  308.287958][ T5794] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  308.631753][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.507781][ T6538] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.764896][ T6538] 8021q: adding VLAN 0 to HW filter on device team0
[  309.851949][ T4525] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.859737][ T4525] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.011771][ T4525] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.019526][ T4525] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.090918][ T6656] loop4: detected capacity change from 0 to 128
[  310.352772][ T6656] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  310.403468][ T6656] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  310.482014][ T6661] netlink: 4 bytes leftover after parsing attributes in process `syz.1.185'.
[  310.868838][ T6656] fscrypt: Error allocating hmac(sha512): -2
[  311.225706][   T25] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  311.259012][ T5787] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  311.440787][   T25] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  311.454892][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  311.466940][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  311.627527][   T25] usb 4-1: New USB device found, idVendor=077d, idProduct=0410, bcdDevice=ec.c1
[  311.638089][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.646562][   T25] usb 4-1: Product: syz
[  311.650943][   T25] usb 4-1: Manufacturer: syz
[  311.657447][   T25] usb 4-1: SerialNumber: syz
[  311.800425][   T25] usb 4-1: config 0 descriptor??
[  311.809079][ T6674] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  311.892990][ T6683] loop4: detected capacity change from 0 to 512
[  311.975192][ T6683] EXT4-fs: Ignoring removed i_version option
[  311.981575][ T6683] EXT4-fs: Ignoring removed mblk_io_submit option
[  312.072835][ T6683] EXT4-fs error (device loop4): ext4_orphan_get:1389: comm syz.4.187: inode #13: comm syz.4.187: iget: illegal inode #
[  312.102050][ T6683] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.187: couldn't read orphan inode 13 (err -117)
[  312.184708][ T6683] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.256812][   T25] powermate: Expected payload of 3--6 bytes, found 64 bytes!
[  312.269113][   T25] input: Griffin PowerMate as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input5
[  312.478173][ T6538] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.480484][    C1] powermate: config urb returned -71
[  312.491647][    C1] powermate: config urb returned -71
[  312.497672][    C1] powermate: config urb returned -71
[  312.503767][    C1] powermate: config urb returned -71
[  312.539128][    C1] powermate 4-1:0.0: powermate_irq - usb_submit_urb failed with result: -19
[  312.548335][   T25] usb 4-1: USB disconnect, device number 3
[  312.701303][ T5787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.788144][ T6691] loop1: detected capacity change from 0 to 256
[  312.858337][ T6691] exfat: Bad value for 'uid'
[  312.864609][ T6691] exfat: Bad value for 'uid'
[  313.733120][ T6691] loop1: detected capacity change from 0 to 32768
[  313.846743][ T6691] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  313.857488][ T6691] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  314.271801][ T6691] XFS (loop1): Ending clean mount
[  314.389490][ T6695] loop4: detected capacity change from 0 to 4096
[  314.551016][ T5789] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  315.487331][   T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  315.725187][   T25] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  315.733932][   T25] usb 5-1: config 0 has no interface number 0
[  315.740475][   T25] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  315.756442][   T25] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  315.770160][   T25] usb 5-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  315.779623][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.918888][ T6538] veth0_vlan: entered promiscuous mode
[  315.948152][   T25] usb 5-1: config 0 descriptor??
[  316.070180][ T6538] veth1_vlan: entered promiscuous mode
[  316.180166][ T6721] loop3: detected capacity change from 0 to 8
[  316.473147][   T25] prodikeys 0003:041E:2801.0002: unknown global tag 0xd
[  316.480400][   T25] prodikeys 0003:041E:2801.0002: item 0 1 1 13 parsing failed
[  316.480661][ T6538] veth0_macvtap: entered promiscuous mode
[  316.571147][   T25] prodikeys 0003:041E:2801.0002: hid parse failed
[  316.579947][   T25] prodikeys 0003:041E:2801.0002: probe with driver prodikeys failed with error -22
[  316.609925][ T6538] veth1_macvtap: entered promiscuous mode
[  316.745160][   T25] usb 5-1: USB disconnect, device number 3
[  316.888941][ T6538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.900529][ T6538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.910758][ T6538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.921774][ T6538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.931934][ T6538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.942727][ T6538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.957722][ T6538] batman_adv: batadv0: Interface activated: batadv_slave_0
[  317.743190][ T6737] FAULT_INJECTION: forcing a failure.
[  317.743190][ T6737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.756881][ T6737] CPU: 1 UID: 0 PID: 6737 Comm: syz.0.200 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  317.757012][ T6737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  317.757091][ T6737] Call Trace:
[  317.757139][ T6737]  <TASK>
[  317.757185][ T6737]  dump_stack_lvl+0x216/0x2d0
[  317.757324][ T6737]  dump_stack+0x1e/0x24
[  317.757437][ T6737]  should_fail_ex+0x767/0x830
[  317.757619][ T6737]  should_fail+0x2a/0x40
[  317.757773][ T6737]  should_fail_usercopy+0x2e/0x40
[  317.757948][ T6737]  _copy_from_user+0x35/0x110
[  317.758124][ T6737]  memdup_user+0xc1/0x1b0
[  317.758281][ T6737]  udmabuf_ioctl+0x3e1/0x560
[  317.758459][ T6737]  ? kmsan_get_metadata+0x13e/0x1c0
[  317.758631][ T6737]  ? __pfx_udmabuf_ioctl+0x10/0x10
[  317.758805][ T6737]  __se_sys_ioctl+0x246/0x440
[  317.758954][ T6737]  __x64_sys_ioctl+0x96/0xe0
[  317.759104][ T6737]  x64_sys_call+0x19f0/0x3c30
[  317.759243][ T6737]  do_syscall_64+0xcd/0x1e0
[  317.759394][ T6737]  ? clear_bhb_loop+0x25/0x80
[  317.759556][ T6737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.759719][ T6737] RIP: 0033:0x7ff8dfd8d169
[  317.759832][ T6737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.759944][ T6737] RSP: 002b:00007ff8e0b67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  317.760066][ T6737] RAX: ffffffffffffffda RBX: 00007ff8dffa5fa0 RCX: 00007ff8dfd8d169
[  317.760164][ T6737] RDX: 00004000000005c0 RSI: 0000000040087543 RDI: 0000000000000003
[  317.760247][ T6737] RBP: 00007ff8e0b67090 R08: 0000000000000000 R09: 0000000000000000
[  317.760327][ T6737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.760402][ T6737] R13: 0000000000000000 R14: 00007ff8dffa5fa0 R15: 00007ffc1fa16858
[  317.760506][ T6737]  </TASK>
[  317.764548][ T6732] loop3: detected capacity change from 0 to 32768
[  317.998570][ T6538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.013193][ T6538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.025300][ T6538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.036092][ T6538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.046254][ T6538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.057491][ T6538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.072161][ T6538] batman_adv: batadv0: Interface activated: batadv_slave_1
[  318.118619][ T6732] (syz.3.199,6732,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  318.137433][ T6732] (syz.3.199,6732,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  318.339545][ T6538] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.348872][ T6538] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  318.358127][ T6538] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  318.367269][ T6538] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  318.470476][ T6732] JBD2: Ignoring recovery information on journal
[  318.571334][ T6732] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  319.311381][ T6754] loop1: detected capacity change from 0 to 256
[  319.381038][ T6754] exfat: Bad value for 'uid'
[  319.387342][ T6754] exfat: Bad value for 'uid'
[  320.246287][ T6754] loop1: detected capacity change from 0 to 32768
[  320.349172][ T6754] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  320.368644][ T6754] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  320.538966][ T6754] XFS (loop1): Ending clean mount
[  320.874841][ T5789] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  320.975183][ T5788] ocfs2: Unmounting device (7,3) on (node local)
[  322.083315][   T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  322.119110][ T6781] x_tables: ip6_tables: LED.0 target: invalid size 40 (kernel) != (user) 0
[  322.353552][   T25] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  322.363066][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.371320][   T25] usb 5-1: Product: syz
[  322.375898][   T25] usb 5-1: Manufacturer: syz
[  322.380721][   T25] usb 5-1: SerialNumber: syz
[  322.477685][   T25] usb 5-1: config 0 descriptor??
[  322.795525][   T25] usb-storage 5-1:0.0: USB Mass Storage device detected
[  322.964388][ T6788] fuse: Bad value for 'user_id'
[  322.969510][ T6788] fuse: Bad value for 'user_id'
[  322.973200][   T25] usb 5-1: USB disconnect, device number 4
[  323.000747][ T6788] netlink: 36 bytes leftover after parsing attributes in process `syz.0.211'.
[  323.014563][ T6789] netlink: 36 bytes leftover after parsing attributes in process `syz.0.211'.
[  323.160594][ T6796] loop1: detected capacity change from 0 to 8
[  324.054209][ T6809] netlink: 8 bytes leftover after parsing attributes in process `syz.1.214'.
[  324.122921][ T6812] loop4: detected capacity change from 0 to 128
[  324.880905][ T6821] loop1: detected capacity change from 0 to 256
[  325.015675][ T6821] exfat: Bad value for 'uid'
[  325.020550][ T6821] exfat: Bad value for 'uid'
[  325.339678][ T6829] x_tables: ip6_tables: LED.0 target: invalid size 40 (kernel) != (user) 0
[  325.922292][ T6821] loop1: detected capacity change from 0 to 32768
[  326.031040][ T6821] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  326.041075][ T6821] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  326.123688][ T6846] loop3: detected capacity change from 0 to 1024
[  326.134505][ T6846] EXT4-fs: Ignoring removed bh option
[  326.207879][ T6848] loop4: detected capacity change from 0 to 8
[  326.330685][ T6821] XFS (loop1): Ending clean mount
[  326.345782][ T6846] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  326.567316][ T6846] /dev/loop3: Can't open blockdev
[  326.920913][ T2971] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.929429][ T2971] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.989943][ T6858] loop4: detected capacity change from 0 to 512
[  326.990079][ T6856] Invalid ELF header magic: != ELF
[  327.054795][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  327.057370][ T6858] EXT4-fs: Ignoring removed nomblk_io_submit option
[  327.072035][ T6858] ext4: Unknown parameter 'rootcontext'
[  327.092258][ T6856] netlink: 288 bytes leftover after parsing attributes in process `syz.0.224'.
[  327.147493][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.155738][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.203691][ T5789] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  327.359645][ T6858] 9pnet_fd: Insufficient options for proto=fd
[  327.839038][ T6868] netlink: 260 bytes leftover after parsing attributes in process `syz.1.227'.
[  327.912598][ T6867] netlink: 8 bytes leftover after parsing attributes in process `syz.3.226'.
[  328.083230][ T1732] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  328.405344][ T1732] usb 5-1: New USB device found, idVendor=08fd, idProduct=0002, bcdDevice=ca.fd
[  328.415052][ T1732] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.423497][ T1732] usb 5-1: Product: syz
[  328.427893][ T1732] usb 5-1: Manufacturer: syz
[  328.432942][ T1732] usb 5-1: SerialNumber: syz
[  328.580420][ T1732] usb 5-1: config 0 descriptor??
[  328.919165][   T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  329.210236][   T25] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  329.220098][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.228745][   T25] usb 2-1: Product: syz
[  329.233487][   T25] usb 2-1: Manufacturer: syz
[  329.238583][   T25] usb 2-1: SerialNumber: syz
[  329.297423][ T5849] kernel write not supported for file /132/net/rt6_stats (pid: 5849 comm: kworker/1:3)
[  329.484662][   T25] usb 2-1: config 0 descriptor??
[  329.541739][   T29] kauditd_printk_skb: 38 callbacks suppressed
[  329.541891][   T29] audit: type=1326 audit(1741337084.478:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  329.754010][   T29] audit: type=1326 audit(1741337084.528:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  329.779969][   T29] audit: type=1326 audit(1741337084.538:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  329.803679][   T29] audit: type=1326 audit(1741337084.548:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  329.826614][   T29] audit: type=1326 audit(1741337084.548:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  329.849740][   T29] audit: type=1326 audit(1741337084.558:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  329.873499][   T29] audit: type=1326 audit(1741337084.568:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  329.898300][   T29] audit: type=1326 audit(1741337084.568:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  329.921890][   T29] audit: type=1326 audit(1741337084.578:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  329.944640][   T29] audit: type=1326 audit(1741337084.578:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff9b6d8d169 code=0x7ffc0000
[  331.368833][   T25] usb 2-1: Firmware version (0.0) predates our first public release.
[  331.377586][   T25] usb 2-1: Please update to version 0.2 or newer
[  331.398066][ T6897] loop0: detected capacity change from 0 to 32768
[  331.463847][ T6897] (syz.0.232,6897,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  331.479951][ T6897] (syz.0.232,6897,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  331.505874][ T5801] Bluetooth: hci5: urb ffff88804d17ca80 submission failed (2)
[  331.528427][   T25] usb 2-1: USB disconnect, device number 8
[  331.535312][ T1732] usb 5-1: USB disconnect, device number 5
[  331.677998][ T6897] JBD2: Ignoring recovery information on journal
[  331.954045][ T6897] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  332.112667][ T6897] netlink: 512 bytes leftover after parsing attributes in process `syz.0.232'.
[  332.403403][ T6914] loop1: detected capacity change from 0 to 128
[  332.575801][ T6917] FAULT_INJECTION: forcing a failure.
[  332.575801][ T6917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.589574][ T6917] CPU: 0 UID: 0 PID: 6917 Comm: syz.4.237 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  332.589704][ T6917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  332.589779][ T6917] Call Trace:
[  332.589826][ T6917]  <TASK>
[  332.589871][ T6917]  dump_stack_lvl+0x216/0x2d0
[  332.590012][ T6917]  dump_stack+0x1e/0x24
[  332.590124][ T6917]  should_fail_ex+0x767/0x830
[  332.590305][ T6917]  should_fail+0x2a/0x40
[  332.590459][ T6917]  should_fail_usercopy+0x2e/0x40
[  332.590637][ T6917]  _copy_from_user+0x35/0x110
[  332.590806][ T6917]  ___sys_sendmsg+0x120/0x3c0
[  332.590944][ T6917]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  332.591131][ T6917]  ? __rcu_read_unlock+0x7b/0xe0
[  332.591308][ T6917]  ? __fget_files+0x42b/0x500
[  332.591486][ T6917]  ? kmsan_get_metadata+0x13e/0x1c0
[  332.591654][ T6917]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  332.591828][ T6917]  __x64_sys_sendmsg+0x212/0x3c0
[  332.591963][ T6917]  ? kmsan_get_metadata+0x13e/0x1c0
[  332.592117][ T6917]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  332.592293][ T6917]  ? kmsan_get_metadata+0x13e/0x1c0
[  332.592460][ T6917]  x64_sys_call+0x2ed6/0x3c30
[  332.592618][ T6917]  do_syscall_64+0xcd/0x1e0
[  332.592767][ T6917]  ? clear_bhb_loop+0x25/0x80
[  332.592935][ T6917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.593096][ T6917] RIP: 0033:0x7f503998d169
[  332.593192][ T6917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.593301][ T6917] RSP: 002b:00007f50377f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  332.593422][ T6917] RAX: ffffffffffffffda RBX: 00007f5039ba5fa0 RCX: 00007f503998d169
[  332.593515][ T6917] RDX: 0000000020004000 RSI: 00004000000002c0 RDI: 0000000000000003
[  332.593604][ T6917] RBP: 00007f50377f6090 R08: 0000000000000000 R09: 0000000000000000
[  332.593684][ T6917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.593759][ T6917] R13: 0000000000000000 R14: 00007f5039ba5fa0 R15: 00007ffc9f2fb5d8
[  332.593861][ T6917]  </TASK>
[  333.071132][ T6919] netlink: 'syz.5.234': attribute type 4 has an invalid length.
[  333.109180][ T6919] netlink: 'syz.5.234': attribute type 4 has an invalid length.
[  333.171013][ T5794] ocfs2: Unmounting device (7,0) on (node local)
[  333.389718][ T6924] loop3: detected capacity change from 0 to 8
[  334.069121][ T6934] FAULT_INJECTION: forcing a failure.
[  334.069121][ T6934] name failslab, interval 1, probability 0, space 0, times 0
[  334.085287][ T6934] CPU: 1 UID: 0 PID: 6934 Comm: syz.5.242 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  334.085417][ T6934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  334.085490][ T6934] Call Trace:
[  334.085537][ T6934]  <TASK>
[  334.085582][ T6934]  dump_stack_lvl+0x216/0x2d0
[  334.085722][ T6934]  dump_stack+0x1e/0x24
[  334.085834][ T6934]  should_fail_ex+0x767/0x830
[  334.086014][ T6934]  should_failslab+0x17f/0x210
[  334.086181][ T6934]  kmem_cache_alloc_lru_noprof+0xf5/0xe20
[  334.086336][ T6934]  ? kmsan_internal_poison_memory+0x7d/0x90
[  334.086482][ T6934]  ? shmem_alloc_inode+0x5a/0xd0
[  334.086614][ T6934]  ? __kmalloc_cache_noprof+0x8e3/0xdf0
[  334.086755][ T6934]  ? kmsan_get_metadata+0x13e/0x1c0
[  334.086919][ T6934]  shmem_alloc_inode+0x5a/0xd0
[  334.087047][ T6934]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  334.087181][ T6934]  alloc_inode+0x86/0x460
[  334.087348][ T6934]  ? kmsan_get_metadata+0x13e/0x1c0
[  334.087514][ T6934]  new_inode+0x38/0x480
[  334.087670][ T6934]  ? kmsan_get_metadata+0x13e/0x1c0
[  334.087828][ T6934]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  334.088003][ T6934]  shmem_get_inode+0x705/0x1c50
[  334.088154][ T6934]  __shmem_file_setup+0x249/0x4d0
[  334.088339][ T6934]  shmem_file_setup+0x61/0x80
[  334.088509][ T6934]  __se_sys_memfd_create+0x81b/0x11e0
[  334.088654][ T6934]  __x64_sys_memfd_create+0x6c/0xa0
[  334.088785][ T6934]  x64_sys_call+0x3b63/0x3c30
[  334.088928][ T6934]  do_syscall_64+0xcd/0x1e0
[  334.089078][ T6934]  ? clear_bhb_loop+0x25/0x80
[  334.089244][ T6934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.089406][ T6934] RIP: 0033:0x7f7787b8d169
[  334.089502][ T6934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.089611][ T6934] RSP: 002b:00007f7788a97e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  334.089733][ T6934] RAX: ffffffffffffffda RBX: 00000000000004c9 RCX: 00007f7787b8d169
[  334.089827][ T6934] RDX: 00007f7788a97ef0 RSI: 0000000000000000 RDI: 00007f7787c0ec3c
[  334.089912][ T6934] RBP: 00004000000011c0 R08: 00007f7788a97bb7 R09: 00007f7788a97e40
[  334.090002][ T6934] R10: 000000000000000a R11: 0000000000000202 R12: 0000400000000080
[  334.090082][ T6934] R13: 00007f7788a97ef0 R14: 00007f7788a97eb0 R15: 0000400000000380
[  334.090189][ T6934]  </TASK>
[  334.722854][ T5846] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  334.923984][ T5846] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  334.935223][ T5846] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  334.946669][ T5846] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  334.960026][ T5846] usb 5-1: New USB device found, idVendor=05ac, idProduct=030a, bcdDevice=65.8c
[  334.969870][ T5846] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.189676][   T10] kernel write not supported for file /15/net/rt6_stats (pid: 10 comm: kworker/0:1)
[  335.276173][ T5846] usb 5-1: config 0 descriptor??
[  335.353661][ T5846] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input7
[  335.389154][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  335.389226][   T29] audit: type=1326 audit(1741337090.328:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.566533][   T29] audit: type=1326 audit(1741337090.378:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.589361][   T29] audit: type=1326 audit(1741337090.378:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.613908][   T29] audit: type=1326 audit(1741337090.378:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.640356][   T29] audit: type=1326 audit(1741337090.378:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.664217][   T29] audit: type=1326 audit(1741337090.378:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.686803][   T29] audit: type=1326 audit(1741337090.418:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.709564][   T29] audit: type=1326 audit(1741337090.418:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.735682][   T29] audit: type=1326 audit(1741337090.448:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.760394][   T29] audit: type=1326 audit(1741337090.448:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz.5.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7787b8d169 code=0x7ffc0000
[  335.773678][ T6951] netlink: 260 bytes leftover after parsing attributes in process `syz.0.238'.
[  336.677189][ T6958] FAULT_INJECTION: forcing a failure.
[  336.677189][ T6958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.691062][ T6958] CPU: 0 UID: 0 PID: 6958 Comm: syz.5.248 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  336.691191][ T6958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  336.691265][ T6958] Call Trace:
[  336.691312][ T6958]  <TASK>
[  336.691357][ T6958]  dump_stack_lvl+0x216/0x2d0
[  336.691496][ T6958]  dump_stack+0x1e/0x24
[  336.691609][ T6958]  should_fail_ex+0x767/0x830
[  336.691786][ T6958]  should_fail+0x2a/0x40
[  336.691940][ T6958]  should_fail_usercopy+0x2e/0x40
[  336.692122][ T6958]  _copy_from_user+0x35/0x110
[  336.692291][ T6958]  do_sys_poll+0x270/0x2090
[  336.692461][ T6958]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  336.692631][ T6958]  ? do_syscall_64+0xcd/0x1e0
[  336.692782][ T6958]  ? filter_irq_stacks+0x60/0x1a0
[  336.692940][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.693096][ T6958]  ? kstrtoull+0xbf/0x3b0
[  336.693225][ T6958]  ? filter_irq_stacks+0x60/0x1a0
[  336.693368][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.693519][ T6958]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  336.693691][ T6958]  ? _parse_integer_limit+0x387/0x3e0
[  336.693832][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.693997][ T6958]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  336.694163][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.694322][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.694474][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.694623][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.694780][ T6958]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  336.694947][ T6958]  ? timespec64_add_safe+0xa6/0x430
[  336.695135][ T6958]  ? filter_irq_stacks+0x60/0x1a0
[  336.695292][ T6958]  ? stack_depot_save_flags+0x2c/0x750
[  336.695453][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.695618][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.695777][ T6958]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  336.695947][ T6958]  ? timespec64_add_safe+0x36f/0x430
[  336.696130][ T6958]  ? kmsan_get_metadata+0x13e/0x1c0
[  336.696289][ T6958]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  336.696461][ T6958]  __se_sys_poll+0x1d9/0x450
[  336.696626][ T6958]  __x64_sys_poll+0x96/0xe0
[  336.696782][ T6958]  x64_sys_call+0x3566/0x3c30
[  336.696917][ T6958]  do_syscall_64+0xcd/0x1e0
[  336.697069][ T6958]  ? clear_bhb_loop+0x25/0x80
[  336.697229][ T6958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.697391][ T6958] RIP: 0033:0x7f7787b8d169
[  336.697482][ T6958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.697587][ T6958] RSP: 002b:00007f7788a98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[  336.697703][ T6958] RAX: ffffffffffffffda RBX: 00007f7787da5fa0 RCX: 00007f7787b8d169
[  336.697794][ T6958] RDX: 0000000000000009 RSI: 20000000000000b5 RDI: 0000400000000000
[  336.697881][ T6958] RBP: 00007f7788a98090 R08: 0000000000000000 R09: 0000000000000000
[  336.697987][ T6958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.698060][ T6958] R13: 0000000000000000 R14: 00007f7787da5fa0 R15: 00007ffcaa8515b8
[  336.698162][ T6958]  </TASK>
[  337.158436][ T6964] loop3: detected capacity change from 0 to 128
[  337.394593][   T25] usb 5-1: USB disconnect, device number 6
[  337.497529][   T25] appletouch 5-1:0.0: input: appletouch disconnected
[  337.694144][ T5846] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  337.773912][ T6976] loop4: detected capacity change from 0 to 8
[  337.917617][ T6976] cramfs: bad data blocksize 503316507
[  337.926568][ T6976] cramfs: bad data blocksize 503316507
[  337.932813][ T5846] usb 2-1: Using ep0 maxpacket: 16
[  337.983787][ T5846] usb 2-1: config index 0 descriptor too short (expected 27650, got 36)
[  337.992733][ T5846] usb 2-1: config 101 has too many interfaces: 93, using maximum allowed: 32
[  338.001790][ T5846] usb 2-1: config 101 contains an unexpected descriptor of type 0x2, skipping
[  338.011102][ T5846] usb 2-1: config 101 has an invalid descriptor of length 0, skipping remainder of the config
[  338.021690][ T5846] usb 2-1: config 101 has 0 interfaces, different from the descriptor's value: 93
[  338.821303][ T6979] loop5: detected capacity change from 0 to 32768
[  338.832915][ T6979] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.255 (6979)
[  338.882514][ T5846] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  338.895644][ T5846] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.906470][ T5846] usb 2-1: Product: syz
[  338.910890][ T5846] usb 2-1: Manufacturer: syz
[  338.915957][ T5846] usb 2-1: SerialNumber: syz
[  338.950933][ T6979] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  338.961583][ T6979] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm
[  338.970789][ T6979] BTRFS error (device loop5): superblock checksum mismatch
[  338.979326][ T6979] BTRFS error (device loop5): open_ctree failed: -22
[  339.195506][ T6984] loop4: detected capacity change from 0 to 8
[  339.321577][ T6984] SQUASHFS error: zlib decompression failed, data probably corrupt
[  339.330462][ T6984] SQUASHFS error: Failed to read block 0x9b: -5
[  339.337208][ T6984] SQUASHFS error: Unable to read metadata cache entry [99]
[  339.344766][ T6984] SQUASHFS error: Unable to read inode 0x127
[  340.353433][ T6963] loop1: detected capacity change from 0 to 4096
[  340.449199][ T5846] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  340.712852][ T5846] usb 1-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=7a.ac
[  340.722232][ T5846] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.731034][ T5846] usb 1-1: Product: syz
[  340.736611][ T6963] ntfs3(loop1): Failed to read $UpCase (-4).
[  340.746806][ T5846] usb 1-1: Manufacturer: syz
[  340.751646][ T5846] usb 1-1: SerialNumber: syz
[  340.839822][ T5846] usb 1-1: config 0 descriptor??
[  341.026238][ T5846] usb 1-1: interface 1 not found
[  341.301369][   T25] usb 2-1: USB disconnect, device number 9
[  342.218252][ T7008] loop1: detected capacity change from 0 to 512
[  342.299151][ T7008] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  342.455258][ T7008] EXT4-fs (loop1): 1 truncate cleaned up
[  342.463592][ T7008] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.847372][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.068019][ T5846] usb 1-1: USB disconnect, device number 2
[  343.257561][ T7020] loop3: detected capacity change from 0 to 64
[  343.368194][ T7020] hfs: bad catalog entry type 0
[  343.477460][ T7020] tmpfs: Unknown parameter 'usrquota��^�Z"5l��7�S��$ۭ�d3�מg��0gk���}�'
[  343.505034][ T7026] loop5: detected capacity change from 0 to 8
[  343.625140][ T7024] loop1: detected capacity change from 0 to 128
[  343.690766][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  343.690840][   T29] audit: type=1800 audit(1741337098.628:102): pid=7024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.266" name="bus" dev="loop1" ino=19 res=0 errno=0
[  344.016044][   T29] audit: type=1800 audit(1741337098.958:103): pid=7020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.265" name="file1" dev="loop3" ino=18 res=0 errno=0
[  344.234878][ T5797] Bluetooth: hci0: command 0x0406 tx timeout
[  344.235080][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  344.242039][ T5797] Bluetooth: hci1: command 0x0406 tx timeout
[  344.254414][ T5802] Bluetooth: hci3: command 0x0406 tx timeout
[  344.474312][ T7030] loop4: detected capacity change from 0 to 256
[  344.565130][ T7030] exfat: Bad value for 'uid'
[  344.570109][ T7030] exfat: Bad value for 'uid'
[  345.012761][ T5846] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  345.232862][ T5846] usb 4-1: device descriptor read/64, error -71
[  345.517122][ T5846] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  345.536683][ T7030] loop4: detected capacity change from 0 to 32768
[  345.590243][ T7030] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  345.609682][ T7030] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  345.713785][ T5846] usb 4-1: device descriptor read/64, error -71
[  345.833068][ T5846] usb usb4-port1: attempt power cycle
[  345.870956][ T7030] XFS (loop4): Ending clean mount
[  345.902757][   T25] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  346.102799][   T25] usb 2-1: Using ep0 maxpacket: 32
[  346.157695][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  346.167119][   T25] usb 2-1: New USB device found, idVendor=056a, idProduct=037a, bcdDevice= 0.00
[  346.177819][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.224679][ T5846] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  346.294322][   T25] usb 2-1: config 0 descriptor??
[  346.343267][ T5846] usb 4-1: device descriptor read/8, error -71
[  346.607836][ T5846] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  346.691033][ T5846] usb 4-1: device descriptor read/8, error -71
[  346.816198][ T5846] usb usb4-port1: unable to enumerate USB device
[  346.984781][   T25] wacom 0003:056A:037A.0003: ignoring exceeding usage max
[  347.005240][   T25] wacom 0003:056A:037A.0003: unbalanced collection at end of report description
[  347.113576][ T1732] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  347.156441][ T5787] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  347.162721][   T25] wacom 0003:056A:037A.0003: parse failed
[  347.174142][   T25] wacom 0003:056A:037A.0003: probe with driver wacom failed with error -22
[  347.302910][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  347.303528][ T1732] usb 6-1: Using ep0 maxpacket: 16
[  347.310038][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  347.408108][ T1732] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  347.421656][ T1732] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  347.432797][ T1732] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  347.446172][ T1732] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  347.455616][ T1732] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.615915][ T1732] usb 6-1: config 0 descriptor??
[  347.617197][ T7067] loop0: detected capacity change from 0 to 8
[  347.852834][ T7062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.863492][ T7062] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.220611][ T7062] netlink: 4 bytes leftover after parsing attributes in process `syz.5.276'.
[  348.281309][ T7070] FAULT_INJECTION: forcing a failure.
[  348.281309][ T7070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.295530][ T7070] CPU: 0 UID: 0 PID: 7070 Comm: syz.3.280 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  348.295663][ T7070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  348.295742][ T7070] Call Trace:
[  348.295789][ T7070]  <TASK>
[  348.295843][ T7070]  dump_stack_lvl+0x216/0x2d0
[  348.295982][ T7070]  dump_stack+0x1e/0x24
[  348.296096][ T7070]  should_fail_ex+0x767/0x830
[  348.296278][ T7070]  should_fail+0x2a/0x40
[  348.296432][ T7070]  should_fail_usercopy+0x2e/0x40
[  348.296608][ T7070]  _copy_from_user+0x35/0x110
[  348.296794][ T7070]  do_sock_getsockopt+0x206/0x9c0
[  348.296978][ T7070]  __x64_sys_getsockopt+0x449/0x590
[  348.297130][ T7070]  x64_sys_call+0x1554/0x3c30
[  348.297261][ T7070]  do_syscall_64+0xcd/0x1e0
[  348.297395][ T7070]  ? clear_bhb_loop+0x25/0x80
[  348.297558][ T7070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.297721][ T7070] RIP: 0033:0x7ff9b6d8d169
[  348.297823][ T7070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.297936][ T7070] RSP: 002b:00007ff9b6bf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  348.298055][ T7070] RAX: ffffffffffffffda RBX: 00007ff9b6fa5fa0 RCX: 00007ff9b6d8d169
[  348.298149][ T7070] RDX: 00000000000000b8 RSI: 000000000000010d RDI: 0000000000000003
[  348.298227][ T7070] RBP: 00007ff9b6bf9090 R08: 0000400000000240 R09: 0000000000000000
[  348.298310][ T7070] R10: 0000400000000300 R11: 0000000000000246 R12: 0000000000000001
[  348.298387][ T7070] R13: 0000000000000000 R14: 00007ff9b6fa5fa0 R15: 00007ffedf7a1938
[  348.298491][ T7070]  </TASK>
[  348.520461][ T7062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.531485][ T7062] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.679307][ T1732] usbhid 6-1:0.0: can't add hid device: -71
[  348.686453][ T1732] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  348.795721][ T1732] usb 6-1: USB disconnect, device number 2
[  349.007394][ T7075] loop0: detected capacity change from 0 to 128
[  349.108217][ T1732] usb 2-1: USB disconnect, device number 10
[  349.129343][   T29] audit: type=1800 audit(1741337104.038:104): pid=7075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.281" name="bus" dev="loop0" ino=21 res=0 errno=0
[  349.609158][ T7077] loop3: detected capacity change from 0 to 2048
[  349.857746][ T7077] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  351.471441][ T7099] sctp: failed to load transform for md5: -2
[  351.503841][ T7104] sctp: failed to load transform for md5: -2
[  351.619194][ T7101] sctp: failed to load transform for md5: -2
[  352.492760][ T1732] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  352.693823][ T1732] usb 1-1: Using ep0 maxpacket: 32
[  352.737143][ T1732] usb 1-1: config 0 interface 0 has no altsetting 0
[  352.744395][ T1732] usb 1-1: New USB device found, idVendor=056a, idProduct=037a, bcdDevice= 0.00
[  352.754266][ T1732] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.894947][ T1732] usb 1-1: config 0 descriptor??
[  352.905639][ T7141] loop5: detected capacity change from 0 to 128
[  353.031655][   T29] audit: type=1800 audit(1741337107.968:105): pid=7141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.295" name="bus" dev="loop5" ino=23 res=0 errno=0
[  353.238271][ T7146] netlink: 260 bytes leftover after parsing attributes in process `syz.4.298'.
[  353.259671][ T7147] syz.1.297 uses obsolete (PF_INET,SOCK_PACKET)
[  353.301673][ T7147] syzkaller1: entered promiscuous mode
[  353.307685][ T7147] syzkaller1: entered allmulticast mode
[  353.677438][ T1732] wacom 0003:056A:037A.0004: ignoring exceeding usage max
[  353.697021][ T1732] wacom 0003:056A:037A.0004: unbalanced collection at end of report description
[  353.831083][ T1732] wacom 0003:056A:037A.0004: parse failed
[  353.838979][ T1732] wacom 0003:056A:037A.0004: probe with driver wacom failed with error -22
[  355.390980][ T1732] usb 1-1: USB disconnect, device number 3
[  355.728431][ T7174] Bluetooth: MGMT ver 1.23
[  355.938611][ T7183] netlink: 260 bytes leftover after parsing attributes in process `syz.1.311'.
[  356.073266][ T7184] loop5: detected capacity change from 0 to 128
[  356.223624][   T29] audit: type=1800 audit(1741337111.148:106): pid=7184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.310" name="bus" dev="loop5" ino=25 res=0 errno=0
[  357.076902][ T7188] loop3: detected capacity change from 0 to 32768
[  357.372842][ T7188] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[  357.395717][ T7188] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  357.405464][ T7188] bcachefs (loop3): Version upgrade required:
[  357.405464][ T7188] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  357.405464][ T7188] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size
[  357.405464][ T7188]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  357.586809][ T7188] bcachefs (loop3): dropping and reconstructing all alloc info
[  357.658251][ T7188] invalid bkey in btree_node btree=inodes level=0: u64s 18 type inode_v3 0:4099:U32_MAX len 0 ver 0: (unpack error)
[  357.658362][ T7188]   invalid variable length fields: delete?, fixing
[  357.771795][ T7188] bcachefs (loop3): accounting_read... done
[  357.780670][ T7188] bcachefs (loop3): alloc_read... done
[  357.787498][ T7188] bcachefs (loop3): stripes_read... done
[  357.793666][ T7188] bcachefs (loop3): snapshots_read... done
[  357.800168][ T7188] bcachefs (loop3): check_allocations... done
[  358.014582][ T7188] bcachefs (loop3): going read-write
[  358.095023][ T7188] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean
[  358.217829][ T3674] bucket incorrectly unset in freespace btree
[  358.217906][ T3674]   u64s 5 type deleted 0:28:0 len 0 ver 0, , continuing
[  358.233082][ T7188] bcachefs (loop3): done starting filesystem
[  358.234205][ T3674] =====================================================
[  358.249463][ T3674] BUG: KMSAN: uninit-value in rw_aux_tree_set+0x4d2/0x580
[  358.257797][ T3674]  rw_aux_tree_set+0x4d2/0x580
[  358.263013][ T3674]  rw_aux_tree_insert_entry+0x742/0xa20
[  358.268786][ T3674]  bch2_bset_fix_lookup_table+0xf23/0x1470
[  358.275328][ T3674]  bch2_bset_insert+0x1621/0x19f0
[  358.280557][ T3674]  bch2_btree_bset_insert_key+0xf4e/0x2b60
[  358.287253][ T3674]  bch2_btree_insert_key_leaf+0x276/0x1050
[  358.293410][ T3674]  __bch2_trans_commit+0xbbb5/0xd310
[  358.298931][ T3674]  btree_interior_update_work+0x1fd1/0x4830
[  358.306534][ T3674]  process_scheduled_works+0xc1a/0x1e80
[  358.312463][ T3674]  worker_thread+0xea7/0x14f0
[  358.317305][ T3674]  kthread+0x6b9/0xef0
[  358.321552][ T3674]  ret_from_fork+0x6d/0x90
[  358.326342][ T3674]  ret_from_fork_asm+0x1a/0x30
[  358.331295][ T3674] 
[  358.335967][ T3674] Uninit was created at:
[  358.340457][ T3674]  ___kmalloc_large_node+0x22c/0x370
[  358.349023][ T3674]  __kmalloc_large_node_noprof+0x3f/0x1e0
[  358.355948][ T3674]  __kmalloc_node_noprof+0xc96/0x1250
[  358.361529][ T3674]  __kvmalloc_node_noprof+0xc0/0x2d0
[  358.367375][ T3674]  __bch2_btree_node_mem_alloc+0x2be/0xa80
[  358.373526][ T3674]  bch2_fs_btree_cache_init+0x4f0/0xb60
[  358.379298][ T3674]  bch2_fs_open+0x4d84/0x5ba0
[  358.384390][ T3674]  bch2_fs_get_tree+0x98a/0x24e0
[  358.389541][ T3674]  vfs_get_tree+0xb1/0x5a0
[  358.394354][ T3674]  do_new_mount+0x71f/0x15e0
[  358.399145][ T3674]  path_mount+0x742/0x1f10
[  358.403976][ T3674]  __se_sys_mount+0x71f/0x800
[  358.408874][ T3674]  __x64_sys_mount+0xe4/0x150
[  358.413876][ T3674]  x64_sys_call+0x39bf/0x3c30
[  358.418748][ T3674]  do_syscall_64+0xcd/0x1e0
[  358.423756][ T3674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.429883][ T3674] 
[  358.432473][ T3674] CPU: 1 UID: 0 PID: 3674 Comm: kworker/u8:14 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  358.443740][ T3674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  358.456751][ T3674] Workqueue: btree_update btree_interior_update_work
[  358.464769][ T3674] =====================================================
[  358.471843][ T3674] Disabling lock debugging due to kernel taint
[  358.478323][ T3674] Kernel panic - not syncing: kmsan.panic set ...
[  358.484883][ T3674] CPU: 1 UID: 0 PID: 3674 Comm: kworker/u8:14 Tainted: G    B              6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  358.497542][ T3674] Tainted: [B]=BAD_PAGE
[  358.501813][ T3674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  358.512055][ T3674] Workqueue: btree_update btree_interior_update_work
[  358.518995][ T3674] Call Trace:
[  358.522397][ T3674]  <TASK>
[  358.525449][ T3674]  dump_stack_lvl+0x216/0x2d0
[  358.530316][ T3674]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  358.536367][ T3674]  dump_stack+0x1e/0x24
[  358.540696][ T3674]  panic+0x4e2/0xcf0
[  358.544861][ T3674]  ? kmsan_get_metadata+0x51/0x1c0
[  358.550260][ T3674]  kmsan_report+0x2c7/0x2d0
[  358.554974][ T3674]  ? _raw_spin_unlock_irqrestore+0x3f/0x60
[  358.561059][ T3674]  ? __msan_warning+0x95/0x120
[  358.566052][ T3674]  ? rw_aux_tree_set+0x4d2/0x580
[  358.571218][ T3674]  ? rw_aux_tree_insert_entry+0x742/0xa20
[  358.577171][ T3674]  ? bch2_bset_fix_lookup_table+0xf23/0x1470
[  358.583384][ T3674]  ? bch2_bset_insert+0x1621/0x19f0
[  358.588794][ T3674]  ? bch2_btree_bset_insert_key+0xf4e/0x2b60
[  358.595021][ T3674]  ? bch2_btree_insert_key_leaf+0x276/0x1050
[  358.601252][ T3674]  ? __bch2_trans_commit+0xbbb5/0xd310
[  358.606962][ T3674]  ? btree_interior_update_work+0x1fd1/0x4830
[  358.613274][ T3674]  ? process_scheduled_works+0xc1a/0x1e80
[  358.619241][ T3674]  ? worker_thread+0xea7/0x14f0
[  358.624365][ T3674]  ? kthread+0x6b9/0xef0
[  358.628809][ T3674]  ? ret_from_fork+0x6d/0x90
[  358.633593][ T3674]  ? ret_from_fork_asm+0x1a/0x30
[  358.638719][ T3674]  ? bch2_btree_bset_insert_key+0xf4e/0x2b60
[  358.645001][ T3674]  ? bch2_btree_insert_key_leaf+0x276/0x1050
[  358.651242][ T3674]  ? __bch2_trans_commit+0xbbb5/0xd310
[  358.656940][ T3674]  ? btree_interior_update_work+0x1fd1/0x4830
[  358.663249][ T3674]  ? kmsan_get_metadata+0x13e/0x1c0
[  358.668671][ T3674]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  358.674720][ T3674]  ? filter_irq_stacks+0x164/0x1a0
[  358.680071][ T3674]  ? stack_depot_save_flags+0x2c/0x750
[  358.685758][ T3674]  ? kmsan_get_metadata+0x13e/0x1c0
[  358.691190][ T3674]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  358.697748][ T3674]  ? kmsan_get_metadata+0x13e/0x1c0
[  358.703184][ T3674]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  358.709226][ T3674]  __msan_warning+0x95/0x120
[  358.714032][ T3674]  rw_aux_tree_set+0x4d2/0x580
[  358.719024][ T3674]  ? bset_aux_tree_verify+0x44d/0x4a0
[  358.724630][ T3674]  rw_aux_tree_insert_entry+0x742/0xa20
[  358.730430][ T3674]  bch2_bset_fix_lookup_table+0xf23/0x1470
[  358.736477][ T3674]  ? bch2_bkey_pack_key+0x1745/0x1860
[  358.742071][ T3674]  bch2_bset_insert+0x1621/0x19f0
[  358.747318][ T3674]  ? kmsan_get_metadata+0x13e/0x1c0
[  358.752770][ T3674]  bch2_btree_bset_insert_key+0xf4e/0x2b60
[  358.758840][ T3674]  ? __msan_memcpy+0x108/0x1c0
[  358.763857][ T3674]  bch2_btree_insert_key_leaf+0x276/0x1050
[  358.769955][ T3674]  __bch2_trans_commit+0xbbb5/0xd310
[  358.775490][ T3674]  ? btree_interior_update_work+0x1fd1/0x4830
[  358.781837][ T3674]  btree_interior_update_work+0x1fd1/0x4830
[  358.788037][ T3674]  ? __pfx_btree_interior_update_work+0x10/0x10
[  358.794521][ T3674]  process_scheduled_works+0xc1a/0x1e80
[  358.800357][ T3674]  worker_thread+0xea7/0x14f0
[  358.805245][ T3674]  kthread+0x6b9/0xef0
[  358.809506][ T3674]  ? __pfx_worker_thread+0x10/0x10
[  358.814822][ T3674]  ? __pfx_kthread+0x10/0x10
[  358.819609][ T3674]  ret_from_fork+0x6d/0x90
[  358.824218][ T3674]  ? __pfx_kthread+0x10/0x10
[  358.829009][ T3674]  ret_from_fork_asm+0x1a/0x30
[  358.833993][ T3674]  </TASK>
[  358.837452][ T3674] Kernel Offset: disabled
[  358.841842][ T3674] Rebooting in 86400 seconds..